摘要
为了确保云环境外包数据不受窜改,提高数据完整性审核的效率,提出一种基于相对索引散列树(RIMHT)的数据审核方法,首先修改经典MHT的每个节点以存储两条信息,即数据块的哈希值和节点的相对索引,将MHT与节点的相对索引集成,以降低数据块搜索的计算成本;然后通过添加数据的最后修改时间,确保数据的新鲜性。实验结果验证了所提方法的有效性,与其他同类方法相比,所提方法在计算成本、通信成本和存储成本方面具有一定优势,并以较高的概率检测服务器的不当操作。
To ensure the cloud environment outsourcing data from tampering,and improve the efficiency of data integrity audit,this paper proposed a data audit method based on relative index-Merkle hash tree( RIMHT). Firstly,it modified each node of the classic MHT to store two information,that was data block hash value and the relative index value of node. To reduce the computation cost of data block search,it integrated the relative index of MHT with the node. Then,by adding the last modification time of the data,it ensured the freshness of the data. The experimental results verify the effectiveness of the proposed method. Compared with other similar methods,the proposed method has some advantages in terms of computational cost,communication cost and storage cost. And it is possible to detect the improper operation of the server with higher probability.
引文
[1]张建勋,古志民,郑超.云计算研究进展综述[J].计算机应用研究,2010,27(2):429-433.(Zhang Jianxun,Gu Zhimin,Zheng Chao.Survey of research progress on cloud computing[J].Application Research of Computers,2010,27(2):429-433.)
[2]Mell P,Grance T.The NIST definition of cloud computing[J].Communications of the ACM,2010,53(6):50.
[3]Yao Chuan,Xu Li,Huang Xinyi,et al.A secure remote data integrity checking cloud storage system from threshold encryption[J].Journal of Ambient Intelligence&Humanized Computing,2014,5(6):857-865.
[4]许柯,刘绪崇,符振艾,等.网络信息加密RSA算法的运算速度和保密性优化[J].科技通报,2015,31(7):144-147.(Xu Ke,Liu Xuchong,Fu Zhen’ai,et al.Optimization of the speed and confidentiality of RSA algorithm for network information encryption[J].Bulletin of Science and Technology,2015,31(7):144-147.)
[5]Shacham H,Waters B.Compact proofs of retrievability[J].Journal of Cryptology,2013,26(3):442-483.
[6]Erway C C,Papamanthou C,Tamassia R.Dynamic provable data possession[J].ACM Trans on Information&System Security,2015,17(4):15-26.
[7]谢飞.基于Merkle散列树的可信云计算信息安全证明方法[J].激光杂志,2016,37(11):122-127.(Xie Fei.A trusted cloud computing information security proof method based on Merkle hash tree[J].Laser Journal,2016,37(11):122-127.)
[8]Wang Jianfeng,Chen Xiaofeng,Huang Xinyi,et al.Verifiable auditing for outsourced database in cloud computing[J].IEEE Trans on Computers,2015,64(11):3293-3303.
[9]李凌.云计算服务中数据安全的若干问题研究[D].合肥:中国科学技术大学,2013.(Li Ling.Research on data security in cloud computing services[D].Hefei:China University of Science and Technology,2013.)
[10]巩俊卿,钱海峰.具有完全保密性的高效可净化数字签名方案[J].计算机应用研究,2011,28(1):312-317.(Gong Junqing,Qian Haifeng.A highly efficient and clean digital signature scheme with complete confidentiality[J].Application Research of Computers,2011,28(1):312-317.)
[11]王秋芬,梁道雷.一种构建最优二叉查找树的贪心算法[J].计算机应用与软件,2013,30(7):57-61.(Wang Qiufen,Liang Daolei.A greedy algorithm for constructing an optimal binary search tree[J].Computer Applications and Software,2013,30(7):57-61.)
[12]Etemad M M,KüpcüA.Generic efficient dynamic proofs of retrievability[C]//Proc of ACM on Cloud Computing Security Workshop.New York:ACM Press,2016:85-96.
[13]刘爱分.云环境下高效动态的密文搜索方法[D].沈阳:东北大学,2013.(Liu Aifen.Efficient and dynamic ciphertext search method in cloud environment[D].Shenyang:Northeastern University,2013.)
[14]Shelat A,Shen C H.Two-output secure computation with malicious adversaries[C]//Advances in Cryptology-EUROCRYPT.Berlin:Springer,2011:386-405.