基于投票和以太坊智能合约的云数据审计方案

Cloud data auditing scheme based on voting and Ethereum smart contracts

确保云数据的完整性是亟待解决的安全挑战,受到广泛应用的区块链技术为应对该安全挑战提供了良好的解决方案。当前结合区块链和智能合约技术,并由矿工参与审计验证工作的方案存在审计效率低、通信开销大和数据拥有者(DO)审计负担重等不足。针对上述问题,提出一种基于投票和以太坊智能合约的云数据审计方案(CASVEC)。首先,结合投票机制和智能合约技术在以太坊上设计并部署了去中心化自治组织(DAO),DAO中节点投票选举出一个审计节点代替矿工的审计验证工作,从而有效解决验证审计证明阶段效率低的问题,并且投票机制引入信誉值保证投票公平可靠。其次,仅使用少量链上资源存储审计结果以降低通信过程中的数据量,从而有效解决验证审计证明阶段通信开销大的问题。此外,DO仅需向DAO委托一次审计请求以及查询最终的审计结果,无需频繁调用智能合约交换审计相关信息,减轻了审计负担。最后,从理论和实验角度验证了与当前基于区块链的云审计方案相比,CASVEC能够显著降低验证审计证明阶段的时间开销和通信开销,以及审计阶段DO的时间开销。

Ensuring cloud data integrity has become a security challenge that needs to be solved immediately.Widelyutilized blockchain technology provides a suitable solution to deal with this security challenge.The existing schemes combining blockchain and smart contract technology in which miners perform auditing validation work,suffer from low auditing efficiency,high communication overhead,and heavy auditing burden on Data Owner(DO).In response to the above issues,a Cloud data Auditing Scheme based on Voting mechanism and Ethereum smart Contracts(CASVEC)was proposed.Firstly,a Decentralized Autonomous Organization(DAO)was designed and deployed on Ethereum by combining voting mechanism and smart contract technology.The nodes of DAO voted to elect an auditing node to replace miners for the auditing verification work,effectively solving the defect of low efficiency in validation audit proof phase.Besides,reputation value was designed to ensure fairness and reliability of the voting process.Secondly,only a few on-chain resources were used to store final auditing results to reduce data volume during communication process,thus effectively solving the problem of high communication overhead in validation audit proof phase.Furthermore,DO only needed to delegate one audit request and retrieve final audit result from DAO.In the above process,DO had no need to call smart contracts so frequently to exchange related information,lightening the auditing burden of DO.Finally,from the theoretical analysis and experimental result perspectives,it was verified that compared with current blockchain-based cloud auditing schemes,CASVEC can significantly reduce time overhead and communication overhead of validation audit proof phase,as well as DO time overhead of audit phase.