| 云存储中支持数据去重的群组数据持有性证明 |
| |
| 引用本文: | 王宏远,祝烈煌,李龙一佳. 云存储中支持数据去重的群组数据持有性证明[J]. 软件学报, 2016, 27(6): 1417-1431 |
| |
| 作者姓名: | 王宏远 祝烈煌 李龙一佳 |
| |
| 作者单位: | 北京理工大学 计算机学院, 北京 100081,北京理工大学 计算机学院, 北京 100081,北京理工大学 计算机学院, 北京 100081 |
| |
| 基金项目: | National Science Foundation of China under Grant No. 61272512 and No. 61100172, National 863 Plans Projects No. 2013AA01A214, Program for New Century Excellent Talents in University (NCET-12-0046), and Beijing Natural Science Foundation No. 4121001. |
| |
| 摘 要: | 数据持有性证明(Provable Data Possession,简称PDP)和数据可恢复性证明 (Proofs of Retrievability,简称POR)是客户端用来验证存储在云端服务器上的数据完整性的主要技术.近几年它在学术界和工业界的应用广泛,很多PDP和POR方案相继出现,但是由于不同群组的特殊性和独特要求,使得群组PDP/POR方案多样化,并且群组应用中的许多重要功能(例如数据去重)没有被实现,如何构造高效及满足群组特定功能和安全需求的PDP/POR方案已经引起了人们的广泛关注.本文给出了一个支持数据去重的群组PDP方案(GPDP),基于矩阵计算和伪随机函数,GPDP可以在支持数据去重的基础上,高效的完成数据持有性证明,并且可以在群组中抵抗恶意方选择成员攻击.在标准模型下证明了GPDP的安全性,并且在百度云平台上实现了GPDP的原型系统.为了评估方案的性能,我们使用了10GB的数据量进行实验和分析,结果表明GPDP方案在达到群组中数据去重的目标基础上,可以高效地保证抵抗选择攻击和数据持有性,即预处理效率高于私有验证方案,而验证效率高于公开验证方案(与私有验证效率几乎相同).另外,与其他群组PDP/POR方案相比,GPDP方案将额外存储代价和通信代价都降到了最低.
|
| 关 键 词: | 群组数据持有性证明 选择攻击 数据去重 云存储 云计算 |
| 收稿时间: | 2015-08-13 |
| 修稿时间: | 2015-10-09 |
Group Provable Data Possession with Deduplication in Cloud Storage |
| |
| WANG Hong-Yuan,ZHU Lie-Huang and LI Long-Yi-Jia. Group Provable Data Possession with Deduplication in Cloud Storage[J]. Journal of Software, 2016, 27(6): 1417-1431 |
| |
| Authors: | WANG Hong-Yuan ZHU Lie-Huang LI Long-Yi-Jia |
| |
| Affiliation: | School of Computer, Being Institute of Technology, Beijing 100081, China;Beijing Engineering Research Center of Massive Language Information Processing and Cloud Computing Application,School of Computer, Being Institute of Technology, Beijing 100081, China;Beijing Engineering Research Center of Massive Language Information Processing and Cloud Computing Application and School of Computer, Being Institute of Technology, Beijing 100081, China;Beijing Engineering Research Center of Massive Language Information Processing and Cloud Computing Application |
| |
| Abstract: | Provable Data Possession (PDP) and Proofs of Retrievability (POR) are techniques for a client to verify the integrity of outsourced data in cloud storage. Recently, numerous PDP and POR schemes have been proposed since they are widely used in academic and industrial community. However, due to the particularity and unique requirements of different groups, PDP/POR schemes are various and many functionalities such as data deduplication have not been implemented. How to construct an efficient group PDP/POR scheme to meet these unique requirements of functionality and security has received much concern. In this paper, we present a group PDP with deduplication (GPDP). Based on matrix calculation and pseudo-random function, GPDP can efficiently guarantee data possession with deduplication, as well as against selective opening attacks of a malicious party. We prove the security of GPDP in the standard model and implement the prototype based on GPDP scheme in a realistic cloud platform of Baidu. To evaluate the performance of GPDP, we utilize data size of 10GB for experiments and analysis. The result of experiments shows that GPDP can guarantee data possession efficiently with deduplication and against selective opening attacks, i.e. the performance is superior to private schemes in the phase of pre-process and public schemes in the phase of verification (as efficient as private scheme in the phase of verification). Additionally, GPDP reduces the extra storage cost and communication cost to a minimum than the other PDP/POR schemes applied in a group. |
| |
| Keywords: | Group provable data possession Selective opening attacks Deduplication Cloud storage Cloud computing |
|
| 点击此处可从《软件学报》浏览原始摘要信息 |
|
点击此处可从《软件学报》下载全文 |
|
