摘要
数据去重技术用于删除云存储系统中的冗余数据,可以提高存储效率,节约网络带宽。用户为了保护数据隐私,通常将数据加密后上传至云服务器,这给数据去重操作带来了较大的困难。如何在保证数据隐私的前提下,实现安全高效的数据去重是云计算安全领域研究的热点问题。因此,文章提出了一种基于授权记录的云存储加密数据去重方法,该方法基于双线性映射构造数据标签,设计了一种授权记录存储结构。根据数据流行程度,采用不同的加密方式,利用代理重加密进行密钥转换,无须实时在线的第三方参与,确保标签不泄露任何明文信息,实现数据的所有权验证,可以确保去重数据的安全性。文章分析并证明了所提方案的安全性和正确性,实验结果也说明了方案的可行性和高效性。
Data deduplication can be used to remove redundant data in cloud storage system,which can improve storage efficiency and save network bandwidth.In order to protect data privacy,cloud users tend to upload data in the form of encrypted ciphertext.However,it makes the data deduplication more difficult.It is a hot issue in cloud computing security filed that how to achieve safe and efficient data deduplication under the premise of ensuring data privacy.This paper proposes a method for deduplication of encrypted data in cloud storage based on authorization records.Based on bilinear mapping,data tag scheme is adopted which is used for duplicate check,and designs an authorization record storage structure.According to the popularity of data,different encryption strategies are applied.We get converted keys by proxy re-encryption.Without any real-time online the third party to participate in,to ensure that the tag does not leak any exploitable information.By implementing the proof of ownership,the security of deduplication data can be ensured.The correctness and security of our scheme are analyzed and proved.The experimental results show the feasibility and efficiency of our scheme.
作者
张艺
刘红燕
咸鹤群
田呈亮
ZHANG Yi;LIU Hongyan;XIAN Hequn;TIAN Chengliang(College of Computer Science and Technology,Qingdao University,Qingdao 266071,China;Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China)
出处
《信息网络安全》
CSCD
北大核心
2020年第3期75-82,共8页
Netinfo Security
基金
国家自然科学基金[61702294]
山东省自然科学基金[ZR2019MF058]。
关键词
授权记录
双线性映射
数据去重
数据流行度
代理重加密
authorization record
bilinear mapping
data deduplication
data popularity
proxy re-encryption
