ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2017, Vol. 54 ›› Issue (1): 172-183.doi: 10.7544/issn1000-1239.2017.20150900

• 系统结构 • 上一篇    下一篇

云存储中数据完整性自适应审计方法

王惠峰,李战怀,张晓,孙鉴,赵晓南   

  1. (西北工业大学计算机学院 西安 710129) (wanghuifeng12@163.com)
  • 出版日期: 2017-01-01
  • 基金资助: 
    国家“八六三”高技术研究发展计划基金项目(2013AA01A215);国家自然科学基金项目(61472323,61502392);中央高校基本科研业务费专项资金项目(3102015JSJ0009);华为创新基金项目(YB2014040023) This work was supported by the National High Technology Research and Development Program of China (863 Program) (2013AA01A215), the National Natural Science Foundation of China (61472323, 61502392), the Fundamental Research Funds for the Central Universities (3102015JSJ0009), and the Huawei Innovation Fund (YB2014040023).

A Self-Adaptive Audit Method of Data Integrity in the Cloud Storage

Wang Huifeng, Li Zhanhuai, Zhang Xiao, Sun Jian, Zhao Xiaonan   

  1. (School of Computer Science, Northwestern Polytechnical University, Xi’an 710129)
  • Online: 2017-01-01

摘要: 作为云存储安全的重要问题,数据完整性验证技术受到学术界和工业界的广泛关注.为了验证云端数据完整性,研究者提出了多个数据完整性公开审计模型.然而,现有的数据完整性审计模型采用固定参数审计所有文件,浪费了大量计算资源,导致系统审计效率不高.为了提高系统的审计效率,提出了一种自适应数据持有性证明方法(self-adaptive provable data possession, SA-PDP),该方法基于文件属性和用户需求动态调整文件的审计方案,使得文件的审计需求和审计方案的执行强度高度匹配.为了增强审计方案更新的灵活性,依据不同的审计需求发起者,设计了2种审计方案动态更新算法.主动更新算法保证了审计系统的覆盖率,而被动更新算法能够及时满足文件的审计需求.实验结果表明:相较于传统方法,SA-PDP的审计总执行时间至少减少了50%,有效增加了系统审计文件的数量.此外,SA-PDP方法生成的审计方案的达标率比传统审计方法提高了30%.

关键词: 数据安全, 云存储, 数据完整性验证, 数据可持有性证明, 自适应审计

Abstract: As an important issue of cloud storage security, data integrity checking has attracted a lot of attention from academia and industry. In order to verify data integrity in the cloud, the researchers have proposed many public audit schemes for data integrity. However, most of the existing schemes are inefficient and waste much computing resource because they adopt fixed parameters for auditing all the files. In other words, they have not considered the issue of coordinating and auditing the large-scale files. In order to improve the audit efficiency of the system, we propose a self-adaptive provable data possession (SA-PDP), which uses a self-adaptive algorithm to adjust the audit tasks for different files and manage the tasks by the audit queues. By the quantitative analysis of the audit requirements of files, it can dynamically adjust the audit plans, which guarantees the dynamic matching between the audit requirements of files and the execution strength of audit plans. In order to enhance the flexibility of updating audit plans, SA-PDP designs two different update algorithms of audit plans on the basis of different initiators. The active update algorithm ensures that the audit system has high coverage rate while the lazy update algorithm can make the audit system timely meet the audit requirements of files. Experimental results show that SA-PDP can reduce more than 50% of the total audit time than the traditional method. And SA-PDP effectively increases the number of audit files in the audit system. Compared with the traditional audit method, SA-PDP can improve the standard-reaching rate of audit plans by more than 30%.

Key words: data security, cloud storage, data integrity checking, provable data possession, self-adaptive audit

中图分类号: