支持受损数据定位与恢复的动态群用户可证明存储

doi:10.11959/j.issn.2096-109x.2022071

Abstract

Abstract:

The outsourced storage mode of cloud computing leads to the separation of data ownership and management rights of data owners, which changes the data storage network model and security model.To effectively deal with the software and hardware failures of the cloud server and the potential dishonest service provider and also ensure the availability of the data owners’ data, the design of secure and efficient data availability and recoverability auditing scheme has both theoretical and practical importance in solving the concern of users and ensuring the security of cloud data.However, most of the existing studies were designed for the security and efficiency of data integrity or recoverability schemes, without considering the fast identification and reliable recovery of damaged data under dynamic group users.Thus, to quickly identify and recover damaged data, a publicly verifiable proof of storage scheme was proposed for dynamic group cloud users.The designed scheme enabled a trusted third-party auditor to efficiently identify the damaged files through a challenge-response protocol and allowed the cloud storage server to effectively recover them when the degree of data damage is less than an error correction ability threshold.The scheme combined association calculation and accumulation calculation, which effectively reduced the number of calculations for the identification of damaged data.By combining erasure coding and shared coding technology, the scheme achieved effective recovery of damaged data of dynamic group users.At the same time, the scheme also supported dynamic user revocation, which ensured the integrity audit and reliable recovery of the collective data after user revocation.The network model and threat model of the designed scheme were defined and the security of the scheme under the corresponding security model was proved.Through the prototype implementation of the scheme in the real environment and the modular performance analysis, it is proved that the proposed scheme can effectively identify the damaged data and reliably recover the cloud data when the data is damaged.Besides, compared with other schemes, it is also proved that the proposed scheme has less computational overhead in identifying and recovering damaged data.

Key words: cloud storage, data sharing, corruption identification, proof of retrievability, dynamic group users

CLC Number:

TP309

Tao JIANG, Hang XU, Liangmin WANG, Jianfeng MA. Proof of storage with corruption identification and recovery for dynamic group users[J]. Chinese Journal of Network and Information Security, 2022, 8(5): 75-87.

Figures/Tables 15

References 23

[1]	ZAFAR F , KHAN A , MALIK S U R ,et al. A survey of cloud computing data integrity schemes:Design challenges,taxonomy and future trends[J]. Comput Secur, 2017,65: 29-49.
[2]	GUMASTE P . Amazon aws outage[EB].
[3]	PAN Y , HU N . Research on dependability of cloud computing systems[C]// 2014 10th International Conference on Reliability,Maintainability and Safety (ICRMS). 2014: 435-439.
[4]	SCHROEDER B , GIBSON G A . A large-scale study of failures in high-performance computing systems[J]. IEEE Trans Dependable Secur Comput, 2010,7(4): 337-351.
[5]	WU D , XIA Y , SUN X S ,et al. Masking failures from application performance in data center networks with shareable backup[C]// Proceedings of the 2018 Conference of the ACM Special Interest Group on Data Communication. 2018: 176-190.
[6]	ATENIESE G , BURNS R C , CURTMOLA R ,et al. Provable data possession at untrusted stores[C]// Proceedings of the 2007 ACM Conference on Computer and Communications Security (CCS 2007). 2007: 598-609.
[7]	JUELS A , KALISKI B S . Pors:proofs of retrievability for large files[C]// Proceedings of the 2007 ACM Conference on Computer and Communications Security (CCS 2007). 2007: 584-597.
[8]	GUO H , ZHANG Z , XU J ,et al. Accountable proxy re-encryption for secure data sharing[J]. IEEE Trans Dependable Secur Comput, 2021,18(1): 145-159.
[9]	SENGUPTA B , RUJ S . Efficient proofs of retrievability with public verifiability for dynamic cloud storage[J]. IEEE Trans Cloud Comput, 2020,8(1): 138-151.
[10]	SHEN J , ZHOU T , HE D ,et al. Block design-based key agreement for group data sharing in cloud computing[J]. IEEE Trans Dependable Secur Comput, 2019,16(6): 996-1010.
[11]	JIANG T , CHEN X , MA J . Public integrity auditing for shared dynamic cloud data with group user revocation[J]. IEEE Trans Computers, 2016,65(8): 2363-2373.
[12]	LIU X , MA J , XIONG J ,et al. Personal health records integrity verification using attribute based proxy signature in cloud computing[C]// Internet and Distributed Computing Systems - 6th International Conference (IDCS 2013). 2013: 238-251.
[13]	ZHANG Y , YU J , HAO R ,et al. Enabling efficient user revocation in identity-based cloud storage auditing for shared big data[J]. IEEE Trans Dependable Secur Comput, 2020,17(3): 608-619.
[14]	BERNSTEIN D J , DOUMEN J , LANGE T ,et al. Faster batch forgery identification[C]// Progress in Cryptology - INDOCRYPT 2012,13th International Conference on Cryptology. 2012: 454-473.
[15]	SHIN S , KIM S , KWON T . Identification of corrupted cloud storage in batch auditing for multi-cloud environments[C]// Information and Communication Technology-Third IFIP TC 5/8 International Conference (ICT),and 9th IFIP WG 8.9 Working Conference (CONFENIS 2015). 2015: 221-225.
[16]	MATT B J , . Identification of multiple invalid signatures in pairing-based batched signatures[C]// Public Key Cryptography - PKC 2009,12th International Conference on Practice and Theory in Public Key Cryptography, 2009: 337-356.
[17]	王惠峰, 李战怀, 张晓 ,等. 云存储中支持失效文件快速查询的批量审计方法[J]. 计算机学报, 2017,40(10): 2338-2351.
	WANG H F , LI Z H , ZHANG X ,et al. Batch auditing supporting fast searching invalid files in cloud storage[J]. Chinese Journal of Computers, 2017,40(10): 2338-2351.
[18]	ZHOU T , TIAN C . Fast erasure coding for data storage:a comprehensive study of the acceleration techniques[C]// 17th USENIX Conference on File and Storage Technologies (FAST 2019), 2019: 317-329.
[19]	伍祈应, 马建峰, 李辉 ,等. 支持用户撤销的多关键字密文查询方案[J]. 通信学报, 2017,38(8): 183-193.
	WU Q Y , MA J F , LI H ,et al. Multi-keyword search over encrypted data with user revocation[J]. Journal on Communications, 2017,38(8): 183-193.
[20]	WANG C , CHOW S S M , WANG Q ,et al. Privacy-preserving public auditing for secure cloud storage[J]. IEEE Trans Computers, 2013,62(2): 362-375.
[21]	YU J , REN K , WANG C ,et al. Enabling cloud storage auditing with key-exposure resistance[J]. IEEE Trans Inf Forensics Secur, 2015,10(6): 1167-1179.
[22]	HUO H , JIANG T , TAN S ,et al. Efficient public integrity auditing with secure deduplication in cloud computing[J]. Int J Embed Syst, 2019,11(6): 764-777.
[23]	LI Y , YU Y , MIN G ,et al. Fuzzy identity-based data integrity auditing for reliable cloud storage systems[J]. IEEE Trans Dependable Secur Comput, 2019,16(1): 72-83.

Metrics

Recommended 0

No Suggested Reading articles found!

Proof of storage with corruption identification and recovery for dynamic group users

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 15

References 23

Related Articles 8

Metrics

Recommended 0

[1]	Chenghao YUAN, Yong LI, Shuang REN. Dynamic multi-keyword searchable encryption scheme [J]. Chinese Journal of Network and Information Security, 2023, 9(2): 143-153.
[2]	Lin JIN, Youliang TIAN. Multi-authority attribute hidden for electronic medical record sharing scheme based on blockchain [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 66-76.
[3]	Jiashun ZHOU, Na WANG, Xuehui DU. Multi-party efficient audit mechanism for data integrity based on blockchain [J]. Chinese Journal of Network and Information Security, 2021, 7(6): 113-125.
[4]	Kang QIAO,Wei YOU,Lingwei WANG,Hongbo TANG. Data sharing scheme for 5G IoT based on blockchain [J]. Chinese Journal of Network and Information Security, 2020, 6(4): 45-55.
[5]	Zhangjian HUANG,Guohua YE,Zhiqiang YAO. D2D data sharing partner selection mechanism based on privacy degree and stability degree [J]. Chinese Journal of Network and Information Security, 2019, 5(6): 31-41.
[6]	Xiao YU,Li TIAN,Zhe LIU,Jie WANG. Research and realization on USBKEY based network storage user data protection [J]. Chinese Journal of Network and Information Security, 2018, 4(6): 62-69.
[7]	Jiao LIANG,Wu LIU,Wei-li HAN,Xiao-yang WANG,Si-yu GAN,Shuo SHEN. Code security of mobile backup modules on the Android platform [J]. Chinese Journal of Network and Information Security, 2017, 3(1): 68-78.
[8]	Tao FENG,Xiao-yu YIN. Research on privacy preserving mechanism of attribute-based encryption cloud storage [J]. Chinese Journal of Network and Information Security, 2016, 2(7): 8-17.