| 可验证的云存储安全数据删重方法 |
| |
| 引用本文: | 咸鹤群,刘红燕,张曙光,侯瑞涛.可验证的云存储安全数据删重方法[J].软件学报,2020,31(2):455-470. |
| |
| 作者姓名: | 咸鹤群 刘红燕 张曙光 侯瑞涛 |
| |
| 作者单位: | 青岛大学 计算机科学技术学院, 山东 青岛 266071;综合业务网理论及关键技术国家重点实验室(西安电子科技大学), 陕西 西安 710071,青岛大学 计算机科学技术学院, 山东 青岛 266071;综合业务网理论及关键技术国家重点实验室(西安电子科技大学), 陕西 西安 710071,青岛大学 计算机科学技术学院, 山东 青岛 266071,青岛大学 计算机科学技术学院, 山东 青岛 266071 |
| |
| 基金项目: | 国家自然科学基金(61303197);综合业务网理论及关键技术国家重点实验室开放课题(ISN19-14);赛尔网络下一代互联网创新项目(NGII20170414) |
| |
| 摘 要: | 数据删重技术在云存储系统中得到了广泛的应用.如何在保证数据隐私的前提下,在半可信的云存储系统中实现高效的数据删重,是云计算安全领域的研究热点问题.现有方案在数据标识管理和用户数量统计方面普遍依赖于在线的可信第三方,执行效率有待提高,且容易造成系统瓶颈.提出了一种可验证的数据删重方法,无需可信第三方在线参与.基于双线性映射构造双文件标识方案进行流行度查询,确保标识不泄露数据的任何明文信息.采用改进的群签名方案,使用户可验证服务器返回的流行度标识,有效地防止云服务器伪造数据流行度的查询结果.设计了多层加密方案,可以根据数据的流行度,采用不同的加密方式.分析并证明了方案的安全性和正确性.通过仿真实验,验证了方案的可行性和高效性.
|
| 关 键 词: | 数据删重 双线性映射 群签名 广播加密 |
| 收稿时间: | 2018/3/3 0:00:00 |
| 修稿时间: | 2018/7/11 0:00:00 |
Verifiable Secure Data Deduplication Method in Cloud Storage |
| |
| XIAN He-Qun,LIU Hong-Yan,ZHANG Shu-Guang and HOU Rui-Tao.Verifiable Secure Data Deduplication Method in Cloud Storage[J].Journal of Software,2020,31(2):455-470. |
| |
| Authors: | XIAN He-Qun LIU Hong-Yan ZHANG Shu-Guang and HOU Rui-Tao |
| |
| Affiliation: | College of Computer Science and Technology, Qingdao University, Qingdao 266071, China;State Key Laboratory of Integrated Services Networks(Xidian University), Xi''an 710071, China,College of Computer Science and Technology, Qingdao University, Qingdao 266071, China;State Key Laboratory of Integrated Services Networks(Xidian University), Xi''an 710071, China,College of Computer Science and Technology, Qingdao University, Qingdao 266071, China and College of Computer Science and Technology, Qingdao University, Qingdao 266071, China |
| |
| Abstract: | Data deduplication technology has been widely applied in cloud storage systems. Under the premise of ensuring data privacy, how to effectively perform deduplication in semi-trusted cloud storage environments becomes one of the primary issues in cloud computing security. Current schemes rely heavily on online trusted third parties to manage data labels and to keep track of the number of users. The trusted third party plays such a vital role in those schemes that it is indispensable even at the cost of unsatisfying efficiency and potential bottleneck. A verifiable secure data deduplication scheme in cloud storage is proposed, which doesnot require any online trusted third party. The dual-tag scheme based on bilinear mapping is adopted to conduct popularity check. The tag is used to retrieve files without leaking any exploitable information. A modified group signature scheme is designed to prevent the cloud server from forging popularity query results. Users can verify the authenticity of query results from the cloud server. The multi-layered cryptosystem is adopted in the proposed scheme, in which different encryption strategies are applied according to the popularity of specific data. The correctness and security of the proposed scheme are analyzed and proved. Simulation results show that the proposed scheme is secure and efficient. |
| |
| Keywords: | data deduplication bilinear mapping group signature broadcast encryption |
|
| 点击此处可从《软件学报》浏览原始摘要信息 |
|
点击此处可从《软件学报》下载全文 |
|
