ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2015, Vol. 52 ›› Issue (10): 2353-2362.doi: 10.7544/issn1000-1239.2015.20150544

所属专题: 2015网络安全与隐私保护研究进展

• 信息安全 • 上一篇    下一篇

云端多管理者群组共享数据中具有隐私保护的公开审计方案

付安民1,2,3,秦宁元1,宋建业1,苏铓1   

  1. 1(南京理工大学计算机科学与工程学院 南京 210094); 2(信息安全国家重点实验室(中国科学院信息工程研究所) 北京 100093); 3(中国科学院信息工程研究所 北京 100093) (fam_0522@163.com)
  • 出版日期: 2015-10-01
  • 基金资助: 
    基金项目:国家自然科学基金项目(61202352,61572255);江苏省自然科学基金项目(BK20141404);中央高校基本科研业务费专项资金项目(30915011322)

Privacy-Preserving Public Auditing for Multiple Managers Shared Data in the Cloud

Fu Anmin1,2,3, Qin Ningyuan1, Song Jianye1, Su Mang1   

  1. 1(School of Computer Science and Engineering, Nanjing University of Science and Technology, Nanjing 210094);2(State Key Laboratory of Information Security (Institution of Information Engineering, Chinese Academy of Sciences), Beijing 100093);3(Institution of Information Engineering, Chinese Academy of Sciences, Beijing 100093)
  • Online: 2015-10-01

摘要: 随着云存储服务的广泛使用,用户数据不仅能存储在云中,并且能够由多个用户共享.为了保证云端群组共享数据的完整性,研究者提出了多项针对云端群组共享数据公开审计方案.但是,现有方案只考虑了群组用户中仅有单个群管理者的情形,并且没有考虑群组用户身份追踪过程中的陷害性问题.提出的方案中首次给出了面向多管理者群组共享数据的公开审计安全模型,并通过构造基于可撤销的群签名和(t,s)门限方案的多群管理者同态可验证群签名,设计了首个适用于多管理者群组共享数据的公开审计方案.提出的公开审计方案不仅能够实现身份隐私、可追踪性和不可陷害性等多层次的隐私保护能力,并且能很好地支持群组用户的撤销和续约.此外,方案的审计开销与群组用户数量大小无关,保证了方案的可行性和高效性.

关键词: 数据完整性, 公开审计, 隐私保护, 不可陷害性, 同态认证

Abstract: With the wide use of the cloud storage service, user data is not only stored in the cloud, but also shared among multiple users. To ensure the integrity of the shared data in the cloud, the researchers have proposed many public auditing schemes for group shared cloud data. However, the existing schemes just consider that the group users only include a single group manager without considering that multiple group managers may exist in a group simultaneously and the problem of frameability when tracing the real identity of the group user is also not taken into account. The proposed scheme gives the first public auditing security model for a group shared data with multiple managers, and constructs homomorphic authenticable group signature with multiple group managers based on revocable group signature and (t,s) secret sharing scheme, and designs the first public auditing scheme for a group shared data with multiple managers. The proposed scheme not only can achieve multi-levels privacy-preserving abilities like identity privacy, traceability and non-frameability, but also can well support group user revocation and resuming. Moreover, the overhead of the auditing does not grow with the number of the group uses, which ensures the feasibility and the efficiency of the scheme.

Key words: data integrity, public auditing, privacy preserving, non-frameability, homomorphic authenticable

中图分类号: