高级检索

    支持隐私保护和公平支付的数据完整性验证方案

    Data Integrity Verification Scheme for Privacy Protection and Fair Payment

    • 摘要: 随着云存储模式的出现,越来越多的数据拥有者(data owner, DO)选择将数据移植到云中,为了确保DO存储在云中数据的完整性,DO通常采用云存储数据完整性验证模型.在按需付费的云环境下,DO除了需要支付费用给云服务提供商外,还需要支付额外费用给第三方验证者(third party auditor, TPA)用于执行验证操作.然而,在实际的完整性验证中,TPA并不完全可信.为解决TPA不可信问题并且实现服务-支付公平,提出一种支持隐私保护和公平支付的数据完整性验证方案.首先,引入一种新型数据认证结构——基于等级的Merkle散列树,以实现数据位置的完整性验证和数据的可验证动态更新;其次,为实现数据隐私保护并减少通信开销,提出无交互式动态数据完整性证明机制(non-interactive dynamic provable data possession, NIDPDP);最后,结合区块链技术,利用智能合约(smart contract, SC)实现DO、云存储服务器(cloud storage server, CSS)和TPA之间的服务-支付公平,使各方诚实地按照规则执行.性能分析与实验表明:方案能够有效地保护用户数据隐私、实现公平支付,具有较低的计算代价与通信开销.

       

      Abstract: With the emergence of cloud storage, increasing users tend to migrate their data to cloud for management and maintenance, which can save time and money on the series of work. To ensure the integrity of data stored in the efficient yet unreliable cloud, data owners may adopt a data integrity verification model. In the pay-per-use cloud environment, data owners not only pay for the service to cloud server provider, but also pay an additional fee to the third party auditor (TPA) in order to perform verification operations. However, TPA is not always available in the actual, which makes the integrity of data become a potential vulnerability. In view of the untrustworthy of TPA and the realization of service-payment fairness, we propose a novel verification scheme for privacy protection and fair payment. Firstly, we introduce a novel type of data authentication structure—the rank-based Merkle Hash tree to realize the integrity verification of data index and support verifiable dynamic update of block. Secondly, in order to achieve privacy protection and reduce communication overhead, a non-interactive dynamic provable data possession is presented. Finally, combined with blockchain, smart contract is applied to achieve service-payment fairness among data owners, cloud storage server and TPA, so that all parties can act honestly according to the rules. Performance analysis and experiments show that the proposed scheme can effectively protect the privacy of user data, realize fair payment, and achieve lower computational cost and communication overhead of the entire system.

       

    /

    返回文章
    返回