一种支持动态操作的身份基云存储方案

doi:10.3969/j.issn.1671-1122.2022.02.010

信息网络安全 ›› 2022, Vol. 22 ›› Issue (2): 86-95.doi: 10.3969/j.issn.1671-1122.2022.02.010

一种支持动态操作的身份基云存储方案

易铮阁¹, 袁文勇¹, 李瑞峰¹, 杨晓元¹^,²()

1.武警工程大学密码工程学院,西安 710086
2.网络和信息安全武警部队重点实验室,西安 710086

收稿日期:2021-06-08 出版日期:2022-02-10 发布日期:2022-02-16
通讯作者: 杨晓元 E-mail:yxyangyxyang@163.com
作者简介:易铮阁（1999—）,男,湖南,硕士研究生,主要研究方向为信息安全、云存储审计|袁文勇（1997—）,男,广东,硕士研究生,主要研究方向为信息安全、云存储审计|李瑞峰（1998—）,男,吉林,硕士研究生,主要研究方向为信息安全、云存储审计|杨晓元（1959—）,男,湖南,教授,硕士,主要研究方向为信息安全、密码学
基金资助:
国家自然科学基金(62172436);国家重点研发计划(2017YFB0802000);陕西省自然科学基金(2020JQ-492)

Identity-based and Dynamic Operating Solution for Cloud Storage

YI Zhengge¹, YUAN Wenyong¹, LI Ruifeng¹, YANG Xiaoyuan¹^,²()

1. Engineering University of People’s Armed Police, Xi’an 710086, China
2. Key Lab of the Armed Police Force for Network and Information Security, Xi’an 710086, China

Received:2021-06-08 Online:2022-02-10 Published:2022-02-16
Contact: YANG Xiaoyuan E-mail:yxyangyxyang@163.com

摘要/Abstract

摘要：

针对传统的云存储完整性审计技术依赖PKI公钥体系、密钥管理成本高等问题,文章构建了一种基于身份的云存储审计模型,利用Merkle哈希树技术实现用户数据的动态更新。经方案分析证明,该方案是安全可行的。通过构建云医疗数据管理模型,证明该方案具有良好的应用前景。

关键词: 云存储, 完整性审计, 身份基加密, 动态更新操作

Abstract:

Almost traditional remote data integrity checking (RDIC) schemes are suffering from the issue of high key management cost, because they rely on the expensive public key infrastructure (PKI). According to this phenomenon, this paper proposed an identity-based cloud storage audit scheme. Merkle Hash Tree (MHT) technology is used to realize the dynamic update of users data. It is proved that this scheme is safe and feasible through the scheme analysis. It is proved that this scheme has a good application prospect by the construction of cloud medical data management model.

Key words: cloud storage, RDIC, identity-based cryptography, dynamic operation

中图分类号:

TP309

易铮阁, 袁文勇, 李瑞峰, 杨晓元. 一种支持动态操作的身份基云存储方案[J]. 信息网络安全, 2022, 22(2): 86-95.

YI Zhengge, YUAN Wenyong, LI Ruifeng, YANG Xiaoyuan. Identity-based and Dynamic Operating Solution for Cloud Storage[J]. Netinfo Security, 2022, 22(2): 86-95.

图/表 5

参考文献 18

[1]	CHOO K K, DOMINGO F J, ZHANG Lei. Cloud Cryptography: Theory, Practice and Future Research Directions[J]. Future Generation Computer Systems, 2016, 62(9):51-53. doi: 10.1016/j.future.2016.04.017 URL
[2]	GUO Chunmei, BI Xueyao, YANG Fan. Research and Trend of Cloud Computing SecurityTechnology[J]. Netinfo Security, 2010, 10(4):18-19.
	郭春梅, 毕学尧, 杨帆. 云计算安全技术研究与趋势[J]. 信息网络安全, 2010, 10(4):18-19.
[3]	LI Yong, YAO GE, LEI Linan, et al. LBT-based Cloud Data Integrity Verification Scheme[J]. Journal of Tsinghua University(Science and Technology), 2016, 56(5):504-510.
	李勇, 姚戈, 雷丽楠, 等. 基于多分支路径树的云存储数据完整性验证机制[J]. 清华大学学报:自然科学版, 2016, 56(5):504-510.
[4]	COPPOLINO L, D'ANTONIO S, MAZZEO G, et al. Cloud Security: Emerging Threats and Current Solutions[J]. Computers & Electrical Engineering, 2016, 59(4):124-140.
[5]	RAHMAN N H. A Survey of Information Security Incident Handling in the Cloud[J]. Computers & Security, 2015, 49(3):45-69. doi: 10.1016/j.cose.2014.11.006 URL
[6]	JUELS A, KALISKI J B S. PoRs: Proofs of Retrievability for Large Files[C]// ACM. ACM Conference on Computer and Communications Security (CCS’ 07), October 28, 2007, Alexandria, Virginia, USA. New York: ACM Press, 2007: 584-597.
[7]	ATENIESE G, BURNS R, CURTMOLA R, et al. Provable Data Possession at Untrusted Stores[C]// ACM. ACM Conference on Computer and Communications Security (CCS’ 07), October 28, 2007, Alexandria, Virginia, USA. New York: ACM Press, 2007: 598-609.
[8]	WANG Qian, WANG Cong, REN Kui, et al. Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing[J]. Parallel and Distributed Systems, IEEE Transactions, 2011, 22(5):847-859 doi: 10.1109/TPDS.2010.183 URL
[9]	WANG Tao, YANG Bo, LIU Hongyu, et al. An Alternative Approach to Public Cloud Data Auditing Supporting Data Dynamics[J]. Soft Computing, 2019, 23(13):4939-4953. doi: 10.1007/s00500-018-3155-4 URL
[10]	GUO Wei, ZHANG Hua, QIN Sujuan, et al. Outsourced Dynamic Provable Data Possession with Batch Update for Secure Cloud Storage[J]. Future Generation Computer Systems, 2019, 95(6):309-322. doi: 10.1016/j.future.2019.01.009 URL
[11]	GENTRY C, RAMZAN Z. Identity-based Aggregate Signatures[C]// Springer-verlag. Public Key Cryptography-PKC 2006, 9th International Conference on Theory and Practice of Public-Key Cryptography, April 24-26, 2006, New York, USA. Heidelberg: Springer, 2006: 257-273.
[12]	ZHAO Jining, XU Chunxiang, LI Fagen, et al. Identity-based Public Verification with Privacy-preserving for Data Storage Security in Cloud Computing[J]. Ieice Transactions on Fundamentals of Electronics Communications & Computer Sciences, 2013, 96(12):2709-2716.
[13]	WANG Huaqun, WU Qianhong, QIN Bo, et al. Identity-based Remote Data Possession Checking in Public Clouds[J]. IET Information Security, 2014, 8(2):114-121. doi: 10.1049/ise2.v8.2 URL
[14]	WANG Huaqun. Identity-based Distributed Provable Data Possession in Multicloud Storage[J]. IEEE Transactions on Services Computing, 2015, 8(2):328-340. doi: 10.1109/TSC.4629386 URL
[15]	YU Yong, XUE Liang, AUM H, et al. Cloud Data Integrity Checking with An Identity-based Auditing Mechanism from RSA[J]. Future Generation Computer Systems, 2016, 62(9):85-91. doi: 10.1016/j.future.2016.02.003 URL
[16]	YU Yong, MH A, ATENIESE G, et al. Identity-based Remote Data Integrity Checking With Perfect Data Privacy Preserving for Cloud Storage[J]. IEEE Transactions on Information Forensics and Security, 2017, 12(4):767-778. doi: 10.1109/TIFS.2016.2615853 URL
[17]	RABANINEJAD R, RAJABZADEHASAAR M, AHMADIAN A M. et al. An identity-based Online/Offline Secure Cloud Storage Auditing Scheme[J]. Cluster Comput, 2020, 23(6):1455-1468. doi: 10.1007/s10586-019-03000-5 URL
[18]	MERKLE R C. A Certified Digital Signature[C]// Springer. Advances in Cryptology-CRYPTO ’89, 9th Annual International Cryptology Conference, August 20-24, 1989, Santa Barbara, California, USA. New York: Springer-Verlag, 1989: 218-238.

一种支持动态操作的身份基云存储方案

Identity-based and Dynamic Operating Solution for Cloud Storage

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 5

参考文献 18

相关文章 15

编辑推荐

Metrics

本文评价

[1]	王健, 于航, 韩臻, 韩磊. 基于智能合约的云存储共享数据访问控制方法[J]. 信息网络安全, 2021, 21(11): 40-47.
[2]	张富成, 付绍静, 夏竟, 罗玉川. 基于GlusterFS的分布式数据完整性验证系统[J]. 信息网络安全, 2021, 21(1): 72-79.
[3]	郎为民, 马卫国, 张寅, 姚晋芳. 一种支持数据所有权动态管理的数据去重方案[J]. 信息网络安全, 2020, 20(6): 1-9.
[4]	尤玮婧, 刘丽敏, 马悦, 韩东. 基于安全硬件的云端数据机密性验证方案[J]. 信息网络安全, 2020, 20(12): 1-8.
[5]	李晓冉, 郝蓉, 于佳. 具有数据上传管控的无证书可证明数据持有方案[J]. 信息网络安全, 2020, 20(1): 83-88.
[6]	刘建华, 郑晓坤, 郑东, 敖章衡. 基于属性加密且支持密文检索的安全云存储系统[J]. 信息网络安全, 2019, 19(7): 50-58.
[7]	侯林, 李明洁, 徐剑, 周福才. 基于变长认证跳表的分布式动态数据持有证明模型[J]. 信息网络安全, 2019, 19(7): 67-74.
[8]	秦中元, 韩尹, 张群芳, 朱雪金. 一种改进的多私钥生成中心云存储访问控制方案[J]. 信息网络安全, 2019, 19(6): 11-18.
[9]	邵必林, 李肖俊, 边根庆, 赵煜. 云存储数据完整性审计技术研究综述[J]. 信息网络安全, 2019, 19(6): 28-36.
[10]	黑一鸣, 刘建伟, 张宗洋, 喻辉. 基于区块链的可公开验证分布式云存储系统[J]. 信息网络安全, 2019, 19(3): 52-60.
[11]	李帅, 刘晓洁, 徐兵. 一种基于目录哈希树的磁盘数据同步方法研究[J]. 信息网络安全, 2019, 19(2): 53-59.
[12]	赵星, 王晓东, 张串绒. 一种基于数据漂移的动态云安全存储机制[J]. 信息网络安全, 2019, 19(10): 65-73.
[13]	秦中元, 韩尹, 朱雪金. 基于改进DGHV算法的云存储密文全文检索研究[J]. 信息网络安全, 2019, 19(1): 8-8.
[14]	李明祥, 王洪涛. 基于格的身份基矩阵加密方案[J]. 信息网络安全, 2019, 19(1): 34-41.
[15]	柏建丽, 李晓冉, 郝蓉, 于佳. 云环境下基于代数签名的支持所有权动态变更的安全审计和去冗方案[J]. 信息网络安全, 2018, 18(8): 50-55.