共享所有权证明：协作云数据安全去重新方法

熊金波; 李素萍; 张媛媛; 李璇; 叶阿勇; 姚志强

doi:10.11959/j.issn.1000-436x.2017139

您当前的位置：

首页 >

文章列表页 >

共享所有权证明：协作云数据安全去重新方法

学术论文 | 更新时间：2024-06-05

- 共享所有权证明：协作云数据安全去重新方法
- PoSW:novel secure deduplication scheme for collaborative cloud applications
- 通信学报 2017年38卷第7期页码：18-27
- 作者机构：
  
  1. 福建师范大学软件学院，福建福州350117
  2. 福建省网络安全与密码技术重点实验室，福建福州350007
  3. 福建省公共服务大数据挖掘与应用工程技术研究中心，福建福州 350117
- 作者简介：
  
  [ "熊金波（1981-），男，湖南益阳人，博士，福建师范大学副教授、硕士生导师，中国科学院信息工程研究所博士后，主要研究方向为云数据安全与隐私保护技术。" ]
  [ "李素萍（1991-），女，福建三明人，福建师范大学硕士生，主要研究方向为云数据安全与隐私保护技术。" ]
  [ "张媛媛（1992-），女，河南南阳人，福建师范大学硕士生，主要研究方向为云数据安全与隐私保护技术。" ]
  [ "李璇（1984-），女，湖北黄石人，博士，福建师范大学副教授、硕士生导师，主要研究方向为信息安全。" ]
  [ "叶阿勇（1977-），男，福建漳州人，博士，福建师范大学教授、硕士生导师，主要研究方向为隐私保护与网络安全等。" ]
  [ "姚志强（1967-），男，福建莆田人，博士，福建师范大学教授、硕士生导师，主要研究方向为信息安全。" ]
- 基金信息：
  
  国家自然科学基金资助项目(61402109);国家自然科学基金资助项目(61370078);国家自然科学基金资助项目(61502102);国家自然科学基金资助项目(61502103);福建省自然科学基金资助项目(2015J05120);福建省自然科学基金资助项目(2017J05099);福建省网络安全与密码技术重点实验室(福建师范大学)开放课题基金资助项目(15008);福建省高校杰出青年科研人才培育计划基金资助项目(2015)
- DOI：10.11959/j.issn.1000-436x.2017139
  中图分类号： TP309.2
- 网络出版日期：2017-07，
  
  纸质出版日期：2017-07-25
- 稿件说明：
移动端阅览
熊金波, 李素萍, 张媛媛, 等. 共享所有权证明：协作云数据安全去重新方法[J]. 通信学报, 2017,38(7):18-27.

Jin-bo XIONG, Su-ping LI, Yuan-yuan ZHANG, et al. PoSW:novel secure deduplication scheme for collaborative cloud applications[J]. Journal on communications, 2017, 38(7): 18-27.
熊金波, 李素萍, 张媛媛, 等. 共享所有权证明：协作云数据安全去重新方法[J]. 通信学报, 2017,38(7):18-27. DOI： 10.11959/j.issn.1000-436x.2017139.

Jin-bo XIONG, Su-ping LI, Yuan-yuan ZHANG, et al. PoSW:novel secure deduplication scheme for collaborative cloud applications[J]. Journal on communications, 2017, 38(7): 18-27. DOI： 10.11959/j.issn.1000-436x.2017139.

摘要

针对共享文件的安全访问与去重问题，提出共享所有权证明（PoSW）的新概念，对其进行形式化定义，构造PoSW方案并对其进行扩展。在PoSW方案中，充分利用共享文件散布、收敛加密、秘密共享等技术对共享文件进行变换处理，实现对共享文件的分享授权；提出一种新的挑战—响应协议，实现共享所有权证明，为共享文件的安全去重提供基础；引入多云服务提供商对PoSW进行扩展，通过复制策略和安全文件散布策略提高不同类型共享文件的可用性和可靠性。安全性分析和性能分析表明所提PoSW方案是安全和高效的。

Abstract

In order to solve the problems of secure access and deduplication to the shared file in the cloud environment

a novel notion called proof of shared ownership (PoSW) was formalized

and a formal definition of the PoSW was given.Furthermore

a PoSW scheme and an enhanced version of that were proposed.In the PoSW scheme

secure shared file dispersal

convergent encryption and secret sharing algorithm were employed to transform the shared file realize the sharing and authorization for the shared file

and then a novel challenge-response protocol was proposed to achieve the proof of shared ownership and the foundation for the secure deduplication of the shared file was provided.An enhanced PoSW scheme was designed to improve the availability and reliability for different kinds of the shared files by introducing the multi-cloud server providers and using the strategies of both data duplication and secret file dispersal.Security analysis and performance evaluation show the security and efficiency of the proposed scheme.

关键词

Keywords

references

WU D , YANG B , WANG H , et al . Privacy-preserving multimedia big data aggregation in large-scale wireless sensor networks [J ] . ACM Transactions on Multimedia Computing,Communications and Applications , 2016 , 12 ( 4 ): 1 - 19 .

XIONG J B , LI F H , MA J F , et al . A full lifecycle privacy protection scheme for sensitive data in cloud computing [J ] . Peer-to-Peer Networking and Applications , 2015 , 8 ( 6 ): 1025 - 1037 .

MITTAL S , VETTERJ S . A survey of architectural approaches for data compression in cache and main memory systems [J ] . IEEE Transactions on Parallel and Distributed Systems , 2016 , 27 ( 5 ): 1524 - 1536 .

HARNIK D,PINKASB,SHULMAN-PELEGA , PINKASB , SHULMAN-PELEGA , . Side channels in cloud services:deduplication in cloud storage [J ] . IEEE Security ＆Privacy , 2010 , 8 ( 6 ): 40 - 47 .

熊金波 , 张媛媛 , 李凤华 , 等 . 云环境中数据安全去重研究进展 [J ] . 通信学报 , 2016 , 37 ( 11 ): 169 - 180 .

XIONG J B , ZHANG Y Y , LI F H , et al . Research progress on secure data deduplication in cloud [J ] . Journal on Communications , 2016 , 37 ( 11 ): 169 - 180 .

LIU J , ASOKAN N , PINKAS B . Secure deduplication of encrypted data without additional independent servers [C ] // The 22nd ACM SIGSAC Conference on Computer and Communications Security . 2015 : 874 - 885 .

MEYER D , BOLOSKY W . A study of practical deduplication [J ] . ACM Transactions on Storage (TOS) , 2012 , 7 ( 4 ): 14 - 26 .

DOUCEUR J , ADYA A , BOLOSKY W , et al . Reclaiming space from duplicate files in a serverless distributed file system [C ] // The 22nd IEEE International Conference on Distributed Computing Systems . 2002 : 617 - 624 .

STANEK J , SORNIOTTI A , ANDROULAKI E , et al . A secure data deduplication scheme for cloud storage [C ] // The Financial Cryptography and Data Security . 2014 : 99 - 118 .

LI M , QIN C , LI J , et al . CDStore:toward reliable,secure,and cost-efficient cloud storage via convergent dispersal [J ] . IEEE Internet Computing , 2016 , 20 ( 3 ): 45 - 53 .

BELLARE M , KEELVEEDHI S , RISRENPART T . Message-locked encryption and secure deduplication [C ] // The Advances in Cryptology-EUROCRYPT 2013 . 2013 : 296 - 312 .

BELLARE M , KEELVEEDHI S , RISTENPART T . DupLESS:server-aided encryption for deduplicated storage [C ] // The 22nd Usenix Conference on Security,Berkeley . 2013 : 179 - 194 .

杨超 , 纪倩 , 熊思纯 , 等 . 新的云存储文件去重删除方法 [J ] . 通信学报 , 2017 , 38 ( 3 ): 25 - 33 .

YANG C , JI Q , XIONG S C , et al . New method for file deduplication in cloud storage [J ] . Journal on Communications , 2017 , 38 ( 3 ): 25 - 33 .

LI J , QIN C , LEE P P C , et al . Rekeying for encrypted deduplication storage [C ] // The 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks . 2016 : 618 - 629 .

QIN C , LI J , LEE P P C . The design and implementation of a rekeying-aware encrypted deduplication storage system [J ] . ACM Transactions on Storage , 2017 , 13 ( 1 ): 9 : 1 - 9 : 30 .

HALEVI S , HARNIK D , PINKAS B , et al . Proofs of ownership in remote storage systems [C ] // The 18th ACM Conference on Computer and Communications Security . 2011 : 491 - 500 .

PIETRO R D , SORNIOTTI A . Boosting efficiency and security in proof of ownership for deduplication [C ] // The 7th ACM Symposium on Information,Computer and Communications Security . 2012 : 81 - 82 .

BLASCO J , PIETRO R D , ORFILA A , et al . A tunable proof of ownership scheme for deduplication using bloom filters [C ] // The 2014 IEEE Conference on Communications and Network Security (CNS) . 2014 : 481 - 489 .

GONZÁLEZ-MANZANO L , ORFILA A . An efficient confidentiality-preserving proof of ownership for deduplication [J ] . Journal of Network and Computer Applications , 2015 , 50 : 49 - 59 .

SORIENTE C , KARAME G , RITZDORF H , et al . Commune:shared ownership in an agnostic cloud [C ] // The 20th ACM Symposium on Access Control Models and Technologies . 2015 : 39 - 50 .

LI J , CHEN X , HUANG X , et al . Secure distributed deduplication systems with improved reliability [J ] . IEEE Transactions on Computers , 2015 , 64 ( 12 ): 3569 - 3579 .

SHAMIR A . How to share a secret [J ] . Communications of the ACM , 1979 , 22 ( 11 ): 612 - 613 .

毛波 , 叶阁焰 , 蓝琰佳 , 等 . 一种基于重复数据删除技术的云中云存储系统 [J ] . 计算机研究与发展 , 2015 , 52 ( 6 ): 1278 - 1287 .

MAO B , YE G Y , LAN Y J , et al . A data deduplication-based primary storage system in cloud-of-clouds [J ] . Journal of Computer Research and Development , 2015 , 52 ( 6 ): 1278 - 1287 .

ABU-LIBDEH H , PRINCEHOUSE L , WEATHERSPOON H . RACS:a case for cloud storage diversity [C ] // The 1st ACM Symposium on Cloud Computing . 2010 : 229 - 240 .

刘莎 , 楚传仁 . 基于文件等级的Ceph数据冗余存储策略的研究 [J ] . 信息网络安全 , 2016 ( 4 ): 50 - 54 .

LIU S , CHU C R . Research on data placement strategy for Ceph based on file level [J ] . Netinfo Security , 2016 ( 4 ): 50 - 54 .

BESSANI A , CORREIA M , QUARESMA B , et al . DepSky:dependable and secure storage in a cloud-of-clouds [J ] . ACM Transactions on Storage (TOS) , 2013 , 9 ( 4 ): 31 - 46 .

李凤华 , 李晖 , 贾焰 , 等 . 隐私计算研究范畴及发展趋势 [J ] . 通信学报 , 2016 , 37 ( 4 ): 1 - 11 .

LI F H , LI H , JIA Y , et al . Privacy computing:concept,connotation and its research trend [J ] . Journal on Communications , 2016 , 37 ( 4 ): 1 - 11 .

熊金波 , 李凤华 , 王彦超 , 等 . 基于密码学的云数据确定性删除研究进展 [J ] . 通信学报 , 2016 , 37 ( 8 ): 167 - 184 .

XIONG J B , LI F H , WANG Y C , et al . Research progress on cloud data assured deletion based on cryptography [J ] . Journal on Communications , 2016 , 37 ( 8 ): 167 - 184 .

XIONG J B , LIU X , YAO Z , et al . A secure data self-destructing scheme in cloud computing [J ] . IEEE Transactions on Cloud Computing , 2014 , 2 ( 4 ): 448 - 458 .

浏览量

785

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

面向连接关键词可搜索加密的查询恢复攻击

面向云存储的属性基双边访问控制方案

基于区块链且可验证的智能电网多维数据聚合与分享方案

基于分层结构的匹配量隐藏加密多重映射方案

无第三方服务器的基于数据流行度的加密去重方案