信息网络安全 ›› 2018, Vol. 18 ›› Issue (4): 32-37.doi: 10.3969/j.issn.1671-1122.2018.04.005

• • 上一篇    下一篇

云存储中基于用户授权的大数据完整性审计方案

鲁秀青1,2(), 咸鹤群1   

  1. 1.青岛大学计算机科学与技术学院,山东青岛 266071
    2.青岛大学商学院,山东青岛 266071
  • 收稿日期:2017-12-20 出版日期:2018-04-15 发布日期:2020-05-11
  • 作者简介:

    作者简介:鲁秀青(1975—),女,山东,讲师,博士研究生,主要研究方向为信息安全;咸鹤群(1979—),男,山东,副教授,博士,主要研究方向为密码学、网络与信息系统安全、云计算安全。

  • 基金资助:
    国家自然科学基金[61303197];山东省自然科学基金[ZR2013FQ005]

A Big Data Integrity Auditing Scheme Based on User Authorization in Cloud Storage

Xiuqing LU1,2(), Hequn XIAN1   

  1. 1.College of Computer Science and Technology, Qingdao University, Qingdao Shandong 266071, China
    2. College of Business, Qingdao University, Qingdao Shandong 266071, China
  • Received:2017-12-20 Online:2018-04-15 Published:2020-05-11

摘要:

云存储具有存储量大、可扩展和成本低等优点,越来越多的用户选择把数据存储在云存储服务器端。云存储的可用性、高可靠性及数据共享服务等在给用户带来便利的同时,也会导致诸多安全问题,其中数据的完整性研究成为近期研究的热点。目前已有很多数据审计方案,但它们不能高效实现数据的细粒度更新操作。为了解决这一问题,文章提出一种支持细粒度更新的大数据完整性审计方案。首先,设计了一种支持细粒度更新的认证数据结构——动态索引表。在数据插入和删除操作过程中,动态索引表中的元素不需要进行移动,提高了数据更新的效率。其次,为了避免恶意攻击者对云存储服务器发起拒绝服务攻击,文章提出了一种基于用户授权的大数据完整性审计方案,即只有用户合法授权的第三方审计者才能发起完整性审计挑战,提高了系统的安全性。最后,模拟实验证明,文章提出的方案具有较高的数据审计运算效率。

关键词: 云存储, 大数据, 完整性, 细粒度, 审计

Abstract:

As cloud storage has many advantages, such as large storage, scalability and low-cost, more and more users choose to store their big data on the remote cloud storage server. The availability, high reliability and data sharing services of cloud storage not only bring convenience to users, but also lead to many security problems and among them, the research on data integrity has become a hot topic in recent years. Recently, lots of auditing schemes have been proposed, but these schemes can't efficiently realize fine-grained updating operations. To solve the problem, this paper propose a big data integrity audit scheme supporting fine-grained updating operations. Firstly, we design an authenticated data structure supporting fine-grained updating—dynamic index table. In the process of data insertion and deletion, the elements in the dynamic index table don't need to be moved, so that the efficiency of data dynamic updating is improved. Secondly, in order to prevent malicious parties from launching denial-of-service attacks to the cloud storage server, this paper propose a big data integrity audit scheme based on user authorization. That is, only third-party verifiers authorized by users can initiate integrity verification challenges which improve system security. Finally, the simulation experiments show that this auditing scheme is of high efficiency.

Key words: cloud storage, big data, integrity, fine-grained, auditing

中图分类号: