高级检索
    秦志光, 王士雨, 赵洋, 熊虎, 吴松洋. 云存储服务的动态数据完整性审计方案[J]. 计算机研究与发展, 2015, 52(10): 2192-2199. DOI: 10.7544/issn1000-1239.2015.20150509
    引用本文: 秦志光, 王士雨, 赵洋, 熊虎, 吴松洋. 云存储服务的动态数据完整性审计方案[J]. 计算机研究与发展, 2015, 52(10): 2192-2199. DOI: 10.7544/issn1000-1239.2015.20150509
    Qin Zhiguang, Wang Shiyu, Zhao Yang, Xiong Hu, Wu Songyang. An Auditing Protocol for Data Storage in Cloud Computing with Data Dynamics[J]. Journal of Computer Research and Development, 2015, 52(10): 2192-2199. DOI: 10.7544/issn1000-1239.2015.20150509
    Citation: Qin Zhiguang, Wang Shiyu, Zhao Yang, Xiong Hu, Wu Songyang. An Auditing Protocol for Data Storage in Cloud Computing with Data Dynamics[J]. Journal of Computer Research and Development, 2015, 52(10): 2192-2199. DOI: 10.7544/issn1000-1239.2015.20150509

    云存储服务的动态数据完整性审计方案

    An Auditing Protocol for Data Storage in Cloud Computing with Data Dynamics

    • 摘要: 云存储服务的数据完整性检查受到了学术界和工业界的广泛关注.然而动态数据审计方案容易受到恶意云服务器的重放攻击,且存在不能很好地支持用户多粒度的动态操作等问题.为此基于Merkle Hash树(Merkle Hash tree, MHT)和双线性对技术,提出一个分层次索引结构的动态数据完整性审计方案.通过分层次索引结构的方法将数据块分割为长度更小的数据块,同时使MHT的每个叶结点对应多个数据块,从而有效降低了MHT的高度.提出的方案不但能满足云存储服务的数据完整性审计方案的安全要求,而且支持用户多粒度的动态操作.此外,在该方案中用户执行动态操作和审计者执行审计操作的通信开销将被大大降低.安全分析和性能分析,表明该方案是安全和高效的.

       

      Abstract: Data integrity checking for cloud storage services has attracted widespread attention from academia and industry recently. However, some issues should be addressed in case the dynamic operations are considered, because the dynamic auditing schemes are vulnerable to replay attacks mounted by the malicious cloud servers, and also cannot support the multi-granular dynamic operations well. This paper proposes a hierarchical auditing protocol for data storage in cloud computing with data dynamics by incorporating the idea of Merkle Hash tree (MHT) and bilinear pairings technology. In this paper, the basic block has been divided into a number of smaller blocks by utilizing the hierarchical index structures, and every leaf of the Merkle Hash Tree is associated with multiple blocks, so our scheme can reduce the length of the Merkle Hash Tree effectively. The proposed scheme can not only meet the security demands of cloud storage services for data integrity, but also support the user to perform multi-granular dynamic operations. In addition, the communication costs of the dynamic operations derived from the user and the auditing operations derived from the auditor have been greatly reduced. Finally, security analysis and performance analysis show that our proposed scheme is secure and efficient.

       

    /

    返回文章
    返回