计算机应用 ›› 2019, Vol. 39 ›› Issue (7): 1954-1958.DOI: 10.11772/j.issn.1001-9081.2018122438

• 网络空间安全 • 上一篇    下一篇

全生命周期的云外包数据安全审计协议

柳玉东1,2, 王绪安2, 涂广升1,2, 王涵1,2   

  1. 1. 武警工程大学 研究生大队, 西安 710086;
    2. 网络与信息安全武警部队重点实验室(武警工程大学), 西安 710086
  • 收稿日期:2018-12-10 修回日期:2019-02-25 出版日期:2019-07-10 发布日期:2019-04-08
  • 通讯作者: 柳玉东
  • 作者简介:柳玉东(1995-),男,河南南阳人,硕士研究生,主要研究方向:密码学、信息安全;王绪安(1981-),男,湖北公安人,副教授,博士,主要研究方向:密码学、信息安全;涂广升(1992-),男,河南驻马店人,硕士研究生,主要研究方向:密码学;王涵(1995-),男,辽宁沈阳人,硕士研究生,主要研究方向:密码学、信息安全。
  • 基金资助:

    国家自然科学基金资助项目(61772550,U1636114,61572521);国家密码发展基金资助项目(MMJJ20170112);国家重点研发计划资助项目(2017YFB0802000);陕西省自然科学基础研究计划项目(2018JM6028)。

Cloud outsourcing data secure auditing protocol throughout whole lifecycle

LIU Yudong<sup>1,2</sup>, WANG Xu'an<sup>2</sup>, TU Guangsheng<sup>1,2</sup>, WANG Han<sup>1,2</sup>   

  1. 1. Graduate Team, Engineering University of PAP, Xi'an Shaanxi 710086, China;
    2. Key Laboratory of Network and Information Security under the PAP(Engineering University of PAP), Xi'an Shaanxi 710086, China
  • Received:2018-12-10 Revised:2019-02-25 Online:2019-07-10 Published:2019-04-08
  • Supported by:

    This work is partially supported by the National Natural Science Foundation of China (61772550, U1636114, 61572521), the National Cryptography Development Fund of China (MMJJ20170112), the National Key Research and Development Program of China (2017YFB0802000), the Natural Science Basic Research Plan in Shaanxi Province of China (2018JM6028).

摘要:

海量数据的产生给用户带来了极大的存储和计算负担,云服务器的出现很好地解决了这一问题,但数据外包给用户带来便利的同时,也引起了一些的安全问题。针对数据在外包过程中的安全性问题,结合经典的字符串相等检测协议和基于等级的默克尔哈希树(RMHT)算法,设计并实现了一种理论更简化、效率更高的全生命周期的云外包数据安全审计协议。该协议不仅可以保证外包存储数据的完整性,用户可以定期对数据的完整性进行审计;而且可以保证数据的安全迁移;此外,还可以防止恶意的云服务器保留迁移数据的副本,更好地保护用户的隐私。安全性分析和效率分析显示,该协议足够安全并较为高效,外包数据在整个生命周期的安全性将得到较好的保护。

关键词: 云存储, 外包数据, 全生命周期, 可证明安全, 审计协议

Abstract:

The generation of massive data brings a huge storage and computational burden to users, and the emergence of cloud servers solves this problem well. However, data outsourcing brings convenience to users while it also causes some security problems. In order to solve the security problem of data in the outsourcing process, a simpler and more efficient cloud outsourcing data security auditing protocol throughout whole lifecycle was designed and implemented, which was combined with classical distributed string equality checking protocol and Rank-based Merkel Hash Tree (RMHT) algorithm. The protocol not only can protect the integrity of outsourced storage data, allowing users periodically audit its integrity, but also can guarantee the secure transfer of cloud data. Besides, the copy of transfer data can avoid being reserved by malicious cloud servers, protecting users' privacy well. The analyses of security and efficiency show that the proposed protocol is sufficiently secure and comparatively efficient, the security of outsourcing data throughout its whole lifecycle will be protected well.

Key words: cloud storage, outsourcing data, whole lifecycle, provable security, auditing protocol

中图分类号: