基于收敛加密的云安全去重与完整性审计系统

郭晓勇; 付安民; 况博裕; 丁纬佳

doi:10.11959/j.issn.1000-436x.2017269

您当前的位置：

首页 >

文章列表页 >

基于收敛加密的云安全去重与完整性审计系统

学术论文 | 更新时间：2024-06-05

- 基于收敛加密的云安全去重与完整性审计系统
- Secure deduplication and integrity audit system based on convergent encryption for cloud storage
- 通信学报 2017年38卷第Z2期页码：156-163
- 作者机构：
  
  1. 南京理工大学计算机科学与工程学院，江苏南京 210094
  2. 贵州大学贵州省公共大数据重点实验室，贵州贵阳 550025
- 作者简介：
  
  [ "郭晓勇（1993-），男，山西忻州人，南京理工大学硕士生，主要研究方向为云存储安全。" ]
  [ "付安民（1981-），男，湖北通城人，博士，南京理工大学副教授、博士生导师，主要研究方向为无线网络安全、云计算、大数据安全等。" ]
  [ "况博裕（1994-），男，四川绵阳人，南京理工大学硕士生，主要研究方向为物联网安全。" ]
  [ "丁纬佳（1995-），女，浙江杭州人，南京理工大学本科生，主要研究方向为云存储安全。" ]
- 基金信息：
- DOI：10.11959/j.issn.1000-436x.2017269
  中图分类号： TP393
- 网络出版日期：2017-11，
  
  纸质出版日期：2017-11-25
- 稿件说明：
移动端阅览
郭晓勇, 付安民, 况博裕, 等. 基于收敛加密的云安全去重与完整性审计系统[J]. 通信学报, 2017,38(Z2):156-163.

Xiao-yong GUO, An-min FU, Bo-yu KUANG, et al. Secure deduplication and integrity audit system based on convergent encryption for cloud storage[J]. Journal on communications, 2017, 38(Z2): 156-163.
郭晓勇, 付安民, 况博裕, 等. 基于收敛加密的云安全去重与完整性审计系统[J]. 通信学报, 2017,38(Z2):156-163. DOI： 10.11959/j.issn.1000-436x.2017269.

Xiao-yong GUO, An-min FU, Bo-yu KUANG, et al. Secure deduplication and integrity audit system based on convergent encryption for cloud storage[J]. Journal on communications, 2017, 38(Z2): 156-163. DOI： 10.11959/j.issn.1000-436x.2017269.

摘要

云存储应用以其便利性、可扩展性等优势迅速成为个人用户和企业存储的不二选择，但安全去重与完整性审计是云存储面临的关键问题。首先提出了基于盲签名的收敛密钥封装与解封算法，在安全存储收敛密钥的同时可以实现收敛密钥去重，提高了云存储空间利用率。另一方面，提出了基于收敛密钥的BLS签名算法，并利用可信第三方（TTP）存储审计公钥和代理审计，实现了对审计签名和审计公钥的去重，减轻了客户端存储和计算负担。在此基础上，进一步设计与实现了一个基于收敛加密的云安全去重和完整性审计系统。该系统能为云存储提供数据隐私保护、重复认证、审计认证等安全服务，且进一步降低了客户端、云端的存储和计算开销。

Abstract

Cloud storage applications quickly become the best choice of the personal user and enterprise storage with its convenience

scalability and other advantages

secure deduplication and integrity auditing are key issues for cloud storage.At first

convergent key encapsulation/decoupling algorithm based on blind signature was set up

which could securely store key and enable it to deduplicate.Besides

a BLS signature algorithm based on convergence key was provided and use TTP to store public key and proxy audit which enables signature and pubic key deduplication and reduces client storage and computing overhead.Finally

cloud-based secure deduplicaion and integrity audit system was designed and implemented.It offered user with data privacy protection

deduplication authentication

audit authentication services and lowered client and cloud computation overhead.

关键词

Keywords

references

GANTZ B J , REINSEL D . Big data,bigger digital shadows,and biggest growth in the far east executive summary:a universe of opportunities and challenges [C ] // Idc . 2007 : 1 - 16 .

HALEVI S , HARNIK D , PINKAS B , et al . Proofs of ownership in remote storage systems [C ] // The 18th ACM conference on Computer and communications security . 2011 : 491 - 500 .

杨超 , 纪倩 , 熊思纯 , 等 . 新的云存储文件去重复删除方法 [J ] . 通信学报 , 2017 , 38 ( 3 ): 25 - 33 .

YANG C , JI Q , XIONG S . New method for file deduplication in cloud storage [J ] . Journal on Communications , 2017 , 37 ( 3 ): 25 - 33 .

LI J , CHEN X F , LI M Q , et al . Secure deduplication with efficient and reliable convergent key management [J ] . IEEE Trans on Parallel and Distributed Systems , 2014 , 25 ( 6 ): 1615 - 1625 .

DOUCEUR J R , ADYA A , BOLOSKY W J , et al . Reclaiming space from duplicate files in a serverless distributed file system [C ] // 22nd International Conference on Distributed Computing Systems , 2002 : 617 - 624 .

熊金波 , 张媛媛 , 李凤华 , 等 . 云环境中数据安全去重研究进展 [J ] . 通信学报 , 2016 , 37 ( 11 ): 169 - 180 .

XIONG J B , ZHANG Y Y , LI F H , et al . Research progress on secure data deduplication in cloud [J ] . Journal on Communications , 2016 , 31 ( 1 1 ): 169 - 180 .

CHEN R , MU Y , YANG G , et al . BL-MLE:block-level message-locked encryption for secure large file deduplication [J ] . IEEE Trans actions on Information Forensics and Security , 2015 , 10 ( 12 ): 2643 - 2652 .

BELLARE M , KEELVEEDHI S , RISTENPART T . Message-locked encryption and secure deduplication [C ] // Annual International Conference on the Theory and Applications of Cryptographic Techniques . 2013 : 296 - 312 .

ATENIESE G , BURNS R , CURTMOLA R , et al . Provable data possession at untrusted stores [C ] // The 14th ACM conference on Computer and communications security . 2007 : 598 - 609 .

黄龙霞 , 张功萱 , 付安民 . 基于层次树的动态群组隐私保护公开审计方案 [J ] . 计算机研究与发展 , 2016 , 53 ( 10 ): 2334 - 2342 .

HUANG L X , ZHANG G X , FU A M . Privacy-preserving public auditing for dynamic group based on hierarchical tree [J ] . Journal of Computer Research and Development , 2016 , 53 ( 10 ): 2334 - 2342 .

LI Y , FU A , YU Y , et al . IPOR:an efficient IDA-based proof of retrievability scheme for cloud storage systems [C ] // 2017 IEEE International Conference on Communications (ICC) . 2017 : 1 - 6 .

FU A , YU S , ZHANG Y , et al . NPP:a new privacy-aware public auditing scheme for cloud data sharing with group users [J ] . IEEE Transactions on Big Data , 2017

付安民 , 秦宁元 , 宋建业 , 等 . 云端多管理者群组共享数据中具有隐私保护的公开审计方案 [J ] . 计算机研究与发展 , 2015 , 52 ( 10 ): 2353 - 2362 .

FU A M , QIN N Y , SONG J Y . Privacy-preserving public auditing for multiple managers shared data in the cloud[J] [J ] . Journal of Computer Research and Development , 2015 , 52 ( 10 ): 2353 - 2362 .

HUANG L , ZHANG G , FU A . Certificateless public verification scheme with privacy-preserving and message recovery for dynamic group [C ] // The Australasian Computer Science Week Multiconference . 2017 :76.

YUAN J , YU S . Secure and constant cost public cloud storage auditingwith deduplication [C ] // 2013 IEEE Conference on Communications and Network Security (CNS) . 2013 : 145 - 153 .

LI J , LI J , XIE D , et al . Secure auditing and deduplicating data in cloud [J ] . IEEE Transactions on Computers , 2016 , 65 ( 8 ): 2386 - 2396 .

LIU X , SUN W , LOU W , et al . One-tag checker:message-locked integrity auditing on encrypted cloud deduplication storage [J ] . IEEE International Conference on Computer Communications , 2017 .

SHACHAM H , WATERS B . Compact proofs of retrievability [C ] // Asiacrypt . 2008 : 90 - 107 .

BOLDYREVA A , . Threshold signatures,multi signatures and blind signatures based on the gap-Diffie-Hellman-group signature scheme [C ] // International Workshop on Public Key Crypto graphy . 2003 : 31 - 46 .

浏览量

1398

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

面向工业物联网的无配对数据高效验证和聚合协议

基于区块链的分布式EHR细粒度可追溯方案

支持高并发的Hadoop高性能加密方法研究

新的云存储文件去重复删除方法

基于动态累加器的异构传感网认证组密钥管理方案