边缘环境下基于无证书公钥密码的数据完整性审计方案

王子园; 杜瑞忠

doi:10.11959/j.issn.1000-436x.2022130

您当前的位置：

首页 >

文章列表页 >

边缘环境下基于无证书公钥密码的数据完整性审计方案

学术论文 | 更新时间：2024-06-05

- 边缘环境下基于无证书公钥密码的数据完整性审计方案
- Certificateless public key cryptography based provable data possession scheme in edge environment
- 通信学报 2022年43卷第7期页码：62-72
- 作者机构：
  
  1. 河北大学管理学院，河北保定 071002
  2. 河北省高可信信息系统重点实验室，河北保定 071002
  3. 河北大学网络空间安全与计算机学院，河北保定 071002
- 作者简介：
  
  [ "王子园（1996- ），男，河北保定人，河北大学博士生，主要研究方向为信息安全、数据完整性审计" ]
  [ "杜瑞忠（1975- ），男，河北献县人，博士，河北大学教授、博士生导师，主要研究方向为可信计算、信息安全等" ]
- 基金信息：
  
  国家自然科学基金资助项目(61572170);河北省自然科学基金重点资助项目(F2019201290)
- DOI：10.11959/j.issn.1000-436x.2022130
  中图分类号： TP309
- 网络首发：2022-06，
  
  纸质出版：2022-07-25
- 稿件说明：
移动端阅览
王子园, 杜瑞忠. 边缘环境下基于无证书公钥密码的数据完整性审计方案[J]. 通信学报, 2022,43(7):62-72.

Ziyuan WANG, Ruizhong DU. Certificateless public key cryptography based provable data possession scheme in edge environment[J]. Journal on Communications, 2022, 43(7): 62-72.
王子园, 杜瑞忠. 边缘环境下基于无证书公钥密码的数据完整性审计方案[J]. 通信学报, 2022,43(7):62-72. DOI： 10.11959/j.issn.1000-436x.2022130.

Ziyuan WANG, Ruizhong DU. Certificateless public key cryptography based provable data possession scheme in edge environment[J]. Journal on Communications, 2022, 43(7): 62-72. DOI： 10.11959/j.issn.1000-436x.2022130.

摘要

边缘环境下，当数据传输到云端时需途经边缘节点这一新的实体，这使数据安全问题变得更加复杂，数据的机密性和完整性很难得到保证，传统的数据完整性审计方案不适用于设备繁多的边缘环境。基于此，提出了一种边缘环境下基于无证书公钥密码的数据完整性审计方案，结合在线/离线签名思想，在边缘节点半可信的情况下，用户设备只需在上传数据时进行轻量级的计算，其余计算量交由离线阶段执行。该方案利用边缘节点进行审计工作，同时支持不同存储状态下的审计和隐私保护等特性。安全性分析表明，所提方案在随机预言模型下能有效应对三类敌手攻击，证明该方案是安全的。与其他方案进行实验对比，结果显示所提方案时间开销最低。

Abstract

In the edge environment

data transmission to the cloud needs to pass through a new entity

the edge node

which makes the data security problem more complicated

the confidentiality and integrity of data are difficult to be guaranteed

and the traditional provable data possession scheme is not suitable for the edge environment with a large number of devices.Based on this

a certificateless public key cryptography based provable data possession scheme was proposed for the edge environment

combining the online/offline signature idea

where the user device only needed to perform light computation when uploading data in the case of semi-trusted edge nodes

leaving the rest of the computation to be performed in the offline phase.The scheme used edge nodes for auditing work while supporting auditing in different storage states

as well as privacy protection and other features.The security analysis shows that the proposed scheme is proven to be secure by being able to effectively combat three types of adversary attacks under a stochastic prediction model.Experimental comparisons with other schemes show that the proposed scheme has lowest time overhead.

关键词

Keywords

references

ATENIESE G , BURNS R , CURTMOLA R , et al . Provable data possession at untrusted stores [C ] // Proceedings of the 14th ACM Conference on Computer and Communications Security . New York:ACM Press , 2007 : 598 - 609 .

谭霜 , 贾焰 , 韩伟红 . 云存储中的数据完整性证明研究及进展 [J ] . 计算机学报 , 2015 , 38 ( 1 ): 164 - 177 .

TAN S , JIA Y , HAN W H . Research and development of provable data integrity in cloud storage [J ] . Chinese Journal of Computers , 2015 , 38 ( 1 ): 164 - 177 .

SHI W S , PALLIS G , XU Z W . Edge computing scanning the issue [J ] . Proceedings of the IEEE , 2019 , 107 ( 8 ): 1474 - 1481 .

施巍松 , 张星洲 , 王一帆 , 等 . 边缘计算:现状与展望 [J ] . 计算机研究与发展 , 2019 , 56 ( 1 ): 69 - 89 .

SHI W S , ZHANG X Z , WANG Y F , et al . Edge computing:state-of-the-art and future directions [J ] . Journal of Computer Research and Development , 2019 , 56 ( 1 ): 69 - 89 .

张佳乐 , 赵彦超 , 陈兵 , 等 . 边缘计算数据安全与隐私保护研究综述 [J ] . 通信学报 , 2018 , 39 ( 3 ): 1 - 21 .

ZHANG J L , ZHAO Y C , CHEN B , et al . Survey on data security and privacy-preserving for the research of edge computing [J ] . Journal on Communications , 2018 , 39 ( 3 ): 1 - 21 .

OQAILY M , JARRAYA Y , MOHAMMADY M , et al . SegGuard:segmentation-based anonymization of network data in clouds for privacy-preserving security auditing [J ] . IEEE Transactions on Dependable and Secure Computing , 2021 , 18 ( 5 ): 2486 - 2505 .

YANG Y , CHEN Y J , CHEN F . A compressive integrity auditing protocol for secure cloud storage [J ] . IEEE/ACM Transactions on Networking,2021:doi.org/10.1109/TNET.2021.3058130 .

CHEN X Y , SHANG T , ZHANG F , et al . Dynamic data auditing scheme for big data storage [J ] . Frontiers of Computer Science , 2020 , 14 ( 1 ): 219 - 229 .

KONSTA A , MYTILINIS I , DOKA K , et al . Clouseau:blockchain-based data integrity for HDFS clusters [C ] // Proceedings of 2021 IEEE 37th International Conference on Data Engineering . Piscataway:IEEE Press , 2021 : 2725 - 2728 .

TIAN M , YE S , ZHONG H , et al . Identity-based proofs of storage with enhanced privacy [C ] // Proceedings of International Conference on Algorithms and Architectures for Parallel Processing .[S.l.:s.n. ] , 2018 : 461 - 480 .

SHEN W T , QIN J , YU J , et al . Enabling identity-based integrity auditing and data sharing with sensitive information hiding for secure cloud storage [J ] . IEEE Transactions on Information Forensics and Security , 2019 , 14 ( 2 ): 331 - 346 .

LI Y N , YU Y , MIN G Y , et al . Fuzzy identity-based data integrity auditing for reliable cloud storage systems [J ] . IEEE Transactions on Dependable and Secure Computing , 2019 , 16 ( 1 ): 72 - 83 .

WANG H Q . Identity-based distributed provable data possession in multicloud storage [J ] . IEEE Transactions on Services Compu ting , 2015 , 8 ( 2 ): 328 - 340 .

YU H Y , CAI Y Q , SINNOTT R O , et al . ID-based dynamic replicated data auditing for the cloud [J ] . Concurrency and Computation:Practice and Experience , 2019 , 31 ( 11 ): 1 - 12 .

WANG F , XU L , WANG H Q , et al . Identity-based non-repudiable dynamic provable data possession in cloud storage [J ] . Computers ＆Electrical Engineering , 2018 , 69 : 521 - 533 .

HE D B , KUMAR N , WANG H Q , et al . Privacy-preserving certificateless provable data possession scheme for big data storage on cloud [J ] . Applied Mathematics and Computation , 2017 , 314 : 31 - 43 .

JI Y Y , SHAO B L , CHANG J Y , et al . Privacy-preserving certificateless provable data possession scheme for big data storage on cloud,revisited [J ] . Applied Mathematics and Computation , 2020 ,386:125478.

GAO G M , FEI H X , QIN Z F . An efficient certificateless public auditing scheme in cloud storage [J ] . Concurrency and Computation:Practice and Experience , 2020 , 32 ( 24 ): e5924 .

WANG T , MEI Y X , LIU X X , et al . Edge-based auditing method for data security in resource-constrained Internet of things [J ] . Journal of Systems Architecture , 2021 ,114:101971.

LIU D Z , SHEN J , VIJAYAKUMAR P , et al . Efficient data integrity auditing with corrupted data recovery for edge computing in enterprise multimedia security [J ] . Multimedia Tools and Applications , 2020 , 79 ( 15/16 ): 10851 - 10870 .

LI B , HE Q , CHEN F F , et al . Auditing cache data integrity in the edge computing environment [J ] . IEEE Transactions on Parallel and Distributed Systems , 2021 , 32 ( 5 ): 1210 - 1223 .

边缘计算产业联盟(ECC)与工业互联网产业联盟(AII)联合发布 . 边缘计算安全白皮书 [R ] . 2019 .

Edge Compting Consortium (ECC) and Alliance of Industrial Internet (AII) Jointly Publish . Edge compting security white paper [R ] . 2019 .

浏览量

1681

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

边缘计算场景下基于PSI的多方共享缓存隐私保护方案

边缘环境下面向移动性用户的微服务选择方法

基于不确定联盟博弈的EIP收益预估策略研究

基于李雅普诺夫的RIS辅助无人机边缘计算网络中任务卸载与资源分配研究

基于自适应拜占庭防御的安全联邦学习方案