共查询到20条相似文献,搜索用时 53 毫秒
1.
2.
在云存储服务中,为了让用户可以验证存储服务提供者正确地持有(保存)用户的数据,该文提出一种基于同态hash (homomorphic hashing)的数据持有性证明方法。因为同态hash算法的同态性,两数据块之和的hash值与它们hash值的乘积相等,初始化时存放所有数据块及其hash值,验证时存储服务器返回若干数据块的和及其hash值的乘积,用户计算这些数据块之和的hash值,然后验证是否与其hash值的乘积相等,从而达到持有性证明的目的。在数据生存周期内,用户可以无限次地验证数据是否被正确持有。该方法在提供数据持有性证明的同时,还可以对数据进行完整性保护。用户只需要保存密钥K,约520 byte,验证过程中需要传递的信息少,约18 bit,并且持有性验证时只需要进行一次同态hash运算。文中提供该方法的安全性分析,性能测试表明该方法是可行的。 相似文献
3.
4.
5.
6.
7.
《现代电子技术》2017,(23):73-76
为了降低公共云存储系统的空间开销,对公共云存储中私密数据的重复数据进行归并和删除处理,提高云存储容量,提出一种基于语义本体特征匹配检测的公共云存储中私密数据的去重删除技术。采用交叉分布方法进行公共云存储中私密数据的特征分解,根据数据的属性类别进行存储空间区域划分,提取私密数据的语义本体结构信息特征量,根据提取的特征量进行匹配检测,根据语义属性实现对重复数据的自适应筛选,对筛选出来的重复数据采用矩阵分解方法进行特征压缩和删减,实现去重删除。仿真结果表明,采用该算法进行公共云存储中私密数据的去重删除处理,提高了存储空间的容量,降低了数据存储的维数,实现了私密数据的优化存储。 相似文献
8.
9.
云存储环境下,客户端数据去重能在本地进行文件重复性检测,有效地节约存储空间和网络带宽.然而,客户端去重仍面临着很多安全挑战.首先,由于将文件哈希值作为重复性检测的证据,攻击者很可能通过一个文件的哈希值获得整个文件;其次,为了保护数据隐私,收敛加密被广泛运用于数据去重方案,但是由于数据本身是可预测的,所以收敛加密仍不可避免地遭受暴力字典攻击.为了解决上述问题,本文首次利用盲签名构造了一个安全的密钥生成协议,通过引入一个密钥服务器,实现了对收敛密钥的二次加密,有效地预防了暴力字典攻击;并进一步提出了一个基于块密钥签名的拥有权证明方法,能够有效预防攻击者通过单一的哈希值来获取文件,并能同时实现对密文文件的文件级和块级去重.同时,安全分析表明本文方案在随机预言模型下是可证明安全的,并能够满足收敛密钥安全、标签一致性和抗暴力字典攻击等更多安全属性.此外,与现有方案相比,实验结果表明本文方案在文件上传和文件去重方面的计算开销相对较小. 相似文献
10.
11.
Deduplication is widely used in cloud storage service to save bandwidth and storage resources,however,the security of client deduplication still flaws in an external attack to access a user’s private data.Xu-CDE,a deduplication solution of encrypting data for multi-client was first proposed,which could protect the privacy of data from the external attackers and honest but curious server,with favorable theoretical meaning and representativeness.However,in Xu-CDE,the user ownership authentication credentials were lack of instantaneity protection,which could not resist replay attack.As an improvement to the flaw,the protocol MRN-CDE (MLE based and random number modified client-side deduplication of encrypted data in cloud storage) was proposed,adding random number in order to ensure the instantaneity of the authentication credentials,and using the algorithm of MLE-KPto extract key from original file to replace the file itself as an encryption key.As a consequence,the new protocol improved security while significantly reduced the amount of computation.After the safety analysis and the actual tests,results show that based on Xu-CDE,the proposed protocol MRN-CDE has stronger security of ownership,and improves time efficiency.Specially,the new protocol works better on large files in cloud with a certain value. 相似文献
12.
Nowadays , an increasing number of persons choose to outsource their computing demands and storage demands to the Cloud. In order to ensure the integrity of the data in the untrusted Cloud, especially the dynamic files which can be updated online, we propose an improved dynamic provable data possession model. We use some homomorphic tags to verify the integrity of the file and use some hash values generated by some secret values and tags to prevent replay attack and forgery attack. Compared with previous works , our proposal reduces the computational and communication complexity from O (logn ) to O (1). We did some experiments to ensure this improvement and extended the model to file sharing situation. 相似文献
13.
Nowadays , an increasing number of persons choose to outsource their computing demands and storage demands to the Cloud. In order to ensure the integrity of the data in the untrusted Cloud, especially the dynamic files which can be updated online, we propose an improved dynamic provable data possession model. We use some homomorphic tags to verify the integrity of the file and use some hash values generated by some secret values and tags to prevent replay attack and forgery attack. Compared with previous works , our proposal reduces the computational and communication complexity from O (logn ) to O (1). We did some experiments to ensure this improvement and extended the model to file sharing situation. 相似文献
14.
In order to solve the problems of secure access and deduplication to the shared file in the cloud environment,a novel notion called proof of shared ownership (PoSW) was formalized,and a formal definition of the PoSW was given.Furthermore,a PoSW scheme and an enhanced version of that were proposed.In the PoSW scheme,secure shared file dispersal,convergent encryption and secret sharing algorithm were employed to transform the shared file realize the sharing and authorization for the shared file,and then a novel challenge-response protocol was proposed to achieve the proof of shared ownership and the foundation for the secure deduplication of the shared file was provided.An enhanced PoSW scheme was designed to improve the availability and reliability for different kinds of the shared files by introducing the multi-cloud server providers and using the strategies of both data duplication and secret file dispersal.Security analysis and performance evaluation show the security and efficiency of the proposed scheme. 相似文献
15.
随着传统行业电子化的速度日渐加快,电脑上的数据量与日俱增,数据备份领域面临的挑战也越来越大.传统备份因为需要大量的磁盘阵列作为存储介质,所以在成本控制上一直是个难题.针对该情况,结合云存储平台低廉的成本、高效的资源伸缩与利用率,研究在HDFS系统中加入新的重复数据删除技术,并对原有备份策略进行优化,设计出一种基于云存储中的重复数据删除技术的备份系统.最后通过实验,对改进后的方案系统与传统备份方案备份文件所占空间、时间等参数进行了对比. 相似文献
16.
在过去的数十年中,信息数据量呈现指数级增长,如何存储和保护这些大量信息数据成为一个难题.云存储和冗余去重技术成为解决上述难题的主要技术.去冗技术在云存储系统中得到广泛应用,但主流的云存储系统存在索引信息的膨胀以及数据分块的不确定性等不足,而这些弊端会导致内存空间的浪费和数据分块的不可预知性.针对这些问题,提出了一种基于内容分块的层次化去冗优化策略,并构建了对应的算法,解决了云存储系统中索引信息表过大和数据分块过大或过小的问题.并且选取CNN新闻的页面内容作为测试集进行实际测试,通过比较去冗比和去冗时间可以看出,相比于目前主流的去冗策略,本文提出的基于内容分块的层次化去冗优化策略能够提升3%左右的去冗比,同时降低2%左右的去冗时间. 相似文献
17.
In order to improve the efficiency of cloud storage and save the communication bandwidth, a deduplication mechanism for multi-duplicate of the same data in cloud environment was needed. However, the implement of the secure data deduplication was seriously hindered by the ciphertext in cloud. This issue has quickly aroused wide attention of academia and industry, and became a research hotspot. From a security standpoint, firstly the primary cause and the main challenges of secure data deduplication in cloud environment was analyzed, and then the deduplication system model as well as its security model was described. Furthermore, focusing on the realization mechanism of secure data deduplica-tion, the thorough analyses were carried on and reviews for the related research works in recent years from content-based encryption, proof of ownership and privacy protection for secure deduplication, then the advantages and common prob-lems of various key technologies and methods were summed up. Finally, the future research directions and development trends on secure data deduplication in cloud was given. 相似文献
18.
For the problems of key-exposure,encrypted data duplication and integrity auditing in cloud data storage,a public auditing scheme was proposed to support key update and encrypted data deduplication.Utilizing Bloom filters,the proposed scheme could achieve client-side deduplication,and guaranteed that the key exposure in one time period didn’t effect the users’ private key in other time periods.The proposed scheme could solve the conflict between key-exposure resilient and encrypted data deduplication in public auditing scheme for the first time.Security analysis indicates that the proposed scheme is strong key-exposure resilient,confidentiality,detectability,and unforgeability of authentication tags and tokens under the computation Diffie-Hellman hardness assumption in the random oracle model. 相似文献
19.
文章针对云计算的安全问题,提出了一种全同态加密方案和基于此方案的数据检索算法,既保证了用户数据的安全性,又保证了服务器能够对存储的用户密文直接检索,为云系统中的信息安全和数据处理提供了良好的解决方案。 相似文献
20.
云存储服务的一种主要收费模式为依据服务提供商度量的客户资源实际使用量进行计费。因此,支付方和服务提供商之间的信任问题成为这种商业计费模式的关键因素,并可能引发安全问题。一方面,云存储服务提供商或者内部人员可能声称更多的客户资源使用量而多收取服务费用;另一方面,支付方可能否认已使用的资源从而减少应支付的费用。提出了一种基于散列链的资源使用度量机制,对不同资源分别产生可验证的证据。对于多数资源,现有云存储计费机制可以依据资源使用总量产生证据,但是考虑到存储量随时间不断波动并且资源的计费不仅与存储量相关还与时间因素相关,因此现有机制不能完全适用。提出的存储资源使用度量机制同时考虑时间和存储量2个因素,利用与计费方式关联的散列链产生证据,实现了原有机制的改进,达到了资源使用的可验证度量目标。 相似文献
