共享所有权证明：协作云数据安全去重新方法

doi:10.11959/j.issn.1000-436x.2017139

Abstract

Abstract:

In order to solve the problems of secure access and deduplication to the shared file in the cloud environment,a novel notion called proof of shared ownership (PoSW) was formalized,and a formal definition of the PoSW was given.Furthermore,a PoSW scheme and an enhanced version of that were proposed.In the PoSW scheme,secure shared file dispersal,convergent encryption and secret sharing algorithm were employed to transform the shared file realize the sharing and authorization for the shared file,and then a novel challenge-response protocol was proposed to achieve the proof of shared ownership and the foundation for the secure deduplication of the shared file was provided.An enhanced PoSW scheme was designed to improve the availability and reliability for different kinds of the shared files by introducing the multi-cloud server providers and using the strategies of both data duplication and secret file dispersal.Security analysis and performance evaluation show the security and efficiency of the proposed scheme.

Key words: proof of shared ownership, secure deduplication, convergent encryption, secure file dispersal, cloud storage

CLC Number:

TP309.2

Jin-bo XIONG,Su-ping LI,Yuan-yuan ZHANG,Xuan LI,EA-yong Y,Zhi-qiang YAO. PoSW:novel secure deduplication scheme for collaborative cloud applications[J]. Journal on Communications, 2017, 38(7): 18-27.

Figures/Tables 9

方案	客户端计算开销	客户端读写开销	云服务器初始化读写开销	云服务器初始化计算开销	云服务器常规计算开销	云服务器内存开销
文献[17]方案	O(z)· hash	O(z)	O(z)	O(z)·hash	O(Q ·λ)· PRF	O(Q ·λ)
文献[18]方案	O(z)· hash	O(z)	O(z)	O(z)·hash	$O (\frac{l \cdot λ (\lg \frac{1}{p_{f}})}{p_{f}}) \cdot h a s h$	$O (\frac{\lg (\frac{1}{p_{f}})}{l})$
文献[19]方案	O(b)·CE· hash·hash	O(z)	O(z)	O(b) hash ·hash	O(Q lλ)·PRNG	O(Q lλ)
PoSW	O(b)·CE· hash·hash·SF	O(z)	O(z)	O(0)	O(Q lλ)·PRNG	O(Q lλ)
PoSW扩展方案1	O(b)·CE· hash·hash·SF	O(z)	O(z)	O(0)	O(Q lλ)·PRNG	O(Q lλ)
PoSW扩展方案2	O(b)·CE· hash·hash·SF	O(z)	O(z)	O(0)	O(Q lλ)·PRNG · SF	O(Q lλ)

References 29

[1]	WU D , YANG B , WANG H ,et al. Privacy-preserving multimedia big data aggregation in large-scale wireless sensor networks[J]. ACM Transactions on Multimedia Computing,Communications and Applications, 2016,12(4): 1-19.
[2]	XIONG J B , LI F H , MA J F ,et al. A full lifecycle privacy protection scheme for sensitive data in cloud computing[J]. Peer-to-Peer Networking and Applications, 2015,8(6): 1025-1037.
[3]	MITTAL S , VETTERJ S . A survey of architectural approaches for data compression in cache and main memory systems[J]. IEEE Transactions on Parallel and Distributed Systems, 2016,27(5): 1524-1536.
[4]	HARNIK D,PINKASB,SHULMAN-PELEGA , PINKASB , SHULMAN-PELEGA , . Side channels in cloud services:deduplication in cloud storage[J]. IEEE Security ＆Privacy, 2010,8(6): 40-47.
[5]	熊金波, 张媛媛, 李凤华 ,等. 云环境中数据安全去重研究进展[J]. 通信学报, 2016,37(11): 169-180.
	XIONG J B , ZHANG Y Y , LI F H ,et al. Research progress on secure data deduplication in cloud[J]. Journal on Communications, 2016,37(11): 169-180.
[6]	LIU J , ASOKAN N , PINKAS B . Secure deduplication of encrypted data without additional independent servers[C]// The 22nd ACM SIGSAC Conference on Computer and Communications Security. 2015: 874-885.
[7]	MEYER D , BOLOSKY W . A study of practical deduplication[J]. ACM Transactions on Storage (TOS), 2012,7(4): 14-26.
[8]	DOUCEUR J , ADYA A , BOLOSKY W ,et al. Reclaiming space from duplicate files in a serverless distributed file system[C]// The 22nd IEEE International Conference on Distributed Computing Systems. 2002: 617-624.
[9]	STANEK J , SORNIOTTI A , ANDROULAKI E ,et al. A secure data deduplication scheme for cloud storage[C]// The Financial Cryptography and Data Security. 2014: 99-118.
[10]	LI M , QIN C , LI J ,et al. CDStore:toward reliable,secure,and cost-efficient cloud storage via convergent dispersal[J]. IEEE Internet Computing, 2016,20(3): 45-53.
[11]	BELLARE M , KEELVEEDHI S , RISRENPART T . Message-locked encryption and secure deduplication[C]// The Advances in Cryptology-EUROCRYPT 2013. 2013: 296-312.
[12]	BELLARE M , KEELVEEDHI S , RISTENPART T . DupLESS:server-aided encryption for deduplicated storage[C]// The 22nd Usenix Conference on Security,Berkeley. 2013: 179-194.
[13]	杨超, 纪倩, 熊思纯 ,等. 新的云存储文件去重删除方法[J]. 通信学报, 2017,38(3): 25-33.
	YANG C , JI Q , XIONG S C ,et al. New method for file deduplication in cloud storage[J]. Journal on Communications, 2017,38(3): 25-33.
[14]	LI J , QIN C , LEE P P C ,et al. Rekeying for encrypted deduplication storage[C]// The 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. 2016: 618-629.
[15]	QIN C , LI J , LEE P P C . The design and implementation of a rekeying-aware encrypted deduplication storage system[J]. ACM Transactions on Storage, 2017,13(1): 9: 1-9: 30.
[16]	HALEVI S , HARNIK D , PINKAS B ,et al. Proofs of ownership in remote storage systems[C]// The 18th ACM Conference on Computer and Communications Security. 2011: 491-500.
[17]	PIETRO R D , SORNIOTTI A . Boosting efficiency and security in proof of ownership for deduplication[C]// The 7th ACM Symposium on Information,Computer and Communications Security. 2012: 81-82.
[18]	BLASCO J , PIETRO R D , ORFILA A ,et al. A tunable proof of ownership scheme for deduplication using bloom filters[C]// The 2014 IEEE Conference on Communications and Network Security (CNS). 2014: 481-489.
[19]	GONZáLEZ-MANZANO L , ORFILA A . An efficient confidentiality-preserving proof of ownership for deduplication[J]. Journal of Network and Computer Applications, 2015,50: 49-59.
[20]	SORIENTE C , KARAME G , RITZDORF H ,et al. Commune:shared ownership in an agnostic cloud[C]// The 20th ACM Symposium on Access Control Models and Technologies. 2015: 39-50.
[21]	LI J , CHEN X , HUANG X ,et al. Secure distributed deduplication systems with improved reliability[J]. IEEE Transactions on Computers, 2015,64(12): 3569-3579.
[22]	SHAMIR A . How to share a secret[J]. Communications of the ACM, 1979,22(11): 612-613.
[23]	毛波, 叶阁焰, 蓝琰佳 ,等. 一种基于重复数据删除技术的云中云存储系统[J]. 计算机研究与发展, 2015,52(6): 1278-1287.
	MAO B , YE G Y , LAN Y J ,et al. A data deduplication-based primary storage system in cloud-of-clouds[J]. Journal of Computer Research and Development, 2015,52(6): 1278-1287.
[24]	ABU-LIBDEH H , PRINCEHOUSE L , WEATHERSPOON H . RACS:a case for cloud storage diversity[C]// The 1st ACM Symposium on Cloud Computing. 2010: 229-240.
[25]	刘莎, 楚传仁 . 基于文件等级的Ceph数据冗余存储策略的研究[J]. 信息网络安全, 2016(4): 50-54.
	LIU S , CHU C R . Research on data placement strategy for Ceph based on file level[J]. Netinfo Security, 2016 (4): 50-54.
[26]	BESSANI A , CORREIA M , QUARESMA B ,et al. DepSky:dependable and secure storage in a cloud-of-clouds[J]. ACM Transactions on Storage (TOS), 2013,9(4): 31-46.
[27]	李凤华, 李晖, 贾焰 ,等. 隐私计算研究范畴及发展趋势[J]. 通信学报, 2016,37(4): 1-11.
	LI F H , LI H , JIA Y ,et al. Privacy computing:concept,connotation and its research trend[J]. Journal on Communications, 2016,37(4): 1-11.
[28]	熊金波, 李凤华, 王彦超 ,等. 基于密码学的云数据确定性删除研究进展[J]. 通信学报, 2016,37(8): 167-184.
	XIONG J B , LI F H , WANG Y C ,et al. Research progress on cloud data assured deletion based on cryptography[J]. Journal on Communications, 2016,37(8): 167-184.
[29]	XIONG J B , LIU X , YAO Z ,et al. A secure data self-destructing scheme in cloud computing[J]. IEEE Transactions on Cloud Computing, 2014,2(4): 448-458.

Metrics

Recommended 0

No Suggested Reading articles found!

符号	符号描述
f	协作云应用产生的共享文件
f[i]	共享文件f的第i个文件块
z	共享文件f的长度
b	文件块长度
k_i	第i个文件块的加密密钥，k_i=H₂(f[i])
Θ[i]	共享文件的第i个密文块
id[i]	第i个所有者的id
token	文件块标识符token[i]←H₂(Θ[i])
n	token的数量
h_f	h_f ←H ₁(token)，共享文件的标识符
SO_i	共享文件的第i位所有者
H₁,H₂,H₃	抗碰撞散列函数
λ	安全参数

PoSW:novel secure deduplication scheme for collaborative cloud applications

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 9

References 29

Related Articles 15

Metrics

Recommended 0

[1]	Guanxiong HA, Qiaowen JIA, Hang CHEN, Chunfu JIA. Data popularity-based encrypted deduplication scheme without third-party servers [J]. Journal on Communications, 2022, 43(8): 17-29.
[2]	Tao FENG, Fanqi KONG, Chunyan LIU, Rong MA, Albettar Maher. Dual verifiable cloud storage scheme based on blockchain [J]. Journal on Communications, 2021, 42(12): 192-201.
[3]	Chunfu JIA, Guanxiong HA, Shaoqiang WU, Hang CHEN, Ruiqi LI. AONT-and-NTRU-based rekeying scheme for encrypted deduplication [J]. Journal on Communications, 2021, 42(10): 67-80.
[4]	Junfeng TIAN,Yanbiao WANG,Xinfeng HE,Juntao ZHANG,Wanhe YANG,Ya’nan PANG. Survey on the causal consistency of data [J]. Journal on Communications, 2020, 41(3): 154-167.
[5]	Wenlong KE,Yong WANG,Miao YE,Junqi CHEN. Priority differentiated multicast flow scheduling method in Ceph cloud storage network [J]. Journal on Communications, 2020, 41(11): 40-51.
[6]	Lei SUN,Zhiyuan ZHAO,Jianhua WANG,Zhiqiang ZHU. Attribute-based encryption scheme supporting attribute revocation in cloud storage environment [J]. Journal on Communications, 2019, 40(5): 47-56.
[7]	Xiangsong ZHANG,Chen LI,Zhenhua LIU. Key-exposure resilient integrity auditing scheme with encrypted data deduplication [J]. Journal on Communications, 2019, 40(4): 95-106.
[8]	Miaomiao TIAN,Chuang GAO,Jie CHEN. Identity-based cloud storage integrity checking from lattices [J]. Journal on Communications, 2019, 40(4): 128-139.
[9]	Junfeng TIAN,Mengjia CHAI,Liuling QI. Provable data possession scheme based on public verification and private verification [J]. Journal on Communications, 2019, 40(3): 48-59.
[10]	Ruizhong DU,Pengliang SHI,Xinfeng HE. Cloud data assured deletion scheme based on overwrite verification [J]. Journal on Communications, 2019, 40(1): 130-140.
[11]	Xincheng YAN,Yue CHEN,Hongyong JIA,Yanru CHEN,Xinyue ZHANG. Secure data sharing scheme supporting efficient synchronous evolution for ciphertext and key [J]. Journal on Communications, 2018, 39(5): 123-133.
[12]	Yue CHEN,Longjiang WANG,Xincheng YAN,Xinyue ZHANG. Mimic storage scheme based on regenerated code [J]. Journal on Communications, 2018, 39(4): 21-34.
[13]	Shaohui WANG,Xiaoxiao PAN,Zhiwei WANG,Fu XIAO,Ruchuan WANG. Analysis and improvement on identity-based cloud data integrity verification scheme [J]. Journal on Communications, 2018, 39(11): 98-105.
[14]	Bin WANG,Wei-min LI,Jin-fang SHENG,Si-nuo XIAO. TCCL:secure and efficient development of desktop cloud structure [J]. Journal on Communications, 2017, 38(Z1): 9-18.
[15]	Yan SONG,Zhen HAN,Jian-jun LI,Lei HAN. Research on cloud storage systems supporting secure sharing [J]. Journal on Communications, 2017, 38(Z1): 88-96.