基于覆写验证的云数据确定性删除方案

杜瑞忠; 石朋亮; 何欣枫

doi:10.11959/j.issn.1000-436x.2019012

您当前的位置：

首页 >

文章列表页 >

基于覆写验证的云数据确定性删除方案

学术论文 | 更新时间：2024-06-05

- 基于覆写验证的云数据确定性删除方案
- Cloud data assured deletion scheme based on overwrite verification
- 通信学报 2019年40卷第1期页码：130-140
- 作者机构：
  
  1. 河北大学网络空间安全与计算机学院，河北保定 071002
  2. 河北省高可信信息系统重点实验室，河北保定 071002
- 作者简介：
  
  [ "杜瑞忠（1975- ），男，河北献县人，博士，河北大学教授，主要研究方向为可信计算与信息安全等。" ]
  [ "石朋亮（1992- ），男，河北唐县人，河北大学硕士生，主要研究方向为可信计算与信息安全等。" ]
  [ "何欣枫（1976- ），男，天津人，河北大学副教授，主要研究方向为云计算安全与可信计算等。" ]
- 基金信息：
  
  国家自然科学基金资助项目(61572170);河北省自然科学基金资助项目(F2018201153);河北省自然科学基金资助项目(2016205023);河北省高等学校科学技术研究基金资助项目(ZD2016043);河北省物联网监控工程技术研究中心基金资助项目(3142016020)
- DOI：10.11959/j.issn.1000-436x.2019012
  中图分类号： TP393.08
- 网络出版日期：2019-01，
  
  纸质出版日期：2019-01-25
- 稿件说明：
移动端阅览
杜瑞忠, 石朋亮, 何欣枫. 基于覆写验证的云数据确定性删除方案[J]. 通信学报, 2019,40(1):130-140.

Ruizhong DU, Pengliang SHI, Xinfeng HE. Cloud data assured deletion scheme based on overwrite verification[J]. Journal on communications, 2019, 40(1): 130-140.
杜瑞忠, 石朋亮, 何欣枫. 基于覆写验证的云数据确定性删除方案[J]. 通信学报, 2019,40(1):130-140. DOI： 10.11959/j.issn.1000-436x.2019012.

Ruizhong DU, Pengliang SHI, Xinfeng HE. Cloud data assured deletion scheme based on overwrite verification[J]. Journal on communications, 2019, 40(1): 130-140. DOI： 10.11959/j.issn.1000-436x.2019012.

摘要

云存储中的数据在生命周期结束删除时，大多是采用删除密钥的逻辑删除方式进行处理，数据仍存在泄露风险，为此提出了一种基于密文重加密与覆写验证结合的云数据确定性删除方案（WV-CP-ABE）。当数据拥有者想删除外包数据时，通过重新加密密文改变密文对应的访问控制策略来实现数据细粒度删除操作；其次构建基于脏数据块覆写的可搜索路径散列二叉树（DSMHT），对要删除的数据进行覆写后正确性验证；最终采用更改密文访问控制策略和数据覆写双重机制保障数据确定性删除。实验分析证明，所提方案在数据确定性删除方面比以前的逻辑删除方法细粒度控制更好，安全性更可靠。

Abstract

At the end of data life cycle

there is still a risk of data leakage

because mostly data which was stored in cloud is removed by logical deletion of the key.Therefore

a cloud data assured deletion scheme (WV-CP-ABE) based on ciphertext re-encrypt and overwrite verification was proposed.When data owner wants to delete the outsourced data

the data fine-grained deletion operation was realized by re-encrypting the ciphertext to change the access control policy.Secondly

a searchable path hash binary tree (DSMHT) based on dirty data block overwrite was built to verify the correctness of the data to be deletion.Finally

the dual mechanism of changing the ciphertext access control policy and data overwriting guarantees the data assured deletion.The experimental analysis proves that the fine-grained control is better and the security is more reliable than the previous logical delete method in the assured deletion of data.

关键词

Keywords

references

王国峰 , 刘川意 , 潘鹤中 , 方滨兴 . 云计算模式内部威胁综述 [J ] . 计算机学报 , 2017 , 40 ( 02 ): 296 - 316 .

WANG G F , LIU C Y , PAN H Z , FANG B X . Survey on Insider to Cloud Computing [J ] . Chinese Journal of Computers , 2017 , 40 ( 02 ): 296 - 316 .

KAUSPADIENE L , RAMANAUSKAITE S , CENYS A , et al . Modeling of enterprise management structure for data Leakage evaluation [J ] . Information Security Journal:A Global Perspective , 2018 , 27 ( 1 ): 1 - 13 .

RAMOKAPANE K M , RASHID A , SUCH J M . Assured deletion in the cloud:requirements,challenges and future directions [C ] // ACM On Cloud Computing Security Workshop . 2011 : 97 - 108 .

熊金波 , 李凤华 , 王彦超 , 马建峰 , 姚志强 . 基于密码学的云数据确定性删除研究进展 [J ] . 通信学报 , 2016 , 37 ( 08 ): 167 - 184 .

XIONG J B , LI F H , WANG Y C . Research progress on cloud data assured deletion based on cryptography [J ] . Journal on Communication , 2016 , 37 ( 8 ): 168 - 184 .

GEAMBASU R , KOHNO T , LEVY A , et al . Vanish:increasing data privacy with self-destructing data [C ] // ACM Conference on USENIX Security Symposium . 2009 : 299 - 316 .

ZENG L , SHI Z , XU S , et al . SafeVanish:an improved data self-destruction for protecting data privacy [C ] // IEEE International Conference on Cloud Computing Technology and Science . 2010 : 521 - 528 .

LI C L , CHEN Y , ZHOU Y D . A data assued deletion scheme in cloud storage [J ] . China Communication , 2014 , 11 ( 04 ): 98 - 110 .

YAO W B , CHEN Y J , WANG D B . Cloud multimedia files assured deletion based on bit stream transformation with chaos sequence [J ] . Algorithms and Architectures for Parallel Processing.ICA3PP , 2017 : 441 - 451 .

XUE L , YU Y , LI Y , et al . Efficient attribute-based encryption with attribute revocation for assured data deletion [J ] . Information Sciences , 2018 : 1 - 11 .

张坤 , 杨超 , 马建峰 , 等 . 基于密文采样分片的云端数据确定性删除方法 [J ] . 通信学报 , 2015 , 36 ( 11 ): 108 - 117 .

ZHANG K , YANG C , MA J F , et al . Novel cloud data assured deletion approach based on ciphertext sample slice [J ] . Journal on Communications , 2015 , 36 ( 11 ): 108 - 117 .

MO Z , XIAO Q J , ZHOU Y . On deletion of outsourced data in cloud computing [C ] // International Conference on Cloud Computing,IEEE , 2014 : 344 - 351 .

XIONG J , YAO Z , MA J , et al . A secure document self-destruction scheme with identity based encryption [C ] // The International Conference on Intelligent Networking and Collaborative Systems . 2013 : 239 - 243 .

MO Z , QIAO Y , CHEN S . Two-party fine-grained assured deletion of outsourced data in cloud systems [C ] // International Conference on Computing System. . 2014 : 308 - 317 .

YU Y , XUE L , LI Y , et al . Assured data deletion with fine-grained access control for fog-based industrial applications [J ] . IEEE Transactions on Industrial Informatics , 2018 , PP ( 99 ): 1 - 1 .

曹来成 , 刘宇飞 , 董晓晔 , 郭显 . 基于属性加密的用户隐私保护云存储方案 [J ] . 清华大学学报(自然科学版) , 2018 , 58 ( 02 ): 150 - 156 .

CAO L C , LIU Y F , DONG X Y , GUO X . User privacy-preserving cloud storage scheme on CP-ABE [J ] . Journal of Tsinghua University (Science and Technology) , 2018 , 58 ( 02 ): 150 - 156 .

GEAMBASU R , KOHNO T , LEVY A , et al . Vanish:increasing data privacy with self-destructing data [C ] // The USENIX Security Symposium . 2009 : 299 - 315 .

XIONG J B , YAO Z Q , MA J F , et al . A secure self-destruction scheme with IBE for the internet content privacy [J ] . Chinese Journal of Computers , 2014 , 37 ( 1 ): 139 - 150 .

YAO Z Q , XIONG J B , MA J F , et al . A secure electronic document self-destructing scheme in cloud computing [J ] . Journal of Computer Research and Development , 2014 , 51 ( 7 ): 1417 - 1423 .

XIONG J B , YAO Z Q , MA J F , et al . A secure self-destruction scheme for composite documents with attribute based encryption [J ] . ACTA Electronica Sinica , 2013 , 42 ( 2 ): 366 - 376 .

ISOIT I , DAVID S , GUSTSVO A . Active pages 20 years Later:active storage for the cloud [J ] . IEEE Internet Computing , 2018 , 22 ( 4 ): 6 - 14 .

JUNG T , LI X Y , WAN Z , et al . Privacy preserving cloud data access with multi-authorities [C ] // INFOCOM . IEEE , 2013 : 2625 - 2633 .

浏览量

944

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

面向连接关键词可搜索加密的查询恢复攻击

面向云存储的属性基双边访问控制方案

基于区块链且可验证的智能电网多维数据聚合与分享方案

基于分层结构的匹配量隐藏加密多重映射方案

无第三方服务器的基于数据流行度的加密去重方案