| 面向真实云存储环境的数据持有性证明系统 |
| |
| 引用本文: | 肖达,杨绿茵,孙斌,郑世慧.面向真实云存储环境的数据持有性证明系统[J].软件学报,2016,27(9):2400-2413. |
| |
| 作者姓名: | 肖达 杨绿茵 孙斌 郑世慧 |
| |
| 作者单位: | 北京邮电大学 计算机学院, 北京 100876;灾备技术国家工程实验室(北京邮电大学), 北京 100876,北京邮电大学 计算机学院, 北京 100876;灾备技术国家工程实验室(北京邮电大学), 北京 100876,北京邮电大学 计算机学院, 北京 100876;灾备技术国家工程实验室(北京邮电大学), 北京 100876,北京邮电大学 计算机学院, 北京 100876;灾备技术国家工程实验室(北京邮电大学), 北京 100876 |
| |
| 基金项目: | 国家自然科学基金(61202082);国家242信息安全计划(2014A120) |
| |
| 摘 要: | 对数据动态更新和第三方审计的支持的实现方式是影响现有数据持有性证明(provable data possession,简称PDP)方案实用性的重要因素.提出面向真实云存储环境的安全、高效的PDP系统IDPA-MF-PDP.通过基于云存储数据更新模式的多文件持有性证明算法MF-PDP,显著减少审计多个文件的开销.通过隐式第三方审计架构和显篡改审计日志,最大限度地减少了对用户在线的需求.用户、云服务器和隐式审计者的三方交互协议,将MF-PDP和隐式第三方审计架构结合.理论分析和实验结果表明:IDPA-MF-PDP具有与单文件PDP方案等同的安全性,且审计日志提供了可信的审计结果历史记录;IDPA-MF-PDP将持有性审计的计算和通信开销由与文件数线性相关减少到接近常数.
|
| 关 键 词: | 数据持有性检查 第三方审计 显篡改审计日志 存储安全 同态认证元 |
| 收稿时间: | 5/7/2014 12:00:00 AM |
| 修稿时间: | 2014/12/31 0:00:00 |
Provable Data Possession System for Realistic Cloud Storage Environments |
| |
| XIAO D,YANG L&#;-Yin,SUN Bin and ZHENG Shi-Hui.Provable Data Possession System for Realistic Cloud Storage Environments[J].Journal of Software,2016,27(9):2400-2413. |
| |
| Authors: | XIAO D YANG L&#;-Yin SUN Bin and ZHENG Shi-Hui |
| |
| Affiliation: | School of Computer Science, Beijing University of Posts and Telecommunications, Beijing 100876, China;National Engineering Laboratory for Disaster Backup and Recovery (Beijing University of Posts and Telecommunications), Beijing 100876, China,School of Computer Science, Beijing University of Posts and Telecommunications, Beijing 100876, China;National Engineering Laboratory for Disaster Backup and Recovery (Beijing University of Posts and Telecommunications), Beijing 100876, China,School of Computer Science, Beijing University of Posts and Telecommunications, Beijing 100876, China;National Engineering Laboratory for Disaster Backup and Recovery (Beijing University of Posts and Telecommunications), Beijing 100876, China and School of Computer Science, Beijing University of Posts and Telecommunications, Beijing 100876, China;National Engineering Laboratory for Disaster Backup and Recovery (Beijing University of Posts and Telecommunications), Beijing 100876, China |
| |
| Abstract: | The methods for supporting dynamic data updates and third-party audit are key factors that affect the practicality of existing provable data possession (PDP) schemes. This article proposes a secure and efficient PDP system called IDPA-MF-PDP for realistic cloud storage environments. The cost of auditing multiple files is dramatically reduced by a multiple-file PDP scheme based on the data update pattern of cloud storage. The requirement for users being online is reduced to the maximum extent by the implicit third-party audit framework and tamper-evident audit logs. The tripartite interaction protocol between the user, the cloud server and the implicit auditor combines MF-PDP with the implicit third-party audit framework. Theoretical analysis and experimental results show that IDPA-MF-PDP has equivalent security property with single-file PDP schemes and the audit log provides a trustworthy history record of audit results; IDPA-MF-PDP reduces the computation and communication overhead of data possession auditing from linear in the number of files to near constant. |
| |
| Keywords: | provable data possession third-party audit tamper-evident audit log storage security homomorphic authenticator |
|
| 点击此处可从《软件学报》浏览原始摘要信息 |
|
点击此处可从《软件学报》下载全文 |
|
