全生命周期的云外包数据安全审计协议

doi:10.11772/j.issn.1001-9081.2018122438

摘要
图/表
参考文献(0)
相关文章 (15)

全文: PDF (832 KB) HTML
输出: BibTeX | EndNote (RIS)

摘要

海量数据的产生给用户带来了极大的存储和计算负担，云服务器的出现很好地解决了这一问题，但数据外包给用户带来便利的同时，也引起了一些的安全问题。针对数据在外包过程中的安全性问题，结合经典的字符串相等检测协议和基于等级的默克尔哈希树（RMHT）算法，设计并实现了一种理论更简化、效率更高的全生命周期的云外包数据安全审计协议。该协议不仅可以保证外包存储数据的完整性，用户可以定期对数据的完整性进行审计；而且可以保证数据的安全迁移；此外，还可以防止恶意的云服务器保留迁移数据的副本，更好地保护用户的隐私。安全性分析和效率分析显示，该协议足够安全并较为高效，外包数据在整个生命周期的安全性将得到较好的保护。

	服务

	把本文推荐给朋友
	加入我的书架
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章
	柳玉东王绪安涂广升王涵

关键词 ：云存储, 外包数据, 全生命周期, 可证明安全, 审计协议

Abstract：

The generation of massive data brings a huge storage and computational burden to users, and the emergence of cloud servers solves this problem well. However, data outsourcing brings convenience to users while it also causes some security problems. In order to solve the security problem of data in the outsourcing process, a simpler and more efficient cloud outsourcing data security auditing protocol throughout whole lifecycle was designed and implemented, which was combined with classical distributed string equality checking protocol and Rank-based Merkel Hash Tree (RMHT) algorithm. The protocol not only can protect the integrity of outsourced storage data, allowing users periodically audit its integrity, but also can guarantee the secure transfer of cloud data. Besides, the copy of transfer data can avoid being reserved by malicious cloud servers, protecting users' privacy well. The analyses of security and efficiency show that the proposed protocol is sufficiently secure and comparatively efficient, the security of outsourcing data throughout its whole lifecycle will be protected well.

Key words： cloud storage outsourcing data whole lifecycle provable security auditing protocol

收稿日期: 2018-12-10 出版日期: 2019-04-08

中图分类号:

TP309.7

基金资助:

国家自然科学基金资助项目（61772550，U1636114，61572521）；国家密码发展基金资助项目（MMJJ20170112）；国家重点研发计划资助项目（2017YFB0802000）；陕西省自然科学基础研究计划项目（2018JM6028）。

通讯作者: 柳玉东 E-mail: 1269124170@qq.com

作者简介: 柳玉东(1995-),男,河南南阳人,硕士研究生,主要研究方向:密码学、信息安全;王绪安(1981-),男,湖北公安人,副教授,博士,主要研究方向:密码学、信息安全;涂广升(1992-),男,河南驻马店人,硕士研究生,主要研究方向:密码学;王涵(1995-),男,辽宁沈阳人,硕士研究生,主要研究方向:密码学、信息安全。

引用本文:

柳玉东, 王绪安, 涂广升, 王涵. 全生命周期的云外包数据安全审计协议[J]. 计算机应用, 2019, 39(7): 1954-1958. LIU Yudong, WANG Xu'an, TU Guangsheng, WANG Han. Cloud outsourcing data secure auditing protocol throughout whole lifecycle. Journal of Computer Applications, 2019, 39(7): 1954-1958.

链接本文:

http://www.joca.cn/CN/10.11772/j.issn.1001-9081.2018122438 或 http://www.joca.cn/CN/Y2019/V39/I7/1954

[1] 杨娜.云计算与云存储技术研究[J].黑龙江科学,2014(12):234-234.(YAN N. Research on cloud computing and cloud storage technology[J]. Heilongjiang Science, 2014(12):234-234.)
[2] SUN W, LIU X, LOU W, et al. Catch you if you lie to me:efficient verifiable conjunctive keyword search over large dynamic encrypted cloud data[C]//Proceedings of the 2015 IEEE Conference on Computer Communications. Piscataway, NJ:IEEE, 2015:2110-2118.
[3] LIU X, ZHANG Y, WANG B, et al. Mona:secure multiowner data sharing for dynamic groups in the cloud[J]. IEEE Transactions on Parallel and Distributed Systems, 2013, 24(6):1182-1191.
[4] 陈兰香,许力.云存储服务中可证明数据持有及恢复技术研究[J].计算机研究与发展,2012,49(s1):19-25.(CHEN L X, XU L. Research on data hold and recovery technology in cloud storage service[J]. Journal of Computer Research and Development, 2012, 49(s1):19-25.)
[5] LIU J, HUANG K, RONG H, et al. Privacy-preserving public auditing for regenerating-code-based cloud storage[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(7):1513-1528.
[6] XIANG T, LI X, CHEN F, et al. Achieving verifiable, dynamic and efficient auditing for outsourced database in cloud[J]. Journal of Parallel and Distributed Computing, 2018, 112:97-107.
[7] 谭霜,贾焰,韩伟红.云存储中的数据完整性证明研究及进展[J].计算机学报,2015,38(1):164-177.(TAN S, JIA Y, HAN W H, Research and development of data integrity proof in cloud storage[J]. Chinese Journal of Computers, 2015, 38(1):164-177.)
[8] SHEN W, QIN J, YU J, et al. Enabling identity-based integrity auditing and data sharing with sensitive information hiding for secure cloud storage[J]. IEEE Transactions on Information Forensics and Security, 2019, 14(2):331-346.
[9] ATENIESES G, BURNS R, CURTMOL R, et al. Provable data possession at untrusted stores[C]//Proceedings of the 2007 ACM Conference on Computer and Communications Security. New York:ACM, 2007:598-609.
[10] ZHU Y, HU H, AHN G J, et al. Cooperative provable data possession for integrity verification in multicloud storage[J]. IEEE Transactions on Parallel and Distributed Systems, 2012, 23(12):2231-2244.
[11] 张毅.云存储服务中可证明数据持有及恢复技术分析[J].电子设计技术,2014(2):25-33.(ZHANG Y. Data storage and recovery technology analysis in cloud storage services[J]. Electronic Design Technology, 2014(2):25-33.)
[12] 徐葵.云存储环境下数据持有性审计技术研究与应用[D].长沙:湖南大学,2013:32-39.(XU K. Research and application of data holding audit technology in cloud storage environment[D]. Changsha:Hunan University, 2013:32-39.)
[13] YU Y, NI J, WU W, et al. Provable data possession supporting secure data transfer for cloud storage[C]//Proceedings of the 2016 International Conference on Broadband and Wireless Computing. Piscataway, NJ:IEEE, 2016:88-96.
[14] HAN J, SUSILO W, MU Y, et al. Attribute-based data transfer with filtering scheme in cloud computing[J]. Computer Journal, 2014, 57(4):579-591.
[15] KLONOWSKI M, PRZYKUCKI M, STRUMINSKI T. Data deletion with provable security[C]//WISA 2008:Proceedings of the 2008 International Workshop on Information Security Applications. Berlin:Springer, 2008:240-255.
[16] 冯登国,张敏,张妍,等.云计算安全研究[J].软件学报,2011,22(1):71-83.(FENG D G, ZHANG M, ZHANG Y, et al. Cloud computing security research[J]. Journal of Software, 2011, 22(1):71-83.)
[17] Wikipedia. Communication complexity[EB/OL].[2018-10-12]. http://en.wikipedia.org/wiki/Communicationcomplexity.
[18] CHEN F, XIANG T, YANG Y, et al. Secure cloud storage hits distributed string equality checking:more efficient, conceptually simpler, and provably secure[C]//Proceedings of the 2014 IEEE Conference on Computer Communications. Piscataway, NJ IEEE, 2014:2389-2397.
[19] XUE L, NI J, LI Y, et al. Provable data transfer from provable data possession and deletion in cloud storage[J]. Computer Standards and Interfaces, 2016, 54(1):46-54.
[20] WANG C, CHOW S S M, WANG Q, et al. Privacy-preserving public auditing for secure cloud storage[J]. IEEE Transactions on Computers, 2013, 62(2):362-375.