云存储中数据完整性的聚合盲审计方法

doi:10.11959/j.issn.1000-436x.2015267

Abstract

Abstract:

To solve the problem of data integrity in cloud storage,an aggregated privacy-preserving auditing scheme was proposed.To preserve data privacy against the auditor,data proof and tag proof were encrypted and combined by using the bilinearity property of the bilinear pairing on the cloud server.Furthermore,an efficient index mechanism was designed to support dynamic auditing,which could ensure that data update operations did not lead to high additional computation or communication cost.Meanwhile,an aggregation method for different proofs was designed to handle multiple auditing requests.Thus the proposed scheme could also support batch auditing for multiple owners and multiple clouds and multiple files.The communication cost of batch auditing was independent of the number of auditing requests.The theoretical analysis and experimental results show that the proposed scheme is provably secure.Compared with existing auditing scheme,the efficacy of the proposed individual auditing and batch auditing improves 21.5% and 31.8% respectively.

Key words: cloud storage, data integrity, privacy-preserving auditing, dynamic auditing, batch auditing

Kai HE,Chuan-he HUANG,Xiao-mao WANG,Jing WANG,Jiao-li SHI. Aggregated privacy-preserving auditing for cloud data integrity[J]. Journal on Communications, 2015, 36(10): 119-132.

Figures/Tables 8

初始化				修改m₂				在m₂前插入m_n+1				删除m₁
i	B_i	V_i	T_i	i	B_i	V_i	T_i	i	B_i	V_i	T_i	i	B_i	V_i	T_i
1	1	1	T₁	1	1	1	T₁	1	1	1	T₁	$\frac{3}{2}$	n+1	1	T_n+1
2	2	1	T₂	2	2	2	$T_{2}^{*}$	$\frac{3}{2}$	n+1	1	T_n+1	2	2	2	$T_{2}^{*}$
$⋮$	$⋮$	$⋮$	$⋮$	$⋮$	$⋮$	$⋮$	$⋮$	2	2	2	$T_{2}^{*}$	$⋮$	$⋮$	$⋮$	$⋮$
$⋮$	$⋮$	$⋮$	$⋮$	$⋮$	$⋮$	$⋮$	$⋮$	$⋮$	$⋮$	$⋮$	$⋮$	$⋮$	$⋮$	$⋮$	$⋮$
n	n	1	T_n	n	n	1	T_n	n	n	1	T_n	n	n	1	T_n

方案	存储开销	计算开销				通信开销
		单审计		批量审计		单审计		批量审计
		Prove	Verify	Prove	Verify	Challenge	Prove	Challenge	Prove
WANG	$3 \| F \| + \frac{\| F \|}{s}$	(c+s)E+cM+sP	(c+s+1)E+(2s+c)M+2M+2P	K(c+s)E+K(c+ M1)+KsP	K(c+s+1)E+K(2s+c)M+2M+(K+1)P	c(\|i\|+\|v_i\|)	(2s+1)\|p\|	c(\|i\|+\|v_i\|)	K(2s+1)\|p\|
YANG	$\| F \| + \frac{\| F \|}{s}$	(c+s)E+cM+sP	(c+1)E+(c+)M+2P	K(c+s)E+KcM+KsP	(Sc+1)E+S(c+2)M+(K+1)P	c(\|i\|+\|v_i\|)+s\|p\|	2\|p\|	cK(\|i\|+\|v_i\|)+Ks\|p\|	2S\|p\|
本文方案	$\| F \| + \frac{\| F \|}{s}$	(c+s)E+(c+s)M+2P	cE+(s+c)M+2M+P	K(c+s)E+K(c+s)M+(K+S)P	KcE+KsM+(2S+Kc)M+KP	c(\|i\|+\|v_i\|)+(s+2)\|p\|	\|p\|	cS(\|i\|+\|v_i\|)+(K+S+s)\|p\|	S \|p\|
注：\|F\|是数据文件的大小，
\|i\|是数据块索引的大小，
\|v_i\|是随机值v_i 的大小，
c 是质询块的数量，
s是块内元素的数量，
\|p\|是整数Z_p或群G中元素的大小，
K是审计任务的数量，
S 是云服务器的数量。

References 26

[1]	ARMBRUST M , FOX A , GRIFFITH A ,et al. A view of cloud computing[J]. Commun ACM, 2010,53(4): 50-58.
[2]	冯登国, 张敏, 张妍 ,等. 云计算安全研究[J]. 软件学报, 2011,22(1): 71-83. FENG D G , ZHANG M , ZHANG Y ,et al. Study on cloud computing security[J]. Journal of Software, 2011,22(1): 71-83.
[3]	BAIRAVASUNDARAM L N , GOODSON G R , PASUPATHY S ,et al. An analysis of latent sector errors in disk drives[A]. Proc of ACM SIGMETRICS Int’l Conf Measurement and Modeling of Computer Systems[C]. 2007. 289-300.
[4]	SCHROEDER B , GIBSON G A . disk failures in the real world:what does an MTTF of 1 000 000 hours mean to you[A]. Proc of USENIX Conf File and Storage Technologies[C]. 2007. 1-16.
[5]	WANG H , ZHANG Y . On the knowledge soundness of a cooperative provable data possession scheme in multicloud storage[J]. IEEE Transactions on Parallel and Distributed Systems, 2014,25(1): 264-267.
[6]	NI J , YU Y , Mu Y ,et al. On the security of an efficient dynamic auditing protocol in cloud storage[J]. IEEE Transactions on Parallel and Distributed Systems, 2014,25(10): 2760-2761.
[7]	ATENIESE G , BURNS R , CURTMOLA R ,et al. Provable data possession at untrusted stores[A]. Proc of the 14th ACM Conference on Computer and Communications Security[C]. 2007. 598-609.
[8]	JUELS KALISKI B S . PORs:Proofs of retrievability for large files[A]. Proc of ACM CCS[C]. 2007. 584-597.
[9]	SHACHAM H , WATERS B . Compact proofs of retrievability[A]. Proc of the 14th International Conference on the Theory and Application of Cryptology and Information Security,Advances in Cryptology,ASIACRYPT’08[C]. Berlin,Heidelberg, 2008. 90-107.
[10]	WANG C , WANG Q , REN K ,et al. Privacy-preserving public auditing for data storage security in cloud computing[A]. Proc of IEEE INFOCOM[C]. 2010. 525-533.
[11]	WANG C , WANG Q , REN K ,et al. Privacy-preserving public auditing for secure cloud storage[J]. IEEE Transactions on Computers, 2013,62(2): 362-375.
[12]	WANG C , WANG Q , REN K ,et al. Toward secure and dependable storage services in cloud computing[J]. IEEE Transactions on Services Computing, 2012,5(2): 220-232.
[13]	ZHU Y , HU H , AHN G J ,et al. Cooperative provable data possession for integrity verification in multi-cloud storage[J]. IEEE Transactions on Parallel and Distributed Systems, 2012,23(12): 1-14.
[14]	HE K , HUANG C H , WANG J H ,et al. An efficient public batch auditing protocol for data security in multi-cloud storage[A]. Proc of China Grid[C]. 2013. 51-56.
[15]	YANG K , JIA X . An efficient and secure dynamic auditing protocol for data storage in cloud computing[J]. IEEE Transactions on Parallel and Distributed Systems, 2013,24(9): 1717-1726.
[16]	ATENIESE G , PIETRO R D , MANCINI L V ,et al. Scalable and efficient provable data possession[A]. Proc of the 4th International Conference on Security and Privacy in Communication Networks[C]. 2008. 1-10.
[17]	ERWAY C , KUPCCU A , PAPAMANTHOU C ,et al. Dynamic provable data possession[A]. Proc of the 16th ACM Conference on Computer and Communications Security[C]. 2009. 213-222.
[18]	WANG Q , WANG C , LI J ,et al. Enabling public verifiability and data dynamics for storage security in cloud computing[A]. Proc of ESORICS[C]. 2009. 355-370.
[19]	WANG Q , REN K , Yu S ,et al. Dependable and secure sensor data storage with dynamic integrity assurance[J]. ACM Transactions on Senor Networks(ToSN), 2011,8(1): 1-24.
[20]	WANG C , WANG Q , REN K ,et al. Enabling public verifiability and data dynamics for storage security in cloud computing[J]. IEEE Transactions on Parallel and Distributed Systems, 2011,22(5): 847-859.
[21]	ZHU Y , WANG H , HU Z ,et al. Dynamic audit services for integrity verification of outsourced storage in clouds[A]. Proc of ACM Symposium on Applied Computing[C]. 2011. 1550-1557.
[22]	ZHU Y , HU Z , AHN G J ,et al. Dynamic audit services for outsourced storages in clouds[J]. IEEE Transactions on Services Computing, 2013,6(2): 227-238.
[23]	BARSOUM A , HASAN A . Enabling dynamic data and indirect mutual trust for cloud computing storage systems[J]. IEEE Transactions on Parallel and Distributed Systems, 2013,24(12): 2375-2385.
[24]	LIU C , CHEN J , YANG L ,et al. Authorized public auditing of dynamic big data storage on cloud with efficient verifiable fine-grained updates[J]. IEEE Transactions on Parallel and Distributed Systems, 2014,25(9): 2234-2244.
[25]	WANG B , LI B , LI H . Panda:Public auditing for shared data with efficient user revocation in the cloud[J]. IEEE Transactions on Services Computing, 2014.
[26]	YUAN J , YU S . Efficient public integrity checking for cloud data sharing with multi-user modification[A]. Proc of IEEE INFOCOM[C]. 2014. 2121-2129.

Metrics

Recommended 0

No Suggested Reading articles found!

方案	盲审计	动态审计		批量审计			计算开销		通信开销
方案	盲审计	类型	开销	多所有者	多云服务器	多文件	审计者	服务器	审计者	服务器
PDP^[7]	N	N	N	N	N	N	O(Kc)	O(Kc)	O(Kc)	O(K)
POR^[8,9]	N	N	N	N	N	N	O(Kc+Ks)	O(Kc+Ks)	O(Kc)	O(Ks)
ZHU^[13,22]	Y	索引表	O(n)	N	Y	N	O(Kc+Ks)	O(Kcs)	O(Kc)	O(Ks)
WANG^[11]	Y	散列树	O(lg n)	Y	N	N	O(Kcs)	O(Kcs)	O(Kc)	O(Ks)
YANG^[15]	Y	索引表	O(n)	Y	Y	N	O(Kc)	O(Kcs)	O(Kc)	O(S)
c是质询块的数量，
s是块内元素的数量，
K是审计任务的数量，
S是云服务器的数量。
计算开销和通信开销是
考虑批量审计的开销，
对于不支持批量审计的方
案相当于执行K次单审计。

Aggregated privacy-preserving auditing for cloud data integrity

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 8

References 26

Related Articles 15

Metrics

Recommended 0

[1]	Guanxiong HA, Qiaowen JIA, Hang CHEN, Chunfu JIA. Data popularity-based encrypted deduplication scheme without third-party servers [J]. Journal on Communications, 2022, 43(8): 17-29.
[2]	Tao FENG, Fanqi KONG, Chunyan LIU, Rong MA, Albettar Maher. Dual verifiable cloud storage scheme based on blockchain [J]. Journal on Communications, 2021, 42(12): 192-201.
[3]	Chunfu JIA, Guanxiong HA, Shaoqiang WU, Hang CHEN, Ruiqi LI. AONT-and-NTRU-based rekeying scheme for encrypted deduplication [J]. Journal on Communications, 2021, 42(10): 67-80.
[4]	Yang LIU, Jun LI, Wenyun CHEN, Mugen PENG. Research on endogenous security data sharing mechanism of F-RAN for 6G [J]. Journal on Communications, 2021, 42(1): 67-78.
[5]	Junfeng TIAN,Yanbiao WANG,Xinfeng HE,Juntao ZHANG,Wanhe YANG,Ya’nan PANG. Survey on the causal consistency of data [J]. Journal on Communications, 2020, 41(3): 154-167.
[6]	Wenlong KE,Yong WANG,Miao YE,Junqi CHEN. Priority differentiated multicast flow scheduling method in Ceph cloud storage network [J]. Journal on Communications, 2020, 41(11): 40-51.
[7]	Lei SUN,Zhiyuan ZHAO,Jianhua WANG,Zhiqiang ZHU. Attribute-based encryption scheme supporting attribute revocation in cloud storage environment [J]. Journal on Communications, 2019, 40(5): 47-56.
[8]	Xiangsong ZHANG,Chen LI,Zhenhua LIU. Key-exposure resilient integrity auditing scheme with encrypted data deduplication [J]. Journal on Communications, 2019, 40(4): 95-106.
[9]	Miaomiao TIAN,Chuang GAO,Jie CHEN. Identity-based cloud storage integrity checking from lattices [J]. Journal on Communications, 2019, 40(4): 128-139.
[10]	Junfeng TIAN,Mengjia CHAI,Liuling QI. Provable data possession scheme based on public verification and private verification [J]. Journal on Communications, 2019, 40(3): 48-59.
[11]	Ruizhong DU,Pengliang SHI,Xinfeng HE. Cloud data assured deletion scheme based on overwrite verification [J]. Journal on Communications, 2019, 40(1): 130-140.
[12]	Junfeng TIAN,Tianle LI. Data integrity verification based on model cloud federation of TPA [J]. Journal on Communications, 2018, 39(8): 113-124.
[13]	Xincheng YAN,Yue CHEN,Hongyong JIA,Yanru CHEN,Xinyue ZHANG. Secure data sharing scheme supporting efficient synchronous evolution for ciphertext and key [J]. Journal on Communications, 2018, 39(5): 123-133.
[14]	Yue CHEN,Longjiang WANG,Xincheng YAN,Xinyue ZHANG. Mimic storage scheme based on regenerated code [J]. Journal on Communications, 2018, 39(4): 21-34.
[15]	Shaohui WANG,Xiaoxiao PAN,Zhiwei WANG,Fu XIAO,Ruchuan WANG. Analysis and improvement on identity-based cloud data integrity verification scheme [J]. Journal on Communications, 2018, 39(11): 98-105.