信息网络安全 ›› 2018, Vol. 18 ›› Issue (11): 66-72.doi: 10.3969/j.issn.1671-1122.2018.11.009

• • 上一篇    下一篇

指定审计员的云数据安全存储方案

赵萌1, 丁勇2,3, 王玉珏2,3()   

  1. 1. 桂林电子科技大学机电工程学院,广西桂林 541004
    2. 桂林电子科技大学广西密码学与信息安全重点实验室,广西桂林 541004
    3. 桂林电子科技大学计算机与信息安全学院,广西桂林 541004
  • 收稿日期:2018-08-01 出版日期:2018-11-10 发布日期:2020-05-11
  • 作者简介:

    作者简介:赵萌(1981—),女,江苏,讲师,硕士,主要研究方向为应用密码学;丁勇(1975—),男,重庆,教授,博士,主要研究方向为密码学;王玉珏(1981—),男,安徽,讲师,博士,主要研究方向为应用密码学、云计算安全。

  • 基金资助:
    国家自然科学基金[61772150,61862012,61862011,61602125]:国家密码发展基金[MMJJ20170217];广西重点研发计划[AB17195025];广西密码学与信息安全重点实验室研究课题[GCIS201702]

Secure Cloud Data Storage with Designated Auditors

Meng ZHAO1, Yong DING2,3, Yujue WANG2,3()   

  1. 1. School of Mechanical and Electrical Engineering, Guilin University of Electronic Technology, Guilin Guangxi 541004, China
    2. Guangxi Key Laboratory of Cryptography and Information Security, Guilin University of Electronic Technology, Guilin Guangxi 541004, China
    3. School of Computer Science and Information Security, Guilin University of Electronic Technology, Guilin Guangxi 541004, China
  • Received:2018-08-01 Online:2018-11-10 Published:2020-05-11

摘要:

借助云存储技术,用户无需构建本地软硬件存储设施,从而减少了本地存储的成本。面对云存储环境下用户外包数据完整性保护需求以及数据持有者失去数据控制权的问题,数据持有者可以指定预期的审计员对其外包数据进行完整性审计。文章基于双线性群提出一种指定审计员的云安全存储方案,要求审计员在完整性审计阶段使用其私钥才可验证云存储服务器的响应,从而判断外包数据的完整性。文章进一步研究了在数据处理阶段数据持有者同时指定两个审计员的场景,在执行完整性审计时审计员之间无需交互。由安全分析和效率分析可知,文中方案是安全高效的。

关键词: 云计算, 云存储, 完整性, 数字签名, 数据安全

Abstract:

With the cloud computing technology, users do not need to deploy hardware and software facilities, which thus saves local storage costs for users. Once the data is outsourced to the cloud storage server, it is out of control from its owner. To protect the integrity of outsourced data, data owner is able to designate an auditor to perform integrity auditing. This paper presents a secure cloud storage scheme with designated auditor in bilinear groups, which requires the designated auditor to use his private key in verifying the response from the cloud storage server in the integrity auditing phase, in this way to determine the integrity of outsourced data. Moreover, the case of two designated auditors is considered, that is, the data owner designates two expected auditors in the data processing phase, such that each auditor does not need to interact with the other in performing integrity auditing. Security and performance analyses show that the proposed schemes are secure and efficient.

Key words: cloud computing, cloud storage, integrity, digital signature, data security

中图分类号: