基于分布式区块链的储能数据交互处理模型设计

随着对新型储能技术应用的推动和发展,分布式云储能成为新的研究热点及方向。为了解决云储能数据的安全性且实现数据的交互,设计了一套基于区块链的储能数据交互平台模型。该模型利用PoW共识及ECC椭圆曲线加密技术对云储能数据进行加密,并将其安全存储在分布式数据库中,从而保证了交易数据的完整性与安全性。在实验室环境下进行的攻击测试结果显示,所提出的模型具有较高的安全特性,还为云储能数据交互技术研究提供了理论方案支持。     

基于区块链的电子数据存证应用研究

随着信息技术的飞速发展,电子数据成为各类诉讼案件的关键证据,但是由于电子数据的虚拟性、易丢失、易篡改、技术依赖性等特点,导致电子数据容易被篡改或损坏,电子数据的完整性和真实性受到影响,降低了电子数据的证明力和采信度。区块链不易篡改、可追溯的特征天然适合解决电子数据的上述问题。将电子数据存证与区块链进行融合,构建基于HyperLedger Fabric架构的区块链电子数据存证方案,实现电子数据的安全可信存储,保证链上电子数据的真实性、完整性和可追溯性。     

基于区块链技术的电子数据证据共享平台研究

针对现有电子数据证据在公检法部门、司法鉴定机构线下流转过程中易丢失、难查询、难以保证唯一性和完整性等问题,提出一种基于区块链技术的电子数据证据共享平台技术实现方案。该平台融合了区块链技术、网络可信身份认证、可信时间、加密电子数据证据存取证管理等技术,解决了电子数据证据使用过程中因易伪造、易篡改难以保证真实性,司法鉴定中认定难、采信率低,公检法共享使用难的问题。通过该平台有效地实现电子数据证据在司法部门之间的线上流转,确保了电子数据证据的安全保护与高效共享。     

区块链上基于云辅助的密文策略属性基数据共享加密方案

针对云存储的集中化带来的数据安全和隐私保护问题,该文提出一种区块链上基于云辅助的密文策略属性基(CP-ABE)数据共享加密方案.该方案采用基于属性加密技术对加密数据文件的对称密钥进行加密,并上传到云服务器,实现了数据安全以及细粒度访问控制;采用可搜索加密技术对关键字进行加密,并将关键字密文上传到区块链(BC)中,由区块链进行关键字搜索保证了关键字密文的安全,有效地解决现有的云存储共享系统所存在的安全问题.该方案能够满足选择明文攻击下的不可区分性、陷门不可区分性和抗串联性.最后,通过性能评估,验证了该方案的有效性.     

区块链上基于云辅助的密文策略属性基数据共享加密方案

针对云存储的集中化带来的数据安全和隐私保护问题,该文提出一种区块链上基于云辅助的密文策略属性基(CP-ABE)数据共享加密方案。该方案采用基于属性加密技术对加密数据文件的对称密钥进行加密,并上传到云服务器,实现了数据安全以及细粒度访问控制;采用可搜索加密技术对关键字进行加密,并将关键字密文上传到区块链(BC)中,由区块链进行关键字搜索保证了关键字密文的安全,有效地解决现有的云存储共享系统所存在的安全问题。该方案能够满足选择明文攻击下的不可区分性、陷门不可区分性和抗串联性。最后,通过性能评估,验证了该方案的有效性。     

云存储应用中的加密存储及其检索技术

云计算自身的数据安全问题阻碍其推广应用。通过对数据进行加密可以保护企业及个人用户的数据隐私。对加密数据有效检索难以通过传统信息检索方式实现。文章在分析云存储应用中的存储安全技术基础上,针对加密存储的需求,基于常见的加密检索方法和相关技术,结合自己的研究成果,提出了一种基于全同态加密的检索方法,该方法能在一种程度上提高检索效率。     

基于区块链的产品合格证服务云平台的技术与应用研究

基于新时代对产品质量安全治理提出的新要求,以区块链技术为支撑,设计并推出了基于区块链的产品合格证服务云平台.通过试点应用证明,产品合格证服务云平台凭借数据安全性高、区块链防伪、智能终端硬件加密等功能优势,可以有效解决产品合格证现有问题,实现产品生产、检测能力验证、报告及时上传、合格证关联打印、经销商采购一码匹配、消费者...     

区块链上基于B+树索引结构的密文排序搜索方案

为了克服云存储不可信及云存储中密文检索效率低的问题,该文提出区块链上基于B+树的密文排序可搜索加密方案。该方案结合区块链技术解决了在互不了解的多方建立可靠信任的问题;使用向量空间模型降低了文本的复杂性实现了高效的文本检索系统;采用B+树的索引结构提高了区块链上密文交易的检索速度;利用加权统计(TF-IDF)算法实现了多关键词查询结果的排序。在随机预言机模型下,证明该方案是适应性不可区分安全的,通过效率对比分析,表明该方案在区块链上实现了高效的密文检索。     

基于区块链的多授权密文策略属性基等值测试加密方案

针对云环境下密文策略属性基加密方案中存在的密文检索分类困难与依赖可信第三方等问题,本文提出了一种基于区块链的多授权密文策略属性基等值测试加密方案．利用基于属性的等值测试技术,实现了支持属性级灵活授权的云端数据检索和分类机制,降低了数据用户对重复数据解密的计算开销．结合多授权属性基加密机制和区块链技术,实现了去中心化用户密钥生成．采用多属性授权机构联合分发密钥,有效抵抗用户和属性授权机构的合谋攻击．引入区块链和智能合约技术,消除了现有密文策略属性基密文等值测试方案中等值测试、数据存储与外包解密操作对可信云服务器的依赖．利用外包服务器执行部分解密计算,降低了用户本地的计算开销．将原始数据哈希和验证参数上传至区块链,保障外包服务器解密结果正确性和云端数据完整性．在随机预言模型下,基于判定性qparallel Bilinear Diffie-Hellman Exponent困难问题证明了本文方案在选择密文攻击下的单向性．与同类方案相比较,本文方案支持更多的安全属性,并具有较低的计算开销．     

基于区块链的多关键词模糊搜索加密方案

针对1对多数据密文共享中多关键词模糊匹配和用户公平性问题,该文提出一种基于区块链的多关键词模糊搜索加密方案。该文提出一种R-HashMap索引结构,通过使用对偶编码函数和位置敏感哈希函数来构建安全索引,并采用K最近邻算法来加密索引,通过计算欧式距离度量查询关键词向量与索引节点之间的相似性,实现多关键词模糊密文搜索。该文除了消除预定义词典和降低存储开销外,还在不增加搜索复杂度的前提下实现对安全索引的更新。此外,将以太坊区块链技术与可搜索加密方案相结合避免了恶意服务器对数据的篡改,使用智能合约作为可信第三方进行检索工作,不仅可以防止云服务器内部的关键词猜测攻击,还可以解决检索结果不正确的问题。通过安全性证明分析,该文不但满足自适应选择关键词语义安全性,还可以保护用户隐私和数据安全。将该文与其他方案进行实验对比,证明该文在保证精确度的前提下,时间开销上具有更好的效率优势。     

A survey on blockchain-based integrity auditing for cloud data

With the rapid advancement of cloud computing, cloud storage services have developed rapidly. One issue that has attracted particular attention in such remote storage services is that cloud storage servers are not enough to reliably save and maintain data, which greatly affects users’ confidence in purchasing and consuming cloud storage services. Traditional data integrity auditing techniques for cloud data storage are centralized, which faces huge security risks due to single-point-of-failure and vulnerabilities of central auditing servers. Blockchain technology offers a new approach to this problem. Many researchers have endeavored to employ the blockchain for data integrity auditing. Based on the search of relevant papers, we found that existing literature lacks a thorough survey of blockchain-based integrity auditing for cloud data. In this paper, we make an in-depth survey on cloud data integrity auditing based on blockchain. Firstly, we cover essential basic knowledge of integrity auditing for cloud data and blockchain techniques. Then, we propose a series of requirements for evaluating existing Blockchain-based Data Integrity Auditing (BDIA) schemes. Furthermore, we provide a comprehensive review of existing BDIA schemes and evaluate them based on our proposed criteria. Finally, according to our completed review and analysis, we explore some open issues and suggest research directions worthy of further efforts in the future.     

“互联网+电子政务”云平台构建及云存储安全策略研究

随着云计算、大数据、智慧城市、5G等新兴技术的快速发展,电子政务的体系架构、系统实施与安全保障技术迎来了新的机遇与挑战。同时,云计算在提供服务的同时也面临着诸多安全问题,信息资源的安全存储与用户隐私保护即是其中之一。本文首先基于云计算技术,设计了"互联网+电子政务"云平台的框架体系,然后针对电子政务服务体系中的云存储安全展开研究,提出了平台中信息资源全生命周期安全存储模型,以便保护信息资源在整个生命周期中都不会被攻击者获得。安全性分析表明,方案能够隐藏存储在云端的电子政务资源的特征,保障数据安全存储,并能对用户个人信息提供有效保护。     

一种有效率的方法用于检测云中数据的完整性(英文)

Cloud computing and storage services allow clients to move their data center and applications to centralized large data centers and thus avoid the burden of local data storage and maintenance.However,this poses new challenges related to creating secure and reliable data storage over unreliable service providers.In this study,we address the problem of ensuring the integrity of data storage in cloud computing.In particular,we consider methods for reducing the burden of generating a constant amount of metadata at the client side.By exploiting some good attributes of the bilinear group,we can devise a simple and efficient audit service for public verification of untrusted and outsourced storage,which can be important for achieving widespread deployment of cloud computing.Whereas many prior studies on ensuring remote data integrity did not consider the burden of generating verification metadata at the client side,the objective of this study is to resolve this issue.Moreover,our scheme also supports data dynamics and public verifiability.Extensive security and performance analysis shows that the proposed scheme is highly efficient and provably secure.     

利用挑战-响应实现云计算安全的XML查询

在云计算数据服务的基础上,对云计算中XML数据的完整性和完备性以及挑战-响应安全协议作了简要介绍,针对云平台中的安全的XML查询,提出了利用挑战-响应协议在云计算平台中实现安全的XML数据查询,在云计算平台中建立安全的XML数据查询系统架构,并分析安全的XML数据查询过程,实现安全的XML数据查询,保证查询返回结果的完整性和完备性。     

Electronic medical record data sharing scheme based on searchable encryption via consortium blockchain

Considering that it was difficult to share medical record data among different medical institutions in cloud storage,an electronic medical record data sharing scheme based on searchable encryption on blockchain was proposed.In order to realize the secure storage and sharing of electronic medical records in the scheme,the patient’s electronic medical record ciphertext was stored in the hospital server,the ciphertext hash value was stored in the private blockchain,and the keyword index was stored in the consortium blockchain.Searchable encryption was used to implement secure search of keywords in the consortium blockchain,and proxy re-encryption technology was used to realize the sharing of electronic medical records of patients by other data users.Security analysis shows that the proposed scheme can achieve ciphertext security and keyword security.Moreover,the performance of the scheme was analyzed by function analysis,computational efficiency analysis and numerical simulation.The performance analysis shows that the scheme can achieve high computational efficiency.     

Privacy-Preserving Public Auditing for Non-manager Group Shared Data

By the widespread use of cloud storage service, users get a lot of conveniences such as low-price file remote storage and flexible file sharing. The research points in cloud computing include the verification of data integrity, the protection of data privacy and flexible data access. The integrity of data is ensured by a challenge-and-response protocol based on the signatures generated by group users. Many existing schemes use group signatures to make sure that the data stored in cloud is intact for the purpose of privacy and anonymity. However, group signatures do not consider user equality and the problem of frameability caused by group managers. Therefore, we propose a data sharing scheme PSFS to support user equality and traceability meanwhile based on our previous work HA-DGSP. PSFS has some secure properties such as correctness, traceability, homomorphic authentication and practical data sharing. The practical data sharing ensures that the data owner won’t loss the control of the file data during the sharing and the data owner will get effective incentive of data sharing. The effective incentive is realized by the technology of blockchain. The experimental results show that the communication overhead and computational overhead of PSFS is acceptable.     

Secure Data Access and Sharing Scheme for Cloud Storage

Cloud storage is a new storage mode emerged along with the development of cloud computing paradigm. By migrating the data to cloud storage, the consumers can be liberated from building and maintaining the private storage infrastructure, and they can enjoy the data storage service at anywhere and anytime with high reliability and a relatively low cost. However, the security and privacy risks, especially the confidentiality and integrity of data seem to be the biggest hurdle to the adoption of the cloud storage applications. In this paper, we consider the secure data access and sharing issues for cloud storage services. Based on the intractability of the discrete logarithm problem, we design a secure data access and data sharing scheme for cloud storage, where we utilize the user authentication scheme to deal with the data access problem. According to our analysis, through our scheme, only valid user with the correct password and biometric can access to the cloud storage provider. Besides, the authorized users can access the rightful resources and verify the validity of the shared data, but cannot transfer the permission to any other party. At the same time, the confidentiality and integrity of data can be guaranteed.

     

基于区块链的细粒度云数据安全存储与删除方案

在基于云计算的存储与删除服务中,由于外包数据所有权和管理分离,现有的逻辑删除机制使云上的数据很容易暴露给未经授权的用户,甚至云服务器可能未遵循用户要求删除相应数据。为此,该文提出一种细粒度的安全云端数据存储与删除方案。基于椭圆曲线构造了基于密文策略的属性基加密以实现外包数据细粒度访问控制,应用区块链实现可公开验证的安全数据删除。该文方案具有责任可追踪性以及两方删除与可验证性等特性。理论分析与实验结果表明该文方案具有较好的安全性和较高的性能,能够满足云数据共享与安全删除的需求。