计算机应用 ›› 2016, Vol. 36 ›› Issue (10): 2715-2722.DOI: 10.11772/j.issn.1001-9081.2016.10.2715

• 网络空间安全 • 上一篇    下一篇

面向云数据安全自毁的分布式哈希表网络节点信任评估机制

王栋1,2, 熊金波1,3, 张晓颖1   

  1. 1. 福建师范大学 软件学院, 福州 350117;
    2. 厦门大学 软件学院, 福建 厦门 361005;
    3. 福建省公共服务大数据挖掘与应用工程技术研究中心, 福州 350117
  • 收稿日期:2016-04-08 修回日期:2016-06-15 出版日期:2016-10-10 发布日期:2016-10-10
  • 通讯作者: 熊金波,E-mail:jinbo810@163.com
  • 作者简介:王栋(1993—),男,福建福州人,硕士研究生,主要研究方向:信任评估、数据安全;熊金波(1981—),男,湖南益阳人,副教授,博士,CCF会员,主要研究方向:云数据安全、隐私保护;张晓颖(1995—),女,福建泉州人,主要研究方向:信任评估、数据安全。
  • 基金资助:
    国家自然科学基金资助项目(61402109,61370078);福建省自然科学基金资助项目(2015J05120);福建省高校杰出青年科研人才培育计划项目(2015)。

Trust evaluation mechanism for distributed Hash table network nodes in cloud data secure self-destruction system

WANG Dong1,2, XIONG Jinbo1,3, ZHANG Xiaoying1   

  1. 1. Faculty of Software, Fujian Normal University, Fuzhou Fujian 350117, China;
    2. Faculty of Software, Xiamen University, Xiamen Fujian 361005, China;
    3. Fujian Engineering Research Center of Public Service Big Data Mining and Application, Fuzhou Fujian 350117, China
  • Received:2016-04-08 Revised:2016-06-15 Online:2016-10-10 Published:2016-10-10
  • Supported by:
    BackgroundThis work is partially supported by the National Natural Science Foundation of China (61402109, 61370078), the Natural Science Foundation of Fujian Province (2015J05120), the Distinguished Young Scientific Research Talents Plan in Universities of Fujian Province (2015).

摘要: 在云环境下的数据自毁机制中,针对分布式哈希表(DHT)网络的恶意节点和不诚信节点容易造成密钥分量丢失或泄露等问题,提出面向云数据安全自毁的DHT网络节点信任评估机制。该机制首先为节点建立二维信任评估模型,对节点可信程度进行定性和定量的考察;接着改进节点直接信任值和推荐信任值的计算方法,充分考虑节点内外因素,从节点运行环境和交互经验两个维度出发并细化到不同层级计算节点信任值,得到信任评价子云;然后将各个信任评价子云加权合成得到综合信任云,采用云发生器描绘出综合信任云一维高斯云图形;最后结合信任决策算法选出最优可信节点。实验结果表明该机制能够帮助原有的数据自毁机制找到更适合存储密钥分量的DHT网络节点,提高了系统的容灾能力并降低了系统计算负载。

关键词: 云数据, 数据自毁, 分布式哈希表, 信任评估, 信任云

Abstract: Distributed Hash Table (DHT) network is widely used in secure self-destruction schemes of privacy data in cloud computing environment, but malicious nodes and dishonest nodes in the DHT network easily lead to key shares loss or leakage. To tackle those problems, a trust evaluation mechanism was proposed for the DHT network used in cloud-data secure self-destruction system. In this mechanism, a trust cloud model was established for DHT nodes to describe their trust information qualitatively and quantitatively. By introducing an improved calculation method of direct trust value together with recommended trust value and fully considering the internal and external factors of DHT nodes, the trust value of nodes were first calculated on two dimensions consisted of operating experiment and interactive experience. The result data were used to build trust evaluation sub-cloud for each index. After that, all these trust evaluation sub-clouds were summed up to generate the comprehensive trust cloud according to the weights of different evaluation indexes. Then, the comprehensive trust cloud, by means of cloud generator algorithm, could be described as one-dimensional normal cloud. Finally, the reliable and efficient nodes could be selected using trust decision algorithm. Experimental results show that the proposed mechanism can help original data self-destruction system making comprehensive trust decision and finding reliable DHT network nodes, further enhancing disaster-tolerant capability and reducing computational cost of the system.

Key words: cloud data, data self-destruction, Distributed Hash Table (DHT), trust evaluation, trust cloud

中图分类号: