计算机应用 ›› 2019, Vol. 39 ›› Issue (12): 3575-3583.DOI: 10.11772/j.issn.1001-9081.2019040764

• 网络空间安全 • 上一篇    下一篇

基于嵌套Merkle Hash tree区块链的云数据动态审计模型

周坚1,2, 金瑜1,2, 何亨2, 李鹏2   

  1. 1. 武汉科技大学 计算机科学与技术学院, 武汉 430065;
    2. 湖北省智能信息处理与实时工业系统重点实验室, 武汉 430065
  • 收稿日期:2019-05-06 修回日期:2019-08-06 出版日期:2019-12-10 发布日期:2019-08-26
  • 作者简介:周坚(1994-),男,湖北咸宁人,硕士研究生,主要研究方向:云计算安全;金瑜(1973-),女,湖北武汉人,副教授,博士,主要研究方向:云计算、软件定义网络、网络安全;何亨(1981-),男,湖北武汉人,副教授,博士,主要研究方向:云计算、软件定义网络、网络安全;李鹏(1981-),男,湖北武汉人,副教授,博士,主要研究方向:车联网。

Dynamic cloud data audit model based on nest Merkle Hash tree block chain

ZHOU Jian1,2, JIN Yu1,2, HE Heng2, LI Peng2   

  1. 1. College of Computer Science and Technology, Wuhan University of Science and Technology, Wuhan Hubei 430065, China;
    2. Hubei Province Key Laboratory of Intelligent Information Processing and Real-time Industrial System, Wuhan Hubei 430065, China
  • Received:2019-05-06 Revised:2019-08-06 Online:2019-12-10 Published:2019-08-26
  • Contact: 金瑜

摘要: 云存储凭借高扩展性、高可靠性、低成本的数据管理优点得到用户青睐。然而,如何确保云数据完整性成为亟待解决的安全问题。当前最成熟、高效的云数据完整性审计方案是基于半可信第三方来提供公共审计服务,但基于半可信第三方审计方案存在单点失效、算力瓶颈和错误数据定位效率低等问题。为了解决上述问题,提出了基于区块链的云数据动态审计模型。首先,采用分布式网络、共识算法建立一个由众多审计实体组成的区块链审计网络,并以此来解决单点失效和算力瓶颈问题;然后,在保证区块链数据可信度的前提下,引入变色龙哈希算法和嵌套MHT结构,以实现云数据标签在区块链上的动态操作;最后,借助嵌套MHT结构以及辅助路径信息,提高了在审计发生错误时对错误数据的定位效率。实验结果表明,与基于半可信第三方云数据动态审计方案相比,所提模型显著提高了审计效率,降低了数据动态操作时间开销,并提升了错误数据定位效率。

关键词: 区块链, 云存储, 动态操作, 审计, 变色龙哈希

Abstract: Cloud storage is popular to users for its high scalability, high reliability, and low-cost data management. However, it is an important security problem to safeguard the cloud data integrity. Currently, providing public auditing services based on semi-trusted third party is the most popular and effective cloud data integrity audit scheme, but there are still some shortcomings such as single point of failure, computing power bottlenecks, and low efficient positioning of erroneous data. Aiming at these defects, a dynamic cloud data audit model based on block chain was proposed. Firstly, distributed network and consensus algorithm were used to establish a block chain audit network with multiple audit entities to solve the problems of single point of failure and computing power bottlenecks. Then, on the guarantee of the reliability of block chain, chameleon Hash algorithm and nest Merkle Hash Tree (MHT) structure were introduced to realize the dynamic operation of cloud data tags in block chain. Finally, by using nest MHT structure and auxiliary path information, the efficiency of erroneous data positioning was increased when error occurring in audit procedure. The experimental results show that compared with the semi-trusted third-party cloud data dynamic audit scheme, the proposed model significantly improves the audit efficiency, reduces the data dynamic operation time cost and increases the erroneous data positioning efficiency.

Key words: block chain, cloud storage, dynamic operation, audit, chameleon Hash

中图分类号: