基于差分隐私模型的云数据副本安全控制方案

doi:10.11959/j.issn.2096-109x.2017.00163

Abstract

Abstract:

In cloud computing environment,adversary may use data deduplication as a side channel to eavesdrop users’ privacy.In order to tackle this serious issue,a secure copy number control scheme was proposed.The highlights of the proposed scheme lie in constructing a hybrid cloud framework.Then file was encrypted for second times by using the privacy protection parameters of differential privacy as well as the key of the file computed by convergent encryption algorithm.After the file is uploaded,each file has only one copy in the server.Meanwhile,compared with the scheme that use setting threshold value to control the number of copies,the proposed scheme can resist against the side channel attack,related files attack,and the specific attack of encryption algorithm and save the network bandwidth and disk storage space.

Key words: data deduplication, differential privacy, convergent encryption, hybrid cloud, side channel attack

CLC Number:

TP393

Jun REN,Jin-bo XIONG,Zhi-qiang YAO. Security control scheme for cloud data copy based on differential privacy model[J]. Chinese Journal of Network and Information Security, 2017, 3(5): 38-46.

Figures/Tables 10

References 19

[1]	MEHMOOD A , NATGUNANATHAN I , XIANG Y ,et al. Protection of big data privacy[J]. IEEE Access, 2016,4: 1821-1834.
[2]	冯登国, 张敏, 李昊 . 大数据安全与隐私保护[J]. 计算机学报, 2014,37(1): 246-258.
	FENG D G , ZHANG M , LI H . Big data security and privacy protection[J]. Chinese Journal of Computers, 2014,37(1): 246-258.
[3]	MAI J E . Big data privacy:the datafication of personal informa tion[J]. Information Society, 2016,32(3): 192-199.
[4]	熊金波, 张媛媛, 李凤华 ,等. 云环境中数据安全去重研究进展[J]. 通信学报, 2016,37(11): 169-180.
	XIONG J B , ZHANG Y Y , LI F H ,et al. Research progress on secure data deduplication in cloud[J]. Journal on Communications, 2016,37(11): 169-180.
[5]	PAULO J , PEREIRA J . A survey and classification of storage deduplication systems[J]. ACM Computing Surveys (CSUR), 2014,47(1): 11.
[6]	RUSSELL D . Data deduplication will be even bigger in 2010[J]. Gartner, 2010.
[7]	SORIA-COMAS J , DOMINGO-FERRER J . Big data privacy:challenges to privacy principles and models[J]. Data Science and Engineering, 2016,1(1): 21-28.
[8]	DOUCEUR J R , ADYA A , BOLOSKY W J ,et al. Reclaiming space from duplicate files in a serverless distributed file system[C]// The International Conference on Distributed Computing Systems. 2002: 617-624.
[9]	LI M , QIN C , LEE P P C . CDStore:toward reliable,secure,and costefficient cloud storage via convergent dispersal[C]// 2015 USENIX Annual Technical Conference (USENIX ATC 15). 2015: 111-124.
[10]	STANEK J , SORNIOTTI A , ANDROULAKI E ,et al. A secure data deduplication scheme for cloud storage[C]// Financial Cryptography and Data Security. 2014: 99-118.
[11]	BELLARE M , KEELVEEDHI S , RISTENPART T . Message-locked encryption and secure deduplication[C]// Advances in Cryptology–EUROCRYPT. 2013: 296-312.
[12]	KEELVEEDHI S , BELLARE M , RISTENPART T . DupLESS:server-aided encryption for deduplicated storage[C]// The 22nd USENIX Security Symposium. 2013: 179-194.
[13]	HARNIK D , PINKAS B,SHULMAN-PELEG A . Side channels in cloud services:deduplication in cloud storage[J]. IEEE Security ＆Privacy, 2010,8(6): 40-47.
[14]	LEE S , CHOI D . Privacy-preserving cross-user sourcebased data deduplication in cloud storage[C]// The International Conference on ICT Convergence. 2012: 329-330.
[15]	OLIVIER , NEUMANN C , MONTALVO L ,et al. Improving the resistance to side-channel attacks on cloud storage services[C]// The International Conference on New Technologies,Mobility and Security (NTMS’12). 2012: 1-5.
[16]	DWORK C . Differential privacy[J]. Lecture Notes in Computer Science, 2006,(2): 1-12.
[17]	熊平, 朱天清, 王晓峰 . 差分隐私保护及其应用[J]. 计算机学报, 2014,37(1): 101-122.
	XIONG P , ZHU T Q , WANG X F . A survey on differential privacy and applications[J]. Chinese Journal of Computers, 2014,37(1): 101-122.
[18]	EBADI H , SANDS D , SCHNEIDER G . Differential privacy:now it's getting personal[J]. ACM Special Interest Group on Programming Languages, 2015,50(1): 69-81.
[19]	GENG Q , KAIROUZ P , OH S ,et al. The staircase mechanism in differential privacy[J]. IEEE Journal of Selected Topics in Signal Processing, 2015,9(7): 1.

Metrics

Recommended 0

No Suggested Reading articles found!

符号	含义
F	用户需要上传的文件
f	文件F的大小
k	第一次散列运算所得到的散列值
Key	第二次散列运算所得到的散列值
C′	利用k值对文件F加密得到的加密文件
C	利用 Key 值对文件C′加密得到的加密文件
D	虚拟数据
Hash ₁:{0,1}^*→{0,1}^α	计算k的散列函数
Hash ₂:{0,1}^β→{0,1}^γ	计算Key的散列函数
α,β,γ	任意整数
H _pr (h₁ ,h₂ ,…,,h_n)	私有云服务器存储的Key值列表
H _pu (h₁ ,h₂ ,…,h_n)	公有云服务器存储的Key值列表
N	已存储文件的数量
ID	用户身份的标识符
T	传送队列T
R	泊松分布生成的值
ε	隐私保护参数

方案	隐私保护程度	与服务器通信次数	服务器内存消耗
Harnik方案	低	2y	O(yf)
Lee方案	中	2y	O(yf)
本文方案	高	1	O(f)

Security control scheme for cloud data copy based on differential privacy model

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 10

References 19

Related Articles 15

Metrics

Recommended 0

[1]	Feng YU, Qingxin LIN, Hui LIN, Xiaoding WANG. Privacy-enhanced federated learning scheme based on generative adversarial networks [J]. Chinese Journal of Network and Information Security, 2023, 9(3): 113-122.
[2]	Zuobin YING, Yichen FANG, Yiwen ZHANG. Privacy-preserving federated learning framework with dynamic weight aggregation [J]. Chinese Journal of Network and Information Security, 2022, 8(5): 56-65.
[3]	Jiahao QIU, Weidong QIU, Yangde WANG, Yan ZHA, Yuming XIE, Yan LI. Intellectualized forensic technique for Android pattern locks [J]. Chinese Journal of Network and Information Security, 2022, 8(1): 118-127.
[4]	Xinyu ZHANG, Bingsheng ZHANG, Quanrun MENG, Kui REN. Study on privacy preserving encrypted traffic detection [J]. Chinese Journal of Network and Information Security, 2021, 7(4): 101-113.
[5]	Ding LI, Yuefei ZHU, Bin LU, Wei LIN. Survey of side channel attack on encrypted network traffic [J]. Chinese Journal of Network and Information Security, 2021, 7(4): 114-130.
[6]	Mingfeng ZHAO, Chen LEI, Yang ZHONG, Jinbo XIONG. Dynamic privacy measurement model and evaluation system for mobile edge crowdsensing [J]. Chinese Journal of Network and Information Security, 2021, 7(1): 157-166.
[7]	Yu ZHANG,Xixiang LYU,Yucong ZOU,Yige LI. Differentially private sequence generative adversarial networks for data privacy masking [J]. Chinese Journal of Network and Information Security, 2020, 6(4): 109-119.
[8]	Xianmang HE. Multi-party summation query method based on differential privacy [J]. Chinese Journal of Network and Information Security, 2020, 6(3): 14-18.
[9]	Lei YANG,Xiao ZHENG,Wei ZHAO. Non-equal-width histogram publishing method based on differential privacy [J]. Chinese Journal of Network and Information Security, 2020, 6(3): 39-49.
[10]	Qirun PAN,Kaizhi HUANG,Wei YOU. Network slicing deployment method based on isolation level [J]. Chinese Journal of Network and Information Security, 2020, 6(2): 96-105.
[11]	Hui LIU,Renwan BI,Jinbo XIONG,Mingfeng ZHAO,Biao JIN,Jie LIN. Fog-aided identity privacy protection scheme for sensing users in mobile crowd sensing [J]. Chinese Journal of Network and Information Security, 2019, 5(6): 75-84.
[12]	Senyou LI,Xinsheng JI,Wei YOU. Research on differential privacy protection parameter configuration method based on confidence level [J]. Chinese Journal of Network and Information Security, 2019, 5(4): 29-39.
[13]	Fanyu KONG,Yong QIAO,Pengtao LIU,Xiaodong LIU,Dashui ZHOU. Fault-injection attack on countermeasure algorithms of RSA-CRT cryptosystem [J]. Chinese Journal of Network and Information Security, 2019, 5(1): 30-36.
[14]	Peng GUO, Shangping ZHONG, Kaizhi CHEN, Hang CHENG. Adaptive selection method of differential privacy GAN gradient clipping thresholds [J]. Chinese Journal of Network and Information Security, 2018, 4(5): 10-20.
[15]	Wei TONG,AOYun-long M,Qing-jun CEHN,Bin-ru WANG,Bao-jia ZHANG,Sheng ZHONG. Survey of big-data-analysis-resistant privacy protection [J]. Chinese Journal of Network and Information Security, 2016, 2(4): 44-55.