Journal of Computer Applications ›› 2024, Vol. 44 ›› Issue (7): 2093-2101.DOI: 10.11772/j.issn.1001-9081.2023071036

• Cyber security • Previous Articles     Next Articles

Cloud data auditing scheme based on voting and Ethereum smart contracts

He HUANG1,2, Yu JIN1,2()   

  1. 1.School of Computer Science and Technology,Wuhan University of Science and Technology,Wuhan Hubei 430065,China
    2.Hubei Key Laboratory of Intelligent Information Processing and Real-time Industrial System,Wuhan Hubei 430065,China
  • Received:2023-07-31 Revised:2023-10-11 Accepted:2023-10-11 Online:2023-10-26 Published:2024-07-10
  • Contact: Yu JIN
  • About author:HUANG He, born in 1997, M. S. candidate. His research interests include cloud storage, blockchain.
    First author contact:JIN Yu, born in 1973, Ph. D., professor. Her research interests include cyber security, trust model, distributed computing.
  • Supported by:
    National Natural Science Foundation of China(61802286)

基于投票和以太坊智能合约的云数据审计方案

黄河1,2, 金瑜1,2()   

  1. 1.武汉科技大学 计算机科学与技术学院, 武汉 430065
    2.湖北省智能信息处理与实时工业系统重点实验室, 武汉 430065
  • 通讯作者: 金瑜
  • 作者简介:黄河(1997—),男,河南信阳人,硕士,CCF学生会员,主要研究方向:云存储、区块链;
    第一联系人:金瑜(1973—),女,湖北武汉人,教授,博士,CCF会员,主要研究方向:网络安全、信任模型、分布式计算。
  • 基金资助:
    国家自然科学基金资助项目(61802286)

Abstract:

Ensuring cloud data integrity has become a security challenge that needs to be solved immediately. Widely-utilized blockchain technology provides a suitable solution to deal with this security challenge. The existing schemes combining blockchain and smart contract technology in which miners perform auditing validation work, suffer from low auditing efficiency, high communication overhead, and heavy auditing burden on Data Owner (DO). In response to the above issues, a Cloud data Auditing Scheme based on Voting mechanism and Ethereum smart Contracts (CASVEC) was proposed. Firstly, a Decentralized Autonomous Organization (DAO) was designed and deployed on Ethereum by combining voting mechanism and smart contract technology. The nodes of DAO voted to elect an auditing node to replace miners for the auditing verification work, effectively solving the defect of low efficiency in validation audit proof phase. Besides, reputation value was designed to ensure fairness and reliability of the voting process. Secondly, only a few on-chain resources were used to store final auditing results to reduce data volume during communication process, thus effectively solving the problem of high communication overhead in validation audit proof phase. Furthermore, DO only needed to delegate one audit request and retrieve final audit result from DAO. In the above process, DO had no need to call smart contracts so frequently to exchange related information, lightening the auditing burden of DO. Finally, from the theoretical analysis and experimental result perspectives, it was verified that compared with current blockchain-based cloud auditing schemes, CASVEC can significantly reduce time overhead and communication overhead of validation audit proof phase, as well as DO time overhead of audit phase.

Key words: data integrity, blockchain, smart contract, cloud data auditing, voting mechanism

摘要:

确保云数据的完整性是亟待解决的安全挑战,受到广泛应用的区块链技术为应对该安全挑战提供了良好的解决方案。当前结合区块链和智能合约技术,并由矿工参与审计验证工作的方案存在审计效率低、通信开销大和数据拥有者(DO)审计负担重等不足。针对上述问题,提出一种基于投票和以太坊智能合约的云数据审计方案(CASVEC)。首先,结合投票机制和智能合约技术在以太坊上设计并部署了去中心化自治组织(DAO),DAO中节点投票选举出一个审计节点代替矿工的审计验证工作,从而有效解决验证审计证明阶段效率低的问题,并且投票机制引入信誉值保证投票公平可靠。其次,仅使用少量链上资源存储审计结果以降低通信过程中的数据量,从而有效解决验证审计证明阶段通信开销大的问题。此外,DO仅需向DAO委托一次审计请求以及查询最终的审计结果,无需频繁调用智能合约交换审计相关信息,减轻了审计负担。最后,从理论和实验角度验证了与当前基于区块链的云审计方案相比,CASVEC能够显著降低验证审计证明阶段的时间开销和通信开销,以及审计阶段DO的时间开销。

关键词: 数据完整性, 区块链, 智能合约, 云数据审计, 投票机制

CLC Number: