身份加密多云多副本完整性审计协议

计算机工程与科学 ›› 2024, Vol. 46 ›› Issue (03): 453-462.

• 计算机网络与信息安全 • 上一篇下一篇

身份加密多云多副本完整性审计协议

张逢1,2,3，文斌1,2,3，闫一非1,2,3，曾昭武1,2,3，周伟1,2,3

(1.海南师范大学信息科学技术学院，海南海口 571158;2.海南师范大学云计算与大数据研究中心，海南海口 571158;
3.数据科学与智慧教育教育部重点实验室(海南师范大学)，海南海口 571158)

收稿日期:2023-07-14 修回日期:2023-09-05 接受日期:2024-03-25 出版日期:2024-03-25 发布日期:2024-03-15
基金资助:
国家自然科学基金 (62362029)；海南省自然科学基金 (623RC485)；海南省研究生创新科研课题（Qhys2022-266）

An identity-encryption multi-cloud multi-copy integrity auditing protocol

ZHANG Feng1,2,3,WEN Bin1,2,3,YAN Yi-fei1,2,3，ZENG Zhao-wu1,2,3，ZHOU Wei1,2,3

(1.School of Information Science and Technology,Hainan Normal University,Haikou 571158;
2.Cloud Computing and Big Data Research Center,Hainan Normal University,Haikou 571158;
3.Key Laboratory of Data Science and Smart Education,
Ministry of Education(Hainan Normal University),Haikou 571158，China)

Received:2023-07-14 Revised:2023-09-05 Accepted:2024-03-25 Online:2024-03-25 Published:2024-03-15

摘要/Abstract

摘要： 为解决现有可证明数据持有(PDP)协议只适用于单云存储服务器且过度依赖公钥基础设施的问题，提出一种新的基于身份的多云多副本PDP协议。该协议采用身份加密来简化证书管理，并设计双层默克尔哈希树作为新的安全数据结构，以维护多副本的新鲜性和一致性。安全性分析和实验结果均验证了该协议具备安全性和高效性，能够在多个云存储服务器上实现多副本完整性审计，并在标签生成、证据生成和证据验证3个阶段的效率上明显优于对比算法。

关键词: 云存储, 数据完整性审计, 多云服务器, 多副本, 身份加密

Abstract: To solve the problems of existing provable data possession (PDP) protocols only applicable to single cloud storage servers and over-reliance on public key infrastructure, a new identity-based multi-cloud multi-replica PDP protocol is proposed. This protocol adopts identity encryption to simplify certificate management, and designs a double-layer Merkle hash tree as a new secure data structure to maintain the freshness and consistency of multi-replica. Security analysis and experimental results verify the security and efficiency of this protocol, which can achieve multi-replica integrity auditing on multiple cloud storage servers, and significantly outperform the efficiency of comparison algorithms in the three stages of tag generation, evidence generation, and evidence verification.

Key words: cloud storage, data integrity auditing, multi-cloud servers, multi-copy, identity encryption

张逢, 文斌, 闫一非, 曾昭武, 周伟, . 身份加密多云多副本完整性审计协议[J]. 计算机工程与科学, 2024, 46(03): 453-462.

ZHANG Feng, WEN Bin, YAN Yi-fei, ZENG Zhao-wu, ZHOU Wei, . An identity-encryption multi-cloud multi-copy integrity auditing protocol[J]. Computer Engineering & Science, 2024, 46(03): 453-462.

参考文献［22］

［1］	Song D,Shi E,Fischer I,et al.Cloud data protection for the masses［J］.Computer,2012,45(1):39-45.
［2］	Juels A, Jr B S K.PORs:Proofs of retrievability for large files［C］∥Proc of the 14th ACM Conference on Computer and Communications Security,2007:584-597.
［3］	Ateniese G,Burns R,Curtmola R,et al.Provable data possession at untrusted stores［C］∥Proc of the 14th ACM Confe- rence on Computer and Communications Security,2007:598-609.
［4］	Ateniese G, Pietro R D,Mancini L V,et al.Scalable and efficient provable data possession［C］∥Proc of the 4th International Conference on Security and Privacy in Communication Netowrks,2008:1-10.
［5］	Wang Q,Wang C,Ren K,et al.Enabling public auditability and data dynamics for storage security in cloud computing［J］.IEEE Transactions on Parallel and Distributed Systems,2010,22(5):847-859.
［6］	Barsoum A F,Hasan M A.Provable multicopy dynamic data possession in cloud computing systems［J］.IEEE Transactions on Information Forensics and Security,2014,10(3):485-497.
［7］	Liu C,Ranjan R,Yang C,et al.MuR-DPA:Top-down levelled multi-replica merkle hash tree based secure public auditing for dynamic big data storage on cloud［J］.IEEE Transactions on Computers,2014,64(9):2609-2622.
［8］	Shen J,Shen J,Chen X,et al.An efficient public auditing protocol with novel dynamic structure for cloud data［J］.IEEE Transactions on Information Forensics and Security,2017,12(10):2402-2415.
［9］	Curtmola R, Khan O, Burns R, et al.MR-PDP:Multiple- replica provable data possession［C］∥Proc of the 28th International Conference on Distributed Computing Systems,2008:411-420.
［10］	Barsoum A F,Hasan M A.Integrity verification of multiple data copies over untrusted cloud servers［C］∥Proc of the 12th IEEE/ACM International Symposium on Cluster,Cloud and Grid Computing,2012:829-834.
［11］	Zhu Y,Hu H,Ahn G J,et al.Cooperative provable data possession for integrity verification in multicloud storage［J］.IEEE Transactions on Parallel and Distributed Systems,2012,23(12):2231-2244.
［12］	He K, Huang C H,Wang J H,et al.An efficient public batch auditing protocol for data security in multi-cloud storage［C］∥Proc of the 8th ChinaGrid Annual Conference,2013:51-56.
［13］	Wang H.Identity-based distributed provable data possession in multicloud storage［J］.IEEE Transactions on Services Computing,2014,8(2):328-340.
［14］	Peng S,Zhou F,Xu J,et al.Comments on “identity-based distributed provable data possession in multicloud storage”［J］.IEEE Transactions on Services Computing,2016,9(6):996-998.
［15］	Lan C,Li H,Wang C.Analysis of the comments on “identity-based distributed provable data possession in multicloud storage”［J］.IEEE Transactions on Services Computing,2017,14(1):44-46.
［16］	Li Y, Yu Y,Chen R,et al.IntegrityChain:Provable data possession for decentralized storage［J］.IEEE Journal on Selected Areas in Communications,2020,38(6):1205-1217.
［17］	Zhou L,Fu A,Mu Y,et al.Multicopy provable data possession scheme supporting data dynamics for cloud-based electronic medical record system［J］.Information Sciences,2021,545:254-276.
［18］	Li J, Yan H,Zhang Y.Efficient identity-based provable multi-copy data possession in multi-cloud storage［J］.IEEE Transactions on Cloud Computing,2019,10(1):356-365.
［19］	Wang H, Wu Q,Qin B,et al.Identity-based remote data possession checking in public clouds［J］.IET Information Security,2014,8(2):114-121.
［20］	The GNU multiple precision arithmetic library (GMP)［EB/OL］.［2022-09-08］.https://gmplib.org/.
［21］	The Pairing-based cryptography library (PBC)［EB/OL］.［2022-09-08］.https://crysp.uwaterloo.ca/software/PBCWrapper.
［22］	Openssl library［EB/OL］.［2022-09-08］.https://www.openssl.org/source.

身份加密多云多副本完整性审计协议

An identity-encryption multi-cloud multi-copy integrity auditing protocol

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献［22］

相关文章 1

编辑推荐

Metrics

本文评价

身份加密多云多副本完整性审计协议

An identity-encryption multi-cloud multi-copy integrity auditing protocol

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献 ［22］

相关文章 1

编辑推荐

Metrics

本文评价

参考文献［22］