信息网络安全 ›› 2019, Vol. 19 ›› Issue (7): 67-74.doi: 10.3969/j.issn.1671-1122.2019.07.008

• • 上一篇    下一篇

基于变长认证跳表的分布式动态数据持有证明模型

侯林(), 李明洁, 徐剑, 周福才   

  1. 东北大学软件学院,辽宁沈阳 110169
  • 收稿日期:2019-04-17 出版日期:2019-07-19 发布日期:2020-05-11
  • 作者简介:

    作者简介:侯林(1983—),男,黑龙江,工程师,硕士,主要研究方向为网络与信息安全;李明洁(1992—),女,辽宁,硕士,主要研究方向为云计算安全;徐剑(1978—),男,辽宁,副教授,博士,主要研究方向为网络与信息安全、云计算安全;周福才(1964—),男,吉林,教授,博士,主要研究方向为密码学与网络安全、可信计算、电子商务基础理论与关键技术。

  • 基金资助:
    国家自然科学基金[61872069];中央高校基本科研业务费专项资金[N171704005];沈阳市科技计划项目[18-013-0-01]

Distributed Dynamic Provable Data Possession Model Based on Flexible Length-based Authenticated Skip List

Lin HOU(), Mingjie LI, Jian XU, Fucai ZHOU   

  1. Software College, Northeastern University, Shenyang Liaoning 110169, China
  • Received:2019-04-17 Online:2019-07-19 Published:2020-05-11

摘要:

动态数据持有证明(Dynamic Provable Data Possession, DPDP)是云存储中数据完整性验证的重要方法。但是,DPDP在分布式环境中应用时存在代价开销较高、对客户端不透明等问题。为此,文章将变长认证跳表(Flexible Length-based Authenticated Skip List, FlexList)可以很好地支持DPDP动态更新的优势与分布式环境结合,构建了基于FlexList的分布式动态数据持有证明模型(D-DPDP-FlexList)。该模型包括3种实体:中控服务器、存储服务器以及用户。存储服务器和中控服务器构成服务器端,其内部结构对用户是透明的,只通过中控服务器向用户提供服务。因此,用户无需针对服务器结构执行预处理操作,服务器端的可扩展性得到了有效增强。分布式变长认证跳表部署方法和多副本存储方式的采用降低了服务器的响应时间,提高了数据的可用性。文章给出了模型的形式化描述、实体间交互协议以及模型的安全性分析。相关测试验证了文章模型在分布式环境中的可用性。

关键词: 云存储, 数据持有证明, 变长认证跳表, 完整性

Abstract:

Dynamic provable data possession (DPDP) is an important method of data integrity verification in cloud storage. However, DPDP still has some problems when applied in distributed environment, such as high cost, opacity to client and so on. Therefore, this paper uses flexible length-based authenticated skip list (FlexList) which has the advantage of DPDP dynamic updating to construct a distributed dynamic provable data possession model (D-DPDP-FlexList). This model includes three entities which are center control server, storage server and user. Center control server and some storage servers form the server-side. The internal structure of the server-side is transparent to the user and services are provided to users only through the central control server. Users don’t need to preprocess their data according to the structure of the server-side. The adoption of distributed FlexList and multiple-replica storage improves server response time and data availability. This paper also gives the formal description, interaction protocols among the entities and security analysis. Relevant tests verify the availability of the model in distributed environment.

Key words: cloud storage, provable data possession, flexible length-based authenticated skip list, integrity

中图分类号: