首页 | 本学科首页   官方微博 | 高级检索  
     

面向公有云的数据完整性公开审计方案
引用本文:缪俊敏,冯朝胜,李敏,刘霞. 面向公有云的数据完整性公开审计方案[J]. 计算机应用, 2018, 38(10): 2892-2898. DOI: 10.11772/j.issn.1001-9081.2018030510
作者姓名:缪俊敏  冯朝胜  李敏  刘霞
作者单位:1. 四川师范大学 计算机科学学院, 成都 610101;2. 电子科技大学 信息与软件工程学院, 成都 610054
基金项目:国家自然科学基金资助项目(61373163);国家科技支撑计划项目(2014BAH11F02);四川省科技支撑计划项目(2015GZ079)。
摘    要:针对云数据完整性公开审计中隐私泄漏给第三方审计者(TPA)以及云存储服务器(CSS)发起替代攻击的问题,提出一种面向公有云的数据完整性公开审计方案。该方案首先利用哈希值混淆方法,模糊化云存储服务器返回的证据,以防止TPA分析证据计算出原始数据;然后,在审计过程中,由TPA自行计算出文件Merkle哈希树(MHT)对应挑战请求所选数据块的覆盖树,并与CSS返回的覆盖树作结构匹配,以防止云存储服务器用其他已有数据响应审计挑战。实验结果表明,该方案解决了现有方案隐私问题及攻击问题后,在计算开销、存储开销和通信开销方面的性能不会有数量级变化。

关 键 词:云数据  完整性验证  公开审计  隐私保护  替代攻击  覆盖树  
收稿时间:2018-03-13
修稿时间:2018-04-25

Public auditing scheme of data integrity for public cloud
MIAO Junmin,FENG Chaosheng,LI Min,LIU Xia. Public auditing scheme of data integrity for public cloud[J]. Journal of Computer Applications, 2018, 38(10): 2892-2898. DOI: 10.11772/j.issn.1001-9081.2018030510
Authors:MIAO Junmin  FENG Chaosheng  LI Min  LIU Xia
Affiliation:1. School of Computer Science, Sichuan Normal University, Chengdu Sichuan 610101, China;2. School of Information and Software engineering, University of Electronic Science and Technology of China, Chengdu Sichuan 610054, China
Abstract:Aimming at the problem of leaking privacy to Third-Party Auditors (TPA) and initiating alternative attacks by Cloud Storage Server (CSS) in public auditing, a new public auditing scheme of data integrity for public cloud was proposed. Firstly, the hash value obfuscation method was used to obfuscate the evidence returned by the cloud storage server to prevent TPA from analyzing and calculating the original data. Then during the audit process, TPA itself calculated the overlay tree of the Merkle Hash Tree (MHT) corresponding to the challenge request, and matched with the overlay tree returned by CSS to prevent the cloud storage server from responding to audit challenges with other existing data. Experimental results show that the performance in terms of computational overhead, storage overhead and communication overhead does not change by orders of magnitude after solving the privacy and attack problems of the existing scheme.
Keywords:cloud data  integrity authentication  public auditability  privacy protection  alternative attack  overlay tree  
点击此处可从《计算机应用》浏览原始摘要信息
点击此处可从《计算机应用》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号