云环境中数据安全去重研究进展

熊金波; 张媛媛; 李凤华; 李素萍; 任君; 姚志强

doi:10.11959/j.issn.1000-436x.2016238

您当前的位置：

首页 >

文章列表页 >

云环境中数据安全去重研究进展

综述 | 更新时间：2024-06-05

- 云环境中数据安全去重研究进展
- Research progress on secure data deduplication in cloud
- 通信学报 2016年37卷第11期页码：169-180
- 作者机构：
  
  1. 福建师范大学软件学院，福建福州350117
  2. 中国科学院信息工程研究所信息安全国家重点实验室，北京 100093
  3. 福建省公共服务大数据挖掘与应用工程技术研究中心，福建福州 350117
  1.1．福建师范大学软件学院，福建福州350117;2．中国科学院信息工程研究所信息安全国家重点实验室，北京 100093;3．福建省公共服务大数据挖掘与应用工程技术研究中心，福建福州 350117
- 作者简介：
  
  [ "熊金波（1981-），男，湖南益阳人，福建师范大学副教授、硕士生导师，中国科学院信息工程研究所博士后，主要研究方向为云数据安全与隐私保护技术。" ]
  [ "张媛媛（1992-），女，河南南阳人，福建师范大学硕士生，主要研究方向为云数据安全与隐私保护技术。" ]
  [ "李凤华（1966-），男，湖北浠水人，博士，中国科学院信息工程研究所副总工、研究员、博士生导师，主要研究方向为网络与系统安全、信息保护、隐私计算。" ]
  [ "李素萍（1991-），女，福建三明人，福建师范大学硕士生，主要研究方向为云数据安全与隐私保护技术" ]
  [ "任君（1993-），女，山西临汾人，福建师范大学硕士生，主要研究方向为云计算与安全服务。" ]
  [ "姚志强（1967-），男，福建莆田人，博士，福建师范大学教授、硕士生导师，主要研究方向为信息安全。" ]
- 基金信息：
  
  国家自然科学基金资助项目(61402109);国家自然科学基金资助项目(61370078);国家自然科学基金资助项目(61502103);福建省自然科学基金资助项目(2015J05120);福建省网络安全与密码技术重点实验室(福建师范大学)开放课题基金资助项目(15008);福建省高校杰出青年科研人才培育计划基金资助项目(2015)
- DOI：10.11959/j.issn.1000-436x.2016238
  中图分类号： TP309.2
- 网络出版日期：2016-11，
  
  纸质出版日期：2016-11-25
- 稿件说明：
移动端阅览
熊金波, 张媛媛, 李凤华, 等. 云环境中数据安全去重研究进展[J]. 通信学报, 2016,37(11):169-180.

Jin-bo XIONG, Yuan-yuan ZHANG, Feng-hua LI, et al. Research progress on secure data deduplication in cloud[J]. Journal on communications, 2016, 37(11): 169-180.
熊金波, 张媛媛, 李凤华, 等. 云环境中数据安全去重研究进展[J]. 通信学报, 2016,37(11):169-180. DOI： 10.11959/j.issn.1000-436x.2016238.

Jin-bo XIONG, Yuan-yuan ZHANG, Feng-hua LI, et al. Research progress on secure data deduplication in cloud[J]. Journal on communications, 2016, 37(11): 169-180. DOI： 10.11959/j.issn.1000-436x.2016238.

摘要

为了提高云存储效率和节约网络通信带宽，需要对云端同一数据的多个副本执行重复性检测与去重操作，而云环境下的密文数据阻碍了数据安全去重的实施，这一问题迅速引起学术界和产业界的广泛关注，成为研究热点。从安全性角度出发，分析云环境中数据安全去重的原因及面临的主要挑战，给出云数据安全去重的系统模型和威胁模型，面向云数据安全去重技术的实现机制从基于内容加密的安全去重、基于所有权证明的安全去重和隐私保护的安全去重3个方面对近年来相关研究工作进行深入分析和评述，并指出各种关键技术与方法的优势及存在的共性问题；最后给出云数据安全去重领域未来的研究方向与发展趋势。

Abstract

In order to improve the efficiency of cloud storage and save the communication bandwidth

a deduplication mechanism for multi-duplicate of the same data in cloud environment was needed. However

the implement of the secure data deduplication was seriously hindered by the ciphertext in cloud. This issue has quickly aroused wide attention of academia and industry

and became a research hotspot. From a security standpoint

firstly the primary cause and the main challenges of secure data deduplication in cloud environment was analyzed

and then the deduplication system model as well as its security model was described. Furthermore

focusing on the realization mechanism of secure data deduplica-tion

the thorough analyses were carried on and reviews for the related research works in recent years from content-based encryption

proof of ownership and privacy protection for secure deduplication

then the advantages and common prob-lems of various key technologies and methods were summed up. Finally

the future research directions and development trends on secure data deduplication in cloud was given.

关键词

Keywords

references

XIONG J , LI F , MA J , et al . A full lifecycle privacy protection scheme for sensitive data in cloud computing [J ] . Peer-to-Peer Networking and Applications , 2014 , 8 ( 6 ): 1 - 13 .

MITTAL S , VETTER J . A survey of architectural approaches for data compression in cache and main memory systems [J ] . IEEE Transac-tions on Parallel and Distributed Systems , 2016 , 27 ( 5 ): 1524 - 1536 .

敖莉，舒继武，李明强 . 重复数据删除技术 [J ] . 软件学报 , 2010 , 21 ( 5 ): 916 - 929 .

AO L , SHU J W , LI M Q . Data deduplication techniques [J ] . Journal of Software , 2010 , 21 ( 5 ): 916 - 929 .

付印金，肖侬，刘芳 . 重复数据删除关键技术研究进展 [J ] . 计算机研究与发展 , 2012 , 49 ( 1 ): 12 - 20 .

FU Y J , XIAO N , LIU F . Research and development on key techniques of data deduplication [J ] . Journal of Computer Research and Devel-opment , 2012 , 49 ( 1 ): 12 - 20 .

XIA W , JIANG H , FENG D , et al . A comprehensive study of the past, present, and future of data deduplication [J ] . Proceedings of the IEEE , 2016 , 104 ( 9 ): 1681 - 1710 .

PAULO J , PEREIRA J . A survey and classification of storage deduplica-tion systems [J ] . ACM Computing Surveys (CSUR) , 2014 , 47 ( 1 ): 1 - 30 .

YU S . Big privacy: challenges and opportunities of privacy study in the age of big data [J ] . IEEE Access , 2016 , 4 : 2751 - 2763 .

RABOTKA V , MANNAN M . An evaluation of recent secure dedupli-cation proposals [J ] . Journal of Information Security and Applications , 2016 , 27 : 3 - 18 .

DOUCEUR J , ADYA A , BOLOSKY W , et al . Reclaiming space from duplicate files in a serverless distributed file system [C ] // International Conference on Distributed Computing Systems . 2002 : 617 - 624 .

LI M , QIN C , LEE P . CDStore: toward reliable, secure, and cost-efficient cloud storage via convergent dispersal [C ] // USENIX Annual Technical Conference (USENIX ATC 15). Santa, Clara , 2015 : 111 - 124 .

BELLARE M , KEELVEEDHI S , RISTENPART T . Message-locked encryption and secure deduplication [M ] . Advances in Cryptol-ogy–EUROCRYPT 2013 . Springer Berlin Heidelberg , 2013 : 296 - 312 .

CHEN R , MU Y , YANG G , et al . BL-MLE: block-level message-locked encryption for secure large file deduplication [J ] . IEEE Transactions on Information Forensics and Security , 2015 , 10 ( 12 ): 2643 - 2652 .

BELLARE M , KEELVEEDHI S . Interactive message-locked encryp-tion and secure deduplication [M ] . Public-Key Cryptography——PKC 2015 . Springer Berlin Heidelberg , 2015 : 516 - 538 .

KEELVEEDHI S , BELLARE M , RISTENPART T . DupLESS:server-aided encryption for deduplicated storage [C ] // 22nd USENIX Se-curity Symposium (USENIX Security 13). Washington , 2013 : 179 - 194 .

LI J , QIN C , LEE P , et al . Rekeying for encrypted deduplication storage [C ] // The 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2016), Toulouse, France , 2016 .

PUZIO P , MOLVA R , ONEN M , et al . ClouDedup: secure deduplica-tion with encrypted data for cloud storage [C ] // Cloud Computing Technology and Science (CloudCom), 2013 IEEE 5th International Conference on. IEEE, Bristol, UK , 2013 : 363 - 370 .

MIAO M , WANG J , LI H , et al . Secure multi-server-aided data dedu-plication in cloud computing [J ] . Pervasive and Mobile Computing , 2015 , 24 : 129 - 137 .

STANEK J , SORNIOTTI A , ANDROULAKI E , et al . A secure data deduplication scheme for cloud storage [M ] . Financial Cryptography and Data Security . Springer Berlin Heidelberg , 2014 : 99 - 118 .

PUZIO P , MOLVA R , ÖNEN M , et al . PerfectDedup: secure data deduplication [C ] // International Workshop on Data Privacy Manage-ment. Springer International Publishing,Atlanta , 2015 : 150 - 166 .

RABOTKA V , MANNAN M . An evaluation of recent secure dedupli-cation proposals [J ] . Journal of Information Security and Applications , 2016 , 27 : 3 - 18 .

SHIN Y , KIM K . Differentially private client-side data deduplication protocol for cloud storage services [J ] . Security and Communication Networks , 2015 , 8 ( 12 ): 2114 - 2123 .

DWORK C , LEI J . Differential privacy and robust statistics [C ] // The forty-first annual ACM symposium on Theory of computing. ACM, Bethesda , 2009 : 371 - 380 .

HALEVI S , HARNIK D , PINKAS B , et al . Proofs of ownership in remote storage systems [C ] // The 18th ACM conference on Computer and Communications Security. ACM, Chicago , 2011 : 491 - 500 .

XU J , CHANG E , ZHOU J . Weak leakage-resilient client-side dedupli-cation of encrypted data in cloud storage [C ] // 8th ACM SIGSAC Sym-posium on Information, Computer and Communications Security, ASIA CCS '13, ACM. Hangzhou, China , 2013 : 195 - 206 .

陈越，李超零，兰巨龙，等．基于确定/概率性文件拥有证明的机密数据安全去重方案 [J ] . 通信学报 , 2015 , 36 ( 9 ): 1 - 12 .

CHEN Y , LI C L , LAN J L , et al . Secure sensitive data deduplication schemes based on deterministic/probabilistic proof of file ownership [J ] . Journal on Communications , 2015 , 36 ( 9 ): 1 - 12 .

DI PIETRO R , SORNIOTTI A . Boosting efficiency and security in proof of ownership for deduplication [C ] // The 7th ACM Symposium on Information, Computer and Communications Security. ACM, Seoul , 2012 : 81 - 82 .

BLASCO J , DI PIETRO R , ORFILA A , et al . A tunable proof of ownership scheme for deduplication using bloom filters [C ] // Commu-nications and Network Security (CNS), 2014 IEEE Conference on. IEEE, San Francisco, California , 2014 : 481 - 489 .

GONZÁLEZ-MANZANO L , ORFILA A . An efficient confidential-ity-preserving proof of ownership for deduplication [J ] . Journal of Network and Computer Applications , 2015 , 50 : 49 - 59 .

XU J , ZHOU J . Leakage resilient proofs of ownership in cloud storage, revisited [C ] // Applied Cryptography and Network Security. Springer International Publishing, New York , 2014 : 97 - 115 .

JUELS A , KALISKI J . PoRs: proofs of retrievability for large files [C ] // 14th ACM conference on Computer and Communications Security, CCS '07. New York , 2007 : 584 - 597 .

YANG C , REN J , MA J . Provable ownership of files in deduplication cloud storage [J ] . Security and Communication Networks , 2015 , 8 ( 14 ): 2457 - 2468 .

杨超，张俊伟，董学文，等．云存储加密数据去重删除所有权证明方法 [J ] . 计算机研究与发展 , 2015 , 52 ( 1 ): 248 - 268 .

YANG C , ZHANG J W , DONG X W , et al . Proving method of own-ership of encrypted files in cloud de-duplication deletion [J ] . Journal of Computer Research and Development , 2015 , 52 ( 1 ): 248 - 268 .

ZHENG Q , XU S . Secure and efficient proof of storage with dedupli-cation [C ] // The 2nd ACM Conference on Data and Application Secu-rity and Privacy. ACM, San Antonio , 2012 : 1 - 12 .

ATEBIESE G , DAGDELEN Ö , DAMGÅRD I , et al . Entangled cloud storage [J ] . Future Generation Computer Systems , 2016 , 62 : 104 - 118 .

ATENIESE G , BURNS R , CURTMOLA R , et al . Provable data pos-session at untrusted stores [C ] // The 14th ACM Conference on Com-puter and Communications Security. ACM, New York, USA , 2007 : 598 - 609 .

REN Y , SHEN J , WANG J , et al . Mutual verifiable provable data auditing in public cloud storage [J ] . Journal of Internet Technology , 2015 , 16 ( 2 ): 317 - 323 .

WANG B , CHOW S , LI M , et al . Storing shared data on the cloud via security-mediator [C ] // Distributed Computing Systems (ICDCS), 2013 IEEE 33rd International Conference on. IEEE, Macau, China , 2013 : 124 - 133 .

王宏远，祝烈煌，李龙一佳 . 云存储中支持数据去重的群组数据持有性证明 [J ] . 软件学报 , 2016 , 27 ( 6 ): 1417 - 1431 .

WANG H Y , ZHU L H , LI L Y J . Group provable data possession with deduplication in cloud storage [J ] . Journal of Software , 2016 , 27 ( 6 ): 1417 - 1431 .

YU C , CHEN C , CHAO H . Proof of ownership in deduplicated cloud storage with mobile device efficiency [J ] . Network, IEEE , 2015 , 29 ( 2 ): 51 - 55 .

HARNIK D , PINKAS B , SHULMAN-PELEG A . Side channels in cloud services: deduplication in cloud storage [J ] . IEEE Security ＆Privacy , 2010 , 8 ( 6 ): 40 - 47 .

LEE S , CHOI D . Privacy-preserving cross-user source-based data deduplication in cloud storage [C ] // 2012 International Conference on ICT Convergence (ICTC). IEEE, Jeju, Korea , 2012 : 329 - 330 .

DWORK C . Differential privacy: a survey of results [C ] // International Conference on Theory and Applications of Models of Computation. Springer Berlin Heidelberg.Xi'an, China , 2008 , 4978 : 1 - 19 .

SORIENTE C , KARAME G , RITZDORF H , et al . Commune:shared ownership in an agnostic cloud [C ] // The 20th ACM Sympo-sium on Access Control Models and Technologies. ACM, Austria , 2015 : 39 - 50 .

CHENG H , RONG C , HWANG K , et al . Secure big data storage and sharing scheme for cloud tenants [J ] . China Communications , 2015 , 12 ( 6 ): 106 - 115 .

SINGH A , SINGH G . A survey on different text data compression techniques [J ] . International Journal of Science and Research , 2014 , 3 .

KAVITHA S , ANANDHI R . A survey of image compression method for low depth-of-field images and image sequences [J ] . Multimedi Tools and Applications , 2015 , 74 ( 18 ): 7943 - 7956 .

LI J , LI Y , CHEN X , et al . A hybrid cloud approach for secure author-ized deduplication [J ] . Parallel and Distributed Systems, IEEE Trans-actions on , 2015 , 26 ( 5 ): 1206 - 1216 .

LI J , LI J , XIE D , et al . Secure auditing and deduplicating data in cloud [J ] . IEEE Transactions on Computers , 2016 , 65 ( 8 ): 2386 - 2396 .

阎芳，李元章，张全新，等．基于对象的 OpenXML 复合文件去重方法研究 [J ] . 计算机研究与发展 , 2015 , 52 ( 7 ): 1546 - 1557 .

YAN F , LI Y Z , ZHANG Q X , et al . Object-based data de-duplication method for openXML [J ] . Journal of Computer Research and Devel-opment , 2015 , 52 ( 7 ): 1546 - 1557 .

LIU J , ASOKAN N , PINKAS B , et al . Secure deduplication of encrypted data without additional independent servers [C ] // The 22nd ACM SIG-SAC Conference on Computer and Communications Security. ACM, Denver, USA , 2015 : 874 - 885 .

ARMKNECHT F , BOHLI J , KARAME G , et al . Transparent data deduplication in the cloud [C ] // The 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, Denver, USA , 2015 : 886 - 900 .

ZHENG Y , YUAN X , WANG X , et al . Enabling encrypted cloud media center with secure deduplication [C ] // The 10th ACM Sympo-sium on Information, Computer and Communications Security. ACM, Singapore , 2015 : 63 - 72 .

LI X , LI J , HUANG F . A secure cloud storage system supporting privacy-preserving fuzzy deduplication [J ] . Soft Computing , 2016 , 20 ( 4 ): 1437 - 1448 .

张沪寅，周景才，陈毅波，等．用户感知的重复数据删除算法 [J ] . 软件学报 , 2015 , 26 ( 10 ): 2581 - 2595 .

ZHANG H Y , ZHOU J C , CHEN Y B , et al . User-aware de-duplication algorithm [J ] . Journal of Software , 2015 , 26 ( 10 ): 2581 - 2595 .

熊金波，李凤华，王彦超，等．基于密码学的云数据确定性删除研究进展 [J ] . 通信学报 , 2016 , 37 ( 8 ): 167 - 184 .

XIONG J B , LI F H , WANG Y C , et al . Research progress on cloud data assured deletion based on cryptography [J ] . , 2016 , 37 ( 8 ): 167 - 184 .

李凤华，李晖，贾焰，等．隐私计算研究范畴及发展趋势 [J ] . 通信学报 , 2016 , 37 ( 4 ): 1 - 11 .

LI F H , LI H , JIA Y , et al . Privacy computing: concept, connotation and its research trend [J ] . Journal on Communications , 2016 , 37 ( 4 ): 1 - 11 .

浏览量

2399

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于角色对称加密的云数据安全去重

基于多方计算的安全拜占庭弹性联邦学习

基于加性秘密共享的洗牌协议的设计

基于秘密共享的轻量级隐私保护ViT推理框架

基于函数加密的密文卷积神经网络模型