基于嵌套Merkle Hash tree区块链的云数据动态审计模型

doi:10.11772/j.issn.1001-9081.2019040764

摘要
图/表
参考文献(0)
相关文章 (15)

全文: PDF (1372 KB) HTML
输出: BibTeX | EndNote (RIS)

摘要云存储凭借高扩展性、高可靠性、低成本的数据管理优点得到用户青睐。然而，如何确保云数据完整性成为亟待解决的安全问题。当前最成熟、高效的云数据完整性审计方案是基于半可信第三方来提供公共审计服务，但基于半可信第三方审计方案存在单点失效、算力瓶颈和错误数据定位效率低等问题。为了解决上述问题，提出了基于区块链的云数据动态审计模型。首先，采用分布式网络、共识算法建立一个由众多审计实体组成的区块链审计网络，并以此来解决单点失效和算力瓶颈问题；然后，在保证区块链数据可信度的前提下，引入变色龙哈希算法和嵌套MHT结构，以实现云数据标签在区块链上的动态操作；最后，借助嵌套MHT结构以及辅助路径信息，提高了在审计发生错误时对错误数据的定位效率。实验结果表明，与基于半可信第三方云数据动态审计方案相比，所提模型显著提高了审计效率，降低了数据动态操作时间开销，并提升了错误数据定位效率。

	服务

	把本文推荐给朋友
	加入我的书架
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章
	周坚
	金瑜
	何亨
	李鹏

关键词 ：区块链, 云存储, 动态操作, 审计, 变色龙哈希

Abstract：Cloud storage is popular to users for its high scalability, high reliability, and low-cost data management. However, it is an important security problem to safeguard the cloud data integrity. Currently, providing public auditing services based on semi-trusted third party is the most popular and effective cloud data integrity audit scheme, but there are still some shortcomings such as single point of failure, computing power bottlenecks, and low efficient positioning of erroneous data. Aiming at these defects, a dynamic cloud data audit model based on block chain was proposed. Firstly, distributed network and consensus algorithm were used to establish a block chain audit network with multiple audit entities to solve the problems of single point of failure and computing power bottlenecks. Then, on the guarantee of the reliability of block chain, chameleon Hash algorithm and nest Merkle Hash Tree (MHT) structure were introduced to realize the dynamic operation of cloud data tags in block chain. Finally, by using nest MHT structure and auxiliary path information, the efficiency of erroneous data positioning was increased when error occurring in audit procedure. The experimental results show that compared with the semi-trusted third-party cloud data dynamic audit scheme, the proposed model significantly improves the audit efficiency, reduces the data dynamic operation time cost and increases the erroneous data positioning efficiency.

Key words： block chain cloud storage dynamic operation audit chameleon Hash

收稿日期: 2019-05-06 出版日期: 2019-08-26

中图分类号:	TP393.08
	TP399

作者简介: 周坚(1994-),男,湖北咸宁人,硕士研究生,主要研究方向:云计算安全;金瑜(1973-),女,湖北武汉人,副教授,博士,主要研究方向:云计算、软件定义网络、网络安全;何亨(1981-),男,湖北武汉人,副教授,博士,主要研究方向:云计算、软件定义网络、网络安全;李鹏(1981-),男,湖北武汉人,副教授,博士,主要研究方向:车联网。

引用本文:

周坚, 金瑜, 何亨, 李鹏. 基于嵌套Merkle Hash tree区块链的云数据动态审计模型[J]. 计算机应用, 2019, 39(12): 3575-3583. ZHOU Jian, JIN Yu, HE Heng, LI Peng. Dynamic cloud data audit model based on nest Merkle Hash tree block chain. Journal of Computer Applications, 2019, 39(12): 3575-3583.

链接本文:

http://www.joca.cn/CN/10.11772/j.issn.1001-9081.2019040764 或 http://www.joca.cn/CN/Y2019/V39/I12/3575

[1] 谭霜,贾焰,韩伟红.云存储中的数据完整性证明研究及进展[J].计算机自动化学报,2015,38(1):164-177.(TAN S, JIA Y, HAN W H. Research and development of provable data integrity in cloud storage[J]. Chinese Journal of Computers, 2015, 38(1):164-177.)
[2] WANG Q, WANG C, LI J, et al. Enabling public verifiability and data dynamics for storage security in cloud computing[C]//Proceedings of the 2009 European Conference on Research in Computer Security, LNCS 5789. Berlin:Springer, 2009:355-370.
[3] WANG C, WANG Q, REN K, et al. Privacy-preserving public auditing for data storage security in cloud computing[C]//Proceedings of the 29th Conference on Information communications. Piscataway:IEEE, 2010:525-533.
[4] ZHENG Q, XU S. Fair and dynamic proofs of retrievability[C]//Proceedings of the 1st ACM Conference on Data and Application Security and Privacy. New York:ACM, 2011:290-295.
[5] WANG Q, WANG C, REN K, et al. Enabling public auditability and data dynamics for storage security in cloud computing[J]. IEEE Transactions on Parallel and Distributed Systems, 2011, 22(5):847-859.
[6] YANG K, JIA X. An efficient and secure dynamic auditing protocol for data storage in cloud computing[J]. IEEE Transactions on Parallel and Distributed Systems, 2013, 24(9):1717-1726.
[7] ERWAY C C, KÜPÇÜ A, PAPAMANTHOU C, et al. Dynamic provable data possession[J]. ACM Transactions on Information and System Security. New York:ACM, 2015:Article No.15.
[8] 李勇,姚戈,雷丽楠,等.基于多分支路径树的云存储数据完整性验证机制[J].清华大学学报(自然科学版),2016,56(5):504-510.(LI Y, YAO G, LEI L N, et al. LBT-based cloud data integrity verification scheme[J]. Journal of Tsinghua University (Science and Technology), 2016, 56(5):504-510).
[9] GARG N, BAWA S. RITS-MHT:relative indexed and time stamped merkle Hash tree based data auditing protocol for cloud computing[J]. Journal of Network and Computer Applications, 2017, 84:1-13.
[10] FILHO D L G, BARRETO P S L M. Demonstrating data possession and uncheatable data transfer[EB/OL].[2019-01-20]. https://eprint.iacr.org/2006/150.pdf.
[11] DESWARTE Y, QUISQUATER J J, SA? DANE A. Remote integrity checking[C]//Proceedings of the 2003 Working Conference on Integrity and Internal Control in Information Systems, IFIPAICT 140. Boston:Springer, 2004:1-11.
[12] ATENIESE G, BURNS R, CURTMOLA R, et al. Provable data possession at untrusted stores[C]//Proceedings of the 14th ACM Conference on Computer and Communications Security. New York:ACM, 2007:598-609.
[13] ATENIESE G, DI PIETRO R, MANCINI L V, et al. Scalable and efficient provable data possession[C]//Proceedings of the 4th International Conference on Security and Privacy in Communication Networks. New York,:ACM, 2008:Article No. 9.
[14] CURTMOLA R, KHAN O, BURNS R C, et al. Robust remote data checking[C]//Proceedings of the 4th ACM International Workshop on Storage Security and Survivability. New York:ACM, 2008:63-68.
[15] ATENIESE G, BURNS R, CURTMOLA R, et al. Remote data checking using provable data possession[J]. ACM Transactions on Information and System Security, 2011, 14(1):Article No.12.
[16] 袁勇,王飞跃.区块链技术发展现状与展望[J].自动化学报,2016,42(4):481-494.(YUAN Y, WANG F Y. Blockchain:the state of the art and future treads[J]. Acta Automatica Sinica, 2016, 42(4):481-494.)
[17] 谢辉,王健.区块链技术及其应用研究[J].信息网络安全,2016(9):192-195.(XIE H, WANG J. Study on blockchain technology and its applications[J]. Netinfo Security, 2016(9):192-195)
[18] 何蒲,于戈,张岩峰,等.区块链技术与应用前瞻综述[J].计算机科学,2017,44(4):1-7,15.(HE P, YU G, ZHANG Y F, et al. Survey on blockchain technology and its application prospect[J]. Computer Science, 2017, 44(4):1-7, 15.)
[19] 杨宇光,张树新.区块链共识机制综述[J].信息安全研究,2018,4(4):369-379.(YANG Y G, ZHANG S X. Review and research for consensus mechanism of block chain[J]. Journal of Information Security Research, 2018, 4(4):369-379)
[20] NAKAMOTO S. Bitcoin:a peer-to-peer electronic cash system[EB/OL].[2019-01-20]. https:/bitcoin.org/bitcoin.pdf.
[21] LARIMER D. Transactions as proof-of-stake[EB/OL].[2019-01-20]. http://7fvhfe.com1.z0.glb.clouddn.com/wp-content/uploads/2014/01/TransactionsAsProofOfStake10.pdf.
[22] LARIMER D. Delegated proof-of-stake white paper[EB/OL].[2019-01-20]. http://www.bts.hk/dpos-baipishu.html.
[23] 杜欣军,王莹,葛建华,等.基于双线性对的Chameleon签名方案[J].软件学报,2007,18(10):2662-2668.(DU X J, WANG Y, GE J H, et al. Chameleon signature from bilinear pairing[J]. Journal of Software, 2007, 18(10):2662-2668.)
[24] 李佩丽,徐海霞,马添军,等.可更改区块链技术研究[J].密码学报,2018, 5(5):501-509.(LI P L, XU H X, MA T J, et al. Research on fault-correcting blockchain technology[J]. Journal of Cryptologic Research, 2018, 5(5):501-509.)