基于阿里云平台的密文数据安全去重系统的设计与实现

doi:10.3969/j.issn.1671-1122.2017.03.007

信息网络安全 ›› 2017, Vol. 17 ›› Issue (3): 39-45.doi: 10.3969/j.issn.1671-1122.2017.03.007

基于阿里云平台的密文数据安全去重系统的设计与实现

宋建业¹, 何暖², 朱一明¹, 付安民¹()

1.南京理工大学计算机科学与工程学院,江苏南京 210094
2.中国船舶工业综合技术经济研究院,北京 100081

收稿日期:2016-10-15 出版日期:2017-03-20 发布日期:2020-05-12
作者简介:
作者简介：宋建业（1991—）,男,江苏,硕士研究生,主要研究方向为云存储安全;何暖（1982—）,女,河北,工程师,硕士,主要研究方向为云计算安全;朱一明（1994—）,女,江苏,硕士研究生,主要研究方向为云存储安全;付安民（1981—）,男,湖北,副教授,博士,主要研究方向为密码学与网络安全。
基金资助:
国家自然科学基金[61572255];江苏省自然科学基金[BK20141404];中央高校基本科研业务费专项[30915011322]

Design and Implementation of Secure Deduplication System for Ciphertext Data Based on Aliyun

Jianye SONG¹, Nuan HE², Yiming ZHU¹, Anmin FU¹()

1.School of Computer Science and Engineering, Nanjing University of Science and Technology, Nanjing Jiangsu 210094, China
2.China Institute of MarineTechnology & Economy, Beijing 100081, China

Received:2016-10-15 Online:2017-03-20 Published:2020-05-12

摘要/Abstract

摘要：

随着云计算服务的广泛使用,越来越多的数据被存储到云服务器上。为了解决云存储系统中加密数据面临的密文重复性检测和拥有权证明（Proof of Ownership,PoW）等问题,文章利用收敛加密和Bloom过滤器的方法设计和实现了一个基于阿里云平台的密文数据安全去重系统。首先,利用收敛加密的方法产生文件的加密密钥,实现了不同用户之间密钥的共享,有利于跨用户之间密文的去重;其次,基于Bloom过滤器的方法,实现了文件拥有权证明,有效地预防了攻击者通过单一的文件哈希值去获取整个文件;最后,基于当前的阿里云平台实现了整个安全去重系统,有效地保证了数据去重的安全性。此外,实验结果和性能分析也证明了方案是高效可行的。

关键词: 数据安全去重, 拥有权证明, 收敛加密, Bloom过滤器

Abstract:

With the wide use of cloud computing service, more and more data is stored in the cloud server. To solve the problems faced by enciphered data in cloud storage system, such as detection and PoW (proofs of ownership) of duplicated ciphertext, etc, we complete a secure deduplication system for ciphertext data based on aliyun by using convergent encryption and Bloom Filter algorithm. First of all, we utilize convergent encryption method to generate a file encryption key, which implements the key shared between different users and is advantageous to cross-user ciphertext deduplication. Secondly, the proof of ownership for files is realized by Bloom filter so as to prevent the attackers with a single file hash value to obtain files efficiently. Finally, based on current cloud platform provided by aliyun, we realize the secure deduplication system and guarantee the safety of data deduplication. In addition, the results of experiments and performance analysis have proved that the scheme is efficient and feasible.

Key words: secure data deduplication, proof of ownership, convergent encryption, Bloom filter

中图分类号:

TP309

宋建业, 何暖, 朱一明, 付安民. 基于阿里云平台的密文数据安全去重系统的设计与实现[J]. 信息网络安全, 2017, 17(3): 39-45.

Jianye SONG, Nuan HE, Yiming ZHU, Anmin FU. Design and Implementation of Secure Deduplication System for Ciphertext Data Based on Aliyun[J]. Netinfo Security, 2017, 17(3): 39-45.

图/表 6

参考文献 14

[1]	GANTZ J,REINSEL D. The Digital Universe in 2020: Big Data,Bigger Digital Shadows,Biggest Growth in the Far East[EB/OL]..
[2]	HALEVI S,HARNIK D,PINKAS B,et al.Proofs of Ownership in Remote Storage Systems[C]// ACM. 18th ACM conference on Computer and communications security,October 17-21,2011,Chicago,Illinois,USA. New YorK: ACM,2011: 491-500.
[3]	DI P R,SORNIOTTI A.Boosting Efficiency and Security in Proof of Ownership for Deduplication[C]// ACM. 7th ACM Symposium on Information,Computer and Communications Security,May 2-4,2012, Seoul,Korea. New York: ACM,2012: 81-82.
[4]	ZHENG Q,XU S.Secure and Efficient Proof of Storage with Deduplication[C]// ACM. 2nd ACM conference on Data and Application Security and Privacy,February 7-9,2012, San Antonio,Texas,USA.New York:ACM,2012: 1-12.
[5]	DU R,DENG L,CHEN J,et al.Proofs of Ownership and Retrievability in Cloud Storage[C]// IEEE. 2014 IEEE 13th International Conference on Trust,Security and Privacy in Computing and Communications,September 24-26, 2014,Beijing,China. New York:IEEE,2014: 328-335.
[6]	DOUCEUR J R,ADYA A, BOLOSKY W J,et al.Reclaiming Space from Duplicate files in a Serverless Distributed File System[C]// IEEE. 22nd International Conference on Distributed Computing Systems,July 2-5,2002,Vienna,Austria. New York:IEEE,2002: 617-624.
[7]	GONZALEZ M L,ORFILA A. An Efficient Confidentiality-preserving Proof of Ownership for Deduplication. Journal of Network and Computer Applications[J]. Journal of Network and Computer Applications,2015(50): 49-59.
[8]	LI J,CHEN X,LI M,et al.Secure Deduplication with Efficient and Reliable Convergent Key Management[J]. IEEE Transactions on Parallel and Distributed Systems,2014,25(6): 1615-1625.
[9]	BLASCO J,DI P R,ORFILA A,et al.A Tunable Proof of Ownership Scheme for Deduplication Using Bloom Filters[C]// IEEE. 2014 IEEE Conference on Communications and Network Security (CNS). October 29-31,2014,San Francisco,CA,USA. New York:IEEE, 2014: 481-489.
[10]	杨超,张俊伟,董学文,等. 云存储加密数据去重删除所有权证明方法[J]. 计算机研究与发展,2015,52(1): 248-258.
[11]	付安民,秦宁元,宋建业,等. 云端多管理者群组共享数据中具有隐私保护的公开审计方案[J]. 计算机研究与发展,2015,52(10): 2353-2362.
[12]	荣星,江荣. 一种基于混合属性的多授权中心云访问方案[J]. 信息网络安全,2016(11):6-11.
[13]	黄龙霞,张功萱,付安民. 基于层次树的动态群组隐私保护公开审计方案[J]. 计算机研究与发展,2016,53(10): 2334-2342.
[14]	王连印,魏颖昊,邢双秋,等. 面向智能终端的云安全管理服务研究与应用[J]. 信息网络安全,2016(10):15-20.

基于阿里云平台的密文数据安全去重系统的设计与实现

Design and Implementation of Secure Deduplication System for Ciphertext Data Based on Aliyun

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 6

参考文献 14

相关文章 1

编辑推荐

Metrics

本文评价