云环境下基于代数签名的支持所有权动态变更的安全审计和去冗方案

doi:10.3969/j.issn.1671-1122.2018.08.007

信息网络安全 ›› 2018, Vol. 18 ›› Issue (8): 50-55.doi: 10.3969/j.issn.1671-1122.2018.08.007

云环境下基于代数签名的支持所有权动态变更的安全审计和去冗方案

柏建丽¹, 李晓冉¹, 郝蓉¹(), 于佳^1,^2,³

1.青岛大学计算机科学技术学院,山东青岛 266071
2.中国科学院信息工程研究所信息安全国家重点实验室, 北京 100093
3.南京信息工程大学计算机和软件学院,江苏南京 210044

收稿日期:2018-04-24 出版日期:2018-08-20 发布日期:2020-05-11
作者简介:
作者简介：柏建丽（1993—）,女,山东,硕士研究生,主要研究方向为云计算;李晓冉（1995—）,女,山东,硕士研究生,主要研究方向为云计算;郝蓉（1976—）,女,山东,高级实验师,硕士,主要研究方向为信息安全;于佳（1976—）,男,山东,教授,博士,主要研究方向为密码学、云计算安全、大数据安全、网络安全。
基金资助:
国家自然科学基金[61572267,61272425];“十三五”国家密码发展基金[MMJJ20170118];中国科学院信息工程研究所信息安全国家重点实验室开放课题[2016-MS-23,2017-MS-21]

Algebraic Signature-based Secure Auditing and Deduplication Scheme with Ownership Dynamic Modification in Cloud Environment

Jianli BAI¹, Xiaoran LI¹, Rong HAO¹(), Jia YU^1,^2,³

1. College of Computer Science and Technology, Qingdao University, Qingdao Shandong 266071, China
2. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China
3. School of Computer and Software, Nanjing University of Information Science & Technology, Nanjing Jiangsu 210044, China;

Received:2018-04-24 Online:2018-08-20 Published:2020-05-11

摘要/Abstract

摘要：

云数据完整性检测和重复数据删除技术在云存储的快速发展中扮演着重要角色。近年来,许多专家提出一些在云环境下同时支持数据完整性审计和数据去冗的方案。然而,在用户生成认证器的阶段,这些方案会有较大的计算开销。文章方案利用代数签名生成文件签名,利用异或操作实现对明文信息的加密,较大程度地降低了用户对大数据的计算开销。此外,方案利用效率更高的重加密算法,实现了在事先不知道可能用户的情况下真正意义上的所有权的动态变更。安全性分析和性能分析表明,方案是安全和高效的。

关键词: 完整性审计, 数据去冗, 代数签名, 重加密

Abstract:

Cloud data integrity auditing and data deduplication technology play the important roles in the rapid development of cloud storage. In recent years, many experts have proposed several schemes that simultaneously support data integrity auditing and data deduplication in cloud environment. However, all of these schemes have large computational costs in the phase of authenticator generation. The scheme in this paper uses algebraic signature to generate file signature and utilizes XOR operation to encrypt outsourced data, which greatly reduces computational costs in user side. In addition, the scheme uses the efficient re-encryption algorithm to support the real dynamic ownership modification without knowing all possible users of the file. Security analysis and performance analysis show that the scheme is secure and high efficient.

Key words: integrity auditing, data deduplication, algebraic signature, re-encryption

中图分类号:

TP309

柏建丽, 李晓冉, 郝蓉, 于佳. 云环境下基于代数签名的支持所有权动态变更的安全审计和去冗方案[J]. 信息网络安全, 2018, 18(8): 50-55.

Jianli BAI, Xiaoran LI, Rong HAO, Jia YU. Algebraic Signature-based Secure Auditing and Deduplication Scheme with Ownership Dynamic Modification in Cloud Environment[J]. Netinfo Security, 2018, 18(8): 50-55.

图/表 2

参考文献 20

[1]	LI Yannan, YU Yong, MIN Geyong, et al.Fuzzy Identity-based Data Integrity Auditing for Reliable Cloud Storage Systems[J]. IEEE Transactions on Dependable & Secure Computing, 2017(2):1.
[2]	GREEN M.The Threat in the Cloud[J]. IEEE Security and Privacy, 2013,11(1) :86-89.
[3]	JIANG Qi, KHAN M K, LU Xiang, et al.A Privacy Preserving Three-factor Authentication Protocol for e-Health Clouds[J]. Journal of Supercomputing, 2016, 72(10):3826-3849.
[4]	SHACHAM H, WATERS B.Compact Proofs of Retrievability[J]. Journal of Cryptology , 2013,26(3):442-483.
[5]	YU Jia, REN Kui, WANG Cong, et al.Enabling Cloud Storage Auditing With Key-exposure Resistance[J]. IEEE Transactions on Information Forensics & Security, 2017, 10(6):1167-1179.
[6]	YU Jia, REN Kui, WANG Cong.Enabling Cloud Storage Auditing With Verifiable Outsourcing of Key Updates[J]. IEEE Transactions on Information Forensics & Security, 2016, 11(6):1362-1375.
[7]	YANG Guangyang, YU Jia, SHEN Wenting, et al.Enabling Public Auditing for Shared Data in Cloud Storage Supporting Identity Privacy and Traceability[J]. Journal of Systems & Software,2016, 113(C):130-139.
[8]	SHEN Wenting, YU Jia, XIA Hui, et al.Light-weight and Privacy-preserving Secure Cloud Auditing Scheme for Group Users via the Third Party Medium[J]. Journal of Network & Computer Applications, 2017, 82:56-64.
[9]	QIN Zhiguang, WU Shikun, XIONG Hu.A Review on Data Integrity Auditing Protocols for Data Storage in Cloud Computing[J].Netinfo Security,2014,14(7):1-6.
	秦志光,吴世坤,熊虎. 云存储服务中数据完整性审计方案综述[J]. 信息网络安全, 2014,14(7): 1-6.
[10]	WANG Cong, CHOW S S M, WANG Qian, et al. Privacy-preserving Public Auditing for Secure Cloud Storage[J]. IEEE Transactions on Computers, 2013, 62(2):362-375.
[11]	WANG Cong, WANG Qian, REN Kui, et al.Privacy-preserving Public Auditing for Data Storage Security in Cloud Computing[C]//IEEE. 2010 Proceedings IEEE INFOCOM, March 14-19, San Diego, CA, USA.NJ:IEEE, 2010:525-533.
[12]	YU Jia, WANG Huaqun.Strong Key-exposure Resilient Auditing for Secure Cloud Storage[J]. IEEE Transactions on Information Forensics & Security, 2017, 12(8):1931-1940.
[13]	YUAN Jiawei,YU Shucheng.Efficient Public Integrity Checking for Cloud Data Sharing with Multi-user Modification[C]// IEEE. 2014 IEEE Conference on Computer Communications, April 27-May 2, 2014, Toronto, ON, Canada.NJ:IEEE, 2013:2121-2129.
[14]	ZHAO Yang, REN Huaqiang, XIONG Hu, et al.A Dynamic Cloud Data Audit Scheme Based on Update Tree[J].Netinfo Security,2015,15(12):1-7.
	赵洋,任化强,熊虎,等. 基于更新树的动态云数据审计方案[J]. 信息网络安全, 2015,15(12): 1-7.
[15]	YUAN Jiawei, YU Shucheng.Secure and Constant Cost Public Cloud Storage Auditing with Deduplication[C]// IEEE. 2013 IEEE Conference on Communications and Network Security (CNS), October 14-16,2013, National Harbor, MD, USA.NJ: IEEE, 2013:145-153.
[16]	LI Jingwei, LI Jin, XIE Dongqing, et al.Secure Auditing and Deduplicating Data in Cloud[J] . IEEE Transactions on Computers, 2016, 65(8):2386-2396.
[17]	HOU Huiying, YU Jia, HAO Rong.Research on an Integrity Auditing Scheme Based on Algebraic Signature in Cloud Storage[J].Netinfo Security,2017,17(10):69-74.
	侯慧莹, 于佳, 郝蓉. 一种基于代数签名的云存储完整性审计方案研究[J]. 信息网络安全, 2017,17(10):69-74.
[18]	WANG Cong, WANG Qian, REN Kui, et al.Toward Secure and Dependable Storage Services in Cloud Computing[J]. IEEE Transactions on Services Computing, 2012,5(2):220-232.
[19]	SHEN Jian, LIU Dengzhi, SHEN Jun, et al.A Secure Cloud-assisted Urban Data Sharing Framework for Ubiquitous-cities[J] . Pervasive & Mobile Computing, 2017, 41:219-230.
[20]	LITWIN W, SCHWARZ T.Algebraic Signatures for Scalable Distributed Data Structures[C]// IEEE. The 20th International Conference on Data Engineering, April 2, 2004 , Boston, MA, USA. NJ:IEEE, 2004:412-423.

云环境下基于代数签名的支持所有权动态变更的安全审计和去冗方案

Algebraic Signature-based Secure Auditing and Deduplication Scheme with Ownership Dynamic Modification in Cloud Environment

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 2

参考文献 20

相关文章 6

编辑推荐

Metrics

本文评价

[1]	张艺, 刘红燕, 咸鹤群, 田呈亮. 基于授权记录的云存储加密数据去重方法[J]. 信息网络安全, 2020, 20(3): 75-82.
[2]	刘建华, 郑晓坤, 郑东, 敖章衡. 基于属性加密且支持密文检索的安全云存储系统[J]. 信息网络安全, 2019, 19(7): 50-58.
[3]	江明明, 赵利军, 王艳, 王保仓. 面向云数据共享的量子安全的无证书双向代理重加密[J]. 信息网络安全, 2018, 18(8): 17-24.
[4]	边根庆, 邵必林, 蔡皖东, 王栋. 云环境下支持数据动态更新的多副本数据完整性审计方法研究[J]. 信息网络安全, 2017, 17(10): 22-28.
[5]	侯慧莹, 于佳, 郝蓉. 一种基于代数签名的云存储完整性审计方案研究[J]. 信息网络安全, 2017, 17(10): 69-74.
[6]	. 用于PHR云存储的属性密文访问控制方案[J]. , 2014, 14(5): 15-.