基于身份的组用户数据完整性验证方案

云存储系统为用户提供大容量、高访问效率、价格合理的存储服务.然而，使用云存储服务的用户，一旦将文件上传至CSP （cloud server provider），便失去了数据的绝对控制权.众所周知，CSP并不可靠.因此，云上存储的数据是否完整，成为值得深入探讨的问题.在公共云存储环境中，将公司、机构或组织定义为一个组，组内由负责人进行管理.组内用户为便于使用云存储服务，可借助于组负责人进行统一操作.这种场景下，为解决位于同一组内的用户数据完整性验证问题，提出了一个组用户数据完整性验证方案.为协助组内用户进行一系列操作，方案提出了代理这一实体.方案基于IBE （identity-based encryption）进行标签的设计，摆脱了复杂的证书管理问题.在数据完整性验证阶段，通过采用随机抽样的方式，减少了系统的性能开销.借助于随机预言机模型，该方案被证明是安全的.且通过的一系列的性能分析与评估，验证了该方案是可行的.

Identity-based Group User Data Integrity Verification Scheme

Cloud storage systems provide users with storage services with large capacity, high access efficiency, and reasonable prices. Nevertheless, the users who use cloud storage services will lose absolute control over the data once they upload files to the CSP. As it is well known, CSP (cloud server provider) is not reliable. Whether the data on the cloud is with integrity has become a problem worth considering. Under the public cloud storage environment, this study defines a company, organization or organization as a group, and the group is managed by the person in charge who can help the users in the group using the cloud storage service conveniently. In this scenario, to solve the problem of user data integrity verification in the same group, a data integrity verification scheme is proposed for group users in this study. To assist users in one group to carry out a series of operations, an entity named Agency is proposed. In this scheme, the design of the tag is based on IBE (identity-based encryption), which frees the users from complicated certificate management. In the integrity verification process, by adopting random sampling, the performance overhead of the system is greatly reduced. With the help of the random oracle model, the security of the proposed scheme is proved. A practical experiment validates the feasibility of the scheme in the end.