基于索引‒存根表的云存储数据完整性审计

Cloud storage data integrity audit based on an index–stub table

  • 摘要: 近年来研究人员提出了各种针对云存储数据进行完整性审计的方案。其中,在一部分基于同态认证码、数据块随机抽样和随机掩码等技术提出的云存储公共审计方案中,用户需要存储和维护一个与文件中数据块的索引信息有关的二维表。当用户的外包数据需要频繁地进行更新时,为了防止因相同的块索引值被重复使用而遭受伪造攻击,使得设计和维护这个二维表变得繁琐。针对此问题,本文首先提出了一个结构简单且易于维护的索引–存根表结构,并基于该结构提出了一个具有隐私保护属性的云存储第三方审计方案,该方案能够有效地支持对外包数据进行各种数据块级的远程动态操作。然后,在随机预言机模型下,对方案提供的数据完整性保证给出了形式化的安全证明,对方案中审计协议的隐私保护属性也给出了形式化的安全分析。最后,针对方案的性能进行了理论分析和相关的实验比较,结果表明该方案是高效的。

     

    Abstract: With the development of cloud computing technology, more individuals and organizations have chosen cloud services to store and maintain their data and reduce the burden on local storage and corresponding maintenance costs. However, although the cloud computing infrastructure is more powerful and reliable than personal computing devices, the cloud storage server is not completely trusted due to various internal and external threats; therefore, users need to regularly check whether their data stored in the cloud server are intact. Therefore, in recent years, researchers have proposed a variety of schemes for data integrity auditing in cloud storage. Among them, in a part of public auditing schemes for cloud storage based on homomorphic authenticators, random sampling of data blocks, and random masking techniques, users need to store and maintain a two-dimensional (2D) table related to the index information of data blocks in the file. When a user’s outsource data need to be frequently updated to avoid forgery attacks due to the similar index value of data block being reused, the design and maintenance of the 2D table become cumbersome. In this study, to solve the abovementioned problem, an index–stub table structure was first proposed, which is simple and easy to maintain. On the basis of this structure, a third-party auditor auditing scheme with a privacy-preserving property was proposed for cloud storage. This scheme can effectively support various remote dynamic operations for outsource data at the block level. Then, a formal security proof for data integrity guarantee provided by the scheme was given under the random oracle model. A formal security analysis was also given for the privacy-preserving property of the audit protocol. Finally, the performance of the scheme was theoretically analyzed and compared with relevant experiments. Results indicate that the scheme has high efficiency.

     

/

返回文章
返回