云环境下多租户数据完整性保护机制研究
|
摘要
软件即服务(Software as a Service, SaaS)是云计算中一种非常重要的服务交付方式,服务商负责应用软件的维护、管理、升级等工作,租户通过网络租赁应用并按使用付费,不需要关心底层复杂的实现细节。SaaS模式下,成熟的服务运营商一般采用单实例多租赁(Single Instance Multi-Tenancy)的方式,使用同一个应用实例为不同租户提供服务,即多租户应用。对于许多中小型企业来说,SaaS是采用先进技术的最好途径。
在多租户应用中,租户数据的存储和处理都发生在非完全可信的服务运营商端,租户对自己数据的控制能力被大大削弱。非完全可信的服务运营商有可能会在租户未授权的情况下,恶意篡改、伪造或者删除租户数据,破坏租户数据的完整性。如何防止不可信的云服务提供商监守自盗,破坏租户数据完整性,是现阶段Saas应用进一步推广需要解决的重要问题。
由于多租户应用的按需定制、共享存储、多数据节点等云的特征,面向多租户应用的数据完整性保护面临着一系列的新的需求:(1)租户感知的数据完整性验证结构的构建需求。在SaaS多租户模式下,成千上万的租户共享底层物理数据表存储。在这种情况下,基于已有的完整性保护方法(如MHT等)直接对共享数据表构造完整性验证结构的方式,缺乏对租户的识别,难以对租户数据进行区分。在对一个租户数据进行验证时,会需要表中其他租户数据来辅助构造验证对象,使得租户间完整性验证过程中数据互相交叉,增加了验证对象的构建复杂度,降低验证效率。(2)租户数据完整性问题及时发现需求。由于租户的数据和应用都托管在了远程服务提供商端,租户对自己数据的控制能力大为降低,租户对于及时发现数据完整性问题的需求更为强烈,租户不仅需要能够确认自己正在使用的数据是正确的完备的,对于一些使用频率较低的数据,租户也希望能够及时发现这些数据是否被破坏。(3)租户数据可靠存储需求。在SaaS模式下,租户可以定制副本数量并付费使用,因此租户需要能够确认系统是否可靠地存储了他们的数据副本。但是,采用明文存储的数据副本很容易受到服务提供商内部恶意员工的合谋攻击,通过多个存储服务器共享一个数据副本来节省存储空间,严重破坏租户经济利益,降低租户数据访问效率与可靠性。
因此,本论文以多租户应用模式中租户数据完整性保护为目标,结合多租户数据共享存储、租户隔离、租户按需租赁定制其应用等特点,对云计算环境下面向多租户应用的数据完整性保护的关键问题进行研究,主要工作和贡献包括:
(1)提出面向租户的完整性验证方法MTAS (Multi-tenant Authentication Structure),在共享存储模式下,通过以租户为单位分别对共享表内租户数据构造验证结构方法,在租户应用使用数据的时候,进行实时完整性检查,确保多租户间数据完整性验证过程互不干扰,提高验证效率。
本文针对租户应用处理数据的实时完整性保护问题,充分考虑租户共享存储、租户隔离与个性化需求等综合因素,基于Pivot-Universal存储模式,提出基于复合MHT的多租户数据完整性保护模型MTAS。MTAS在租户应用数据时对数据进行实时完整性验证,防止错误数据进入租户应用,并且可以针对租户数据以及完整性需求的动态变化,调整完整性保护策略,满足租户动态完整性保护需求。实验结果表明,与传统验证结构相比,MTAS在验证对象重构过程中,大约节省了30%的哈希计算次数,验证对象大小约为传统方法的2/3,是一种行之有效的多租户数据完整性保护模型。
(2)提出基于抽样的租户数据完整性保护方法TDIC (Tenant-oriented Duplication Integrity Checking Scheme),通过对租户数据进行周期性抽样检查方法,解决了对所有租户数据进行实时完整性检查造成的性能浪费问题。
针对实时的数据完整性检查容易忽略掉租户长期不用的数据的完整性保护问题,提出面向租户副本数据的抽样检查机制TDIC,通过对租户副本内数据进行周期性随机抽样的方式,来降低服务提供商端验证对象的生成代价,消除对租户副本数据全部进行实时验证的资源浪费。同时,TDIC结合租户元组的同态标签与辅助验证树结构,使得租户可以在不泄露租户数据内容的前提下,委托可信第三方对租户副本进行抽样检查。分析与实验结果表明,如果租户逻辑视图中包含10000个数据元组时,在元组破坏率为1%的情况下发现数据被破坏的随机抽样数目最大约为元组总数的5%,相对全部验证的方法极大地降低了系统资源浪费。
(3)提出防合谋删除的多副本数据混淆存储TD2O (Tenant Duplicate Data Obfuscation)模型,通过基于元组属性值的数据混淆对租户副本进行区别存储,抵御服务提供商内部恶意人员的合谋删除问题。
针对租户副本数据明文存储情况下容易被服务提供商合谋删除问题,提出基于线性隐藏的的数据混淆模型TD2O,通过混淆使得存储相同数据的租户副本具有不同的数据表现内容,防止服务提供商为节省存储空间,整个删除租户不常用副本,保证租户数据完整性,并基于Monte Carlo随机单调函数对TD2O模型进行拓展,制定关键字保序策略,实现租户副本数据关键字的保序,提高混淆副本的查询效率。实验结果表明扩展的TD2O模型在保序关键字上具有较好的查询性能。
Software as a Service, i.e. SaaS, is one important service delivery model in cloud computing. In SaaS, service providers take charge of software maintenance, management and upgrade, while tenants subscribe the software service through web and don't care the implementation detail. Single instance multi-tenancy is the common way adopted by the service providers, by which one instance could serve multiple tenants. For many small and medium enterprises, SaaS is the best way to adopt advanced technologies.
In multi-tenancy applications, tenants' data are stored and processed at the platform of un-trustworthy service providers. The tenant's ability of controlling their own data has been greatly weakened. An-trustworthy service providers may malicious tampering, forgery or delete tenant data without tenants' authorization. How to prevent untrusted cloud service provider from violating tenant data integrity is an important issue that needs to be solved in SaaS.
For the multi-tenant application characteristics with on-demand customization, shared storage and multiple data node in the cloud, there are a series of new requirements of multi-tenant application oriented data integrity protection.(1)Tenant-oriented data integrity verification structure requirement. In SaaS mode, thousands of tenants share the physical data table. For this case, traditional integrity protection methods such as MHT lack the ability of recognition tenants, it is hard for them to distinguish tenant data in their structures. During the verification phase, they can't meet the requirements of tenant data isolation.(2) Timely detection of tenant data integrity. As tenants' data and application are hosted on the remote service provider side and the tenant's control force of their own data is greatly reduced, tenants are more and more nervous for their data integrity problems. So the tenants need to be able to confirm that not only the data used on-the-fly bualso the low frequency used data is right perfect.(3)Reliable tenant storage needs. In SaaS mode, tenants can customize multiple duplicates and pay for use. So the tenants need to be able to confirm whether service providers reliably store their duplicates. However, plain-text data duplicates is vulnerable to conspired attacks of the service provider malicious employees, in which multiple data nodes share a single copy of tenant data. Conspired attack makes serious damage to tenants' data and reduces data access efficiency and reliability. Therefore, we need to adopt the confusion strategy to make storage duplicates showing different with each other.
This paper aims at tenant data integrity protection in multi-tenant application mode combines with multi-tenant shared storage, multiple data nodesand tenant customization to reaearch the key problems of data integrity protection in multi-tenant application. The main contributions include:
(1) Puts forward the Multi-tenant Authentication Structure (MTAS). MTAS provides data integrity assurance for multi-tenant data. By separating indexes with authentication structures, MTAS preserves tenants'isolation and customization characteristics. And we propose a new authentication structure PUA tree (Pivot and Universal table Authentication tree) which composite separate authentication trees built for pivot table and universal table into a single tree based on the characteristic of pivot-universal storage model. So we can get the VO corresponding to queries data in pivot table and universal table in one PUA tree travel. PUA tree saves about30%hash computing at VO verification. Also, PUA tree can handle dynamic structure adjustments for tenant data update operations, such as data insertion, deletion and modification.
(2) Presents a sample based tenant integrity protection mechanisms TDIC (Tenant-oriented Duplication Integrity Checking Scheme) for the balance tetween tenant duplicate integrity protection with the system performance. Through periodically random sampling, TDIC reduces the complexity of service provider side verification object construction and eliminate the resource waste. TDIC makes use of homomorphism labels with auxiliary authentication structure to allow trusted third party verification without disclosing tenant data. Analysis and the experimental results show that if the tenant contained in the logical view10000data tuples and the damage rate is1%, the random sampling data number is about5%of the total number of tuples.
(3) Promotes the tenant duplicates data obfuscation model (TD2O) based on linear hidden to resist service provider malicious insders' conspired attack. TD2O makes storage duplicates showing different with each other to ensure tenant duplicates integrity of untrusted service provider deleting the whole copy of tenant data. Based on Monte Carlo random monotone function, promotes an extended TD2O model with query keyword ordering strategy to improve the query efficiency of obfuscation duplicates. Experiment results show that the extended TD2O model has better query performance on the order preserving keyword.
在多租户应用中,租户数据的存储和处理都发生在非完全可信的服务运营商端,租户对自己数据的控制能力被大大削弱。非完全可信的服务运营商有可能会在租户未授权的情况下,恶意篡改、伪造或者删除租户数据,破坏租户数据的完整性。如何防止不可信的云服务提供商监守自盗,破坏租户数据完整性,是现阶段Saas应用进一步推广需要解决的重要问题。
由于多租户应用的按需定制、共享存储、多数据节点等云的特征,面向多租户应用的数据完整性保护面临着一系列的新的需求:(1)租户感知的数据完整性验证结构的构建需求。在SaaS多租户模式下,成千上万的租户共享底层物理数据表存储。在这种情况下,基于已有的完整性保护方法(如MHT等)直接对共享数据表构造完整性验证结构的方式,缺乏对租户的识别,难以对租户数据进行区分。在对一个租户数据进行验证时,会需要表中其他租户数据来辅助构造验证对象,使得租户间完整性验证过程中数据互相交叉,增加了验证对象的构建复杂度,降低验证效率。(2)租户数据完整性问题及时发现需求。由于租户的数据和应用都托管在了远程服务提供商端,租户对自己数据的控制能力大为降低,租户对于及时发现数据完整性问题的需求更为强烈,租户不仅需要能够确认自己正在使用的数据是正确的完备的,对于一些使用频率较低的数据,租户也希望能够及时发现这些数据是否被破坏。(3)租户数据可靠存储需求。在SaaS模式下,租户可以定制副本数量并付费使用,因此租户需要能够确认系统是否可靠地存储了他们的数据副本。但是,采用明文存储的数据副本很容易受到服务提供商内部恶意员工的合谋攻击,通过多个存储服务器共享一个数据副本来节省存储空间,严重破坏租户经济利益,降低租户数据访问效率与可靠性。
因此,本论文以多租户应用模式中租户数据完整性保护为目标,结合多租户数据共享存储、租户隔离、租户按需租赁定制其应用等特点,对云计算环境下面向多租户应用的数据完整性保护的关键问题进行研究,主要工作和贡献包括:
(1)提出面向租户的完整性验证方法MTAS (Multi-tenant Authentication Structure),在共享存储模式下,通过以租户为单位分别对共享表内租户数据构造验证结构方法,在租户应用使用数据的时候,进行实时完整性检查,确保多租户间数据完整性验证过程互不干扰,提高验证效率。
本文针对租户应用处理数据的实时完整性保护问题,充分考虑租户共享存储、租户隔离与个性化需求等综合因素,基于Pivot-Universal存储模式,提出基于复合MHT的多租户数据完整性保护模型MTAS。MTAS在租户应用数据时对数据进行实时完整性验证,防止错误数据进入租户应用,并且可以针对租户数据以及完整性需求的动态变化,调整完整性保护策略,满足租户动态完整性保护需求。实验结果表明,与传统验证结构相比,MTAS在验证对象重构过程中,大约节省了30%的哈希计算次数,验证对象大小约为传统方法的2/3,是一种行之有效的多租户数据完整性保护模型。
(2)提出基于抽样的租户数据完整性保护方法TDIC (Tenant-oriented Duplication Integrity Checking Scheme),通过对租户数据进行周期性抽样检查方法,解决了对所有租户数据进行实时完整性检查造成的性能浪费问题。
针对实时的数据完整性检查容易忽略掉租户长期不用的数据的完整性保护问题,提出面向租户副本数据的抽样检查机制TDIC,通过对租户副本内数据进行周期性随机抽样的方式,来降低服务提供商端验证对象的生成代价,消除对租户副本数据全部进行实时验证的资源浪费。同时,TDIC结合租户元组的同态标签与辅助验证树结构,使得租户可以在不泄露租户数据内容的前提下,委托可信第三方对租户副本进行抽样检查。分析与实验结果表明,如果租户逻辑视图中包含10000个数据元组时,在元组破坏率为1%的情况下发现数据被破坏的随机抽样数目最大约为元组总数的5%,相对全部验证的方法极大地降低了系统资源浪费。
(3)提出防合谋删除的多副本数据混淆存储TD2O (Tenant Duplicate Data Obfuscation)模型,通过基于元组属性值的数据混淆对租户副本进行区别存储,抵御服务提供商内部恶意人员的合谋删除问题。
针对租户副本数据明文存储情况下容易被服务提供商合谋删除问题,提出基于线性隐藏的的数据混淆模型TD2O,通过混淆使得存储相同数据的租户副本具有不同的数据表现内容,防止服务提供商为节省存储空间,整个删除租户不常用副本,保证租户数据完整性,并基于Monte Carlo随机单调函数对TD2O模型进行拓展,制定关键字保序策略,实现租户副本数据关键字的保序,提高混淆副本的查询效率。实验结果表明扩展的TD2O模型在保序关键字上具有较好的查询性能。
Software as a Service, i.e. SaaS, is one important service delivery model in cloud computing. In SaaS, service providers take charge of software maintenance, management and upgrade, while tenants subscribe the software service through web and don't care the implementation detail. Single instance multi-tenancy is the common way adopted by the service providers, by which one instance could serve multiple tenants. For many small and medium enterprises, SaaS is the best way to adopt advanced technologies.
In multi-tenancy applications, tenants' data are stored and processed at the platform of un-trustworthy service providers. The tenant's ability of controlling their own data has been greatly weakened. An-trustworthy service providers may malicious tampering, forgery or delete tenant data without tenants' authorization. How to prevent untrusted cloud service provider from violating tenant data integrity is an important issue that needs to be solved in SaaS.
For the multi-tenant application characteristics with on-demand customization, shared storage and multiple data node in the cloud, there are a series of new requirements of multi-tenant application oriented data integrity protection.(1)Tenant-oriented data integrity verification structure requirement. In SaaS mode, thousands of tenants share the physical data table. For this case, traditional integrity protection methods such as MHT lack the ability of recognition tenants, it is hard for them to distinguish tenant data in their structures. During the verification phase, they can't meet the requirements of tenant data isolation.(2) Timely detection of tenant data integrity. As tenants' data and application are hosted on the remote service provider side and the tenant's control force of their own data is greatly reduced, tenants are more and more nervous for their data integrity problems. So the tenants need to be able to confirm that not only the data used on-the-fly bualso the low frequency used data is right perfect.(3)Reliable tenant storage needs. In SaaS mode, tenants can customize multiple duplicates and pay for use. So the tenants need to be able to confirm whether service providers reliably store their duplicates. However, plain-text data duplicates is vulnerable to conspired attacks of the service provider malicious employees, in which multiple data nodes share a single copy of tenant data. Conspired attack makes serious damage to tenants' data and reduces data access efficiency and reliability. Therefore, we need to adopt the confusion strategy to make storage duplicates showing different with each other.
This paper aims at tenant data integrity protection in multi-tenant application mode combines with multi-tenant shared storage, multiple data nodesand tenant customization to reaearch the key problems of data integrity protection in multi-tenant application. The main contributions include:
(1) Puts forward the Multi-tenant Authentication Structure (MTAS). MTAS provides data integrity assurance for multi-tenant data. By separating indexes with authentication structures, MTAS preserves tenants'isolation and customization characteristics. And we propose a new authentication structure PUA tree (Pivot and Universal table Authentication tree) which composite separate authentication trees built for pivot table and universal table into a single tree based on the characteristic of pivot-universal storage model. So we can get the VO corresponding to queries data in pivot table and universal table in one PUA tree travel. PUA tree saves about30%hash computing at VO verification. Also, PUA tree can handle dynamic structure adjustments for tenant data update operations, such as data insertion, deletion and modification.
(2) Presents a sample based tenant integrity protection mechanisms TDIC (Tenant-oriented Duplication Integrity Checking Scheme) for the balance tetween tenant duplicate integrity protection with the system performance. Through periodically random sampling, TDIC reduces the complexity of service provider side verification object construction and eliminate the resource waste. TDIC makes use of homomorphism labels with auxiliary authentication structure to allow trusted third party verification without disclosing tenant data. Analysis and the experimental results show that if the tenant contained in the logical view10000data tuples and the damage rate is1%, the random sampling data number is about5%of the total number of tuples.
(3) Promotes the tenant duplicates data obfuscation model (TD2O) based on linear hidden to resist service provider malicious insders' conspired attack. TD2O makes storage duplicates showing different with each other to ensure tenant duplicates integrity of untrusted service provider deleting the whole copy of tenant data. Based on Monte Carlo random monotone function, promotes an extended TD2O model with query keyword ordering strategy to improve the query efficiency of obfuscation duplicates. Experiment results show that the extended TD2O model has better query performance on the order preserving keyword.
引文
[1]K. Hashizume, D. G. Rosado, E. Fernandez-Medina and E. B. Fernandez. An analysis of security issues for cloud computing. Journal of Internet Services and Applications2013,4:5 pp:1-13
[2]D. Feng, M. Zhang, Y. Zhang, Z. Xu. Study on Cloud Computing Security. Journal of Software,2011,22(1):71-83.
[3]S.Aulbach, D.Jacobs, A.Kemper, M.Seibold:A comparison of flexible schemas for software as a service.SIGMOD 2009, pp:881-888
[4]N. Santos, K. P. Gummadi, and R. Rodrigues/Towards trusted cloud computing," in Proceedings of the 2009 conference on Hot topics in cloud computing,2009.
[5]W. Itani, A. Kayssi, and A. Chehab, "Privacy as a Service:Privacy-Aware Data Storage and Processing in Cloud Computing Architectures," in 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing, 2009, pp:711-716.
[6]M.Castro. Practical Byzantine Fault Tolerance. Dissertation, MIT, Jan,2001, Also as Technical Report MIT-LCS-TR-817.
[7]S. Aulbach, T. Grust, D. Jacobs, A. Kemper, J.Rittinger. Multi-Tenant Databases for Software as a Service:Schema-Mapping Techniques. SIGMOD, (2008).
[8]R. Mietzner, F. Leymann, and M.P. Papazoglou, "Defining Composite Configurable SaaS Application Packages Using SCA, Variability Descriptors and Multi-tenancy Patterns," in 2008 Third International Conference on Internet and Web Applications and Services,2008, pp:156-161
[9]R.Merkle:A certified digital signature. CRYPTO (1989)
[10]R.L.Rivest "The MD4 Message Digest Algorithm" Advances in Cryptology-CRYPTO'90 proceedings, Springer-Verlag 1991, pp:303-311.
[11]R.L.Rivest "The MD5 Message Digest Algorithm" RFC 1321,Apr 1992.
[12]National Institute of Standards and Technology. FIPS PUB 180-1:Secure Hash Standard. National Institute of Standards and Technology (1995)
[13]R.L.Rivest, A.Shamir, L.Adleman:A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM21(2), (1978) pp:120-126
[14]A. K. Lenstra, E. R. Verheul. Selecting Cryptographic Key Sizes. Journal of Cryptology,14,2001, pp:255-293.
[15]P.T. Devanbu, M.Gertz, C.U. Martel, S.G. Stubblebine:Authentic Data Publication Over the Internet. Journal of Computer Security (JCS) 11(3).pp:291-314(2003)
[16]F.Li, M. Hadjieleftheriou, G. Kollios, L. Reyzin:Dynamic authenticated index structures for outsourced databases. SIGMOD 2006.pp:121-132
[17]咸鹤群,冯登国.外包数据库模型中的完整性检测方案[J].计算机研究与发展,2010,47(6).pp:1107-1115
[18]Y. Yang, S.Papadopoulos, D.Papadias. Authenticated indexing for out sourced spatial database[j]. VLDB Journal,2009,18(3).pp:631-648
[19]F.Li, M.Hadjieleftheriou, G.Kollios, L.Reyzin:Authenticated Index Structures for Aggregation Queries. ACM Trans. Inf. Syst. Secur. (TISSEC) 13(4):32 (2010)
[20]D.Jacobs, S.Aulbach:Ruminations on Multi-Tenant Databases. BTW 2007.pp:514-521
[21]Y.Yang, D.Papadias, S.Papadopoulos, P.Kalnis:Authenticated join processing in outsourced databases. SIGMOD 2009.pp:5-18
[22]X.Lin, J.Xu, J.Gu:Continuous Skyline Queries with Integrity Assurance in Outsourced Spatial Databases. WAIM 2012.pp:114-126
[23]D. Boneh, C. Gentry, B. Lynn, and H. Shacham. A Survey of Two Signature Aggregation Techniques. CryptoBytes,6(2),2003
[24]C. U. Martel, G. Nuckolls, P. T. Devanbu, M. Gertz,A.Kwong, and S. G. Stubblebine. A General Model for Authenticated Data Structures. Algorithmica, 39(l)2004.pp:21-41.
[25]M. Gertz, A.Kwong, C.U. Martel, G.Nuckolls:Databases that tell the Truth: Authentic Data Publication.IEEE Data Eng. Bull. (DEBU) 27(1) (2004).pp:26-33
[26]H.Pang, J.Zhang, K.Mouratidis:Scalable Verification for Outsourced Dynamic Databases. PVLDB 2(1) (2009).pp:802-813
[27]H. Pang, K.L. Tan. Authenticating query results in edge computing [C] Proc of ICDE 2004. Washington:IEEE Computer Society,2004:.pp 560-571.
[28]M. Narasimha, G.Tsudik:Authentication of Outsourced Databases Using Signature Aggregation and Chaining. DASFAA 2006.pp:420-436
[29]张敏,洪澄,陈驰.一种服务器透明的外包数据库查询验证方法[J].计算机研究与发展,2010,47(1).pp:182-190.
[30]H. Pang, A.Jain, K.Ramamritham, K.Tan:Verifying Completeness of Relat ional Query Results in Data Publishing. SIGMOD 2005:407-418
[31]W.Cheng, H.Pang, K.Tan:Authenticating Multi-dimensional Query Results in Data Publishing. DBSec 2006.pp:60-73
[32]D. Ma, R. H. Deng, H. Pang, and J. Zhou. Authenticating Query Results in Data Publishing. In ICICS, pages 376-388,2005.
[33]W. Cheng, K. Tan:Authenticating kNN Query Results in Data Publishing. Secure Data Management 2007.pp:47-63
[34]W.Cheng, K. Tan:Query assurance verification for outsourced multi-dimensional databases. Journal of Computer Security 17(1) (2009).pp:101-126
[35]H.Pang and K.Tan.2008. Verifying Completeness of Relational Query Answers from Online Servers. ACM Trans. Inf. Syst. Secur.11,2, Article 5 (May 2008), 50 pages.
[36]S.Aulbach, T.Grust, D.Jacobs, A.Kemper, J.Rittinger:Multi-tenant databases for software as a service:schema-mapping techniques. SIGMOD 2008.pp:1195-1206
[37]G.D.Battista, B.Palazzi:Authenticated Relational Tables and Authenticated Skip Lists. DBSec 2007.pp:31-46
[38]J.L. Munoz, J.Forne, Os.Esparza, M.Soriano:Implementation of an Efficient Authenticated Dictionary for Certificate Revocation.ISCC 2003.pp:238-243
[39]徐剑,周福才,杨牧洲,李福祥,朱志良.面向分布式查询认证的分层hash链表.计算机研究与发展49(7) 2012.pp:1533-1544
[40]S.Aulbach, D.Jacobs, A.Kemper, M.Seibold:A comparison of flexible schemas for software as a service. SIGMOD 2009:881-888
[41]C. D. Weissman, S.Bobrowski:The design of the force.com multitenant internet application development platform. SIGMOD 2009.pp:889-896
[42]杨平平,杜小勇,王洁萍.DAS模式下基于密文分组索引的完整性验证.计算机科学与探索.2010,4(5),.pp:426-435.
[43]S.Papadopoulos, D.Papadias, W.Cheng, K.Tan:Separating Authentication from Query Execution in Outsourced Databases. ICDE 2009.pp:1148-1151
[44]S. Papadopoulos, Y. Yang, and D. Papadias. CADS:Continuous Authentication on Data Streams. In VLDB,2007.pp:135-146
[45]Wang, H., Yin, J., Perng, C., Yu, P.:Dual encryption for query integrity assurance. In:Proceedings of the 17th ACM Conference on Information and Knowledge Management (CIKM 2008), ACM, New York(2008)pp.863-872.
[46]M.Xie, H.Wang, J.Yin, X.Meng:Integrity Auditing of Outsourced Data. VLDB 2007.pp:782-793
[47]M. Xie, H.X. Wang, J. Yin, X.F. Meng. Providing freshness guarantees for outsourced databases. In:Proc. of the 11th Int'l Conf. on Extending Database Technology:Advances in Database Technology, Vol.261. New York:ACM Press,2008.pp:323-332.
[48]Y.Zhu, H.Hu, G.Ahn, S.S. Yau:Efficient audit service outsourcing for data integrity in clouds. Journal of Systems and Software (JSS) 85(5) (2012).pp:1083-1095
[49]闫巧芝,王洁萍,杜小勇.DAS下一种基于生成检测查询的数据有效性验证方法.NDBC2009第26届中国数据库学术会议论文集.2010.7.28,pp:197-209
[50]M. Zhang, K. Cai, and D. feng, "Fine-grained cloud DB damage examination based on Bloom filters," Proc. ACM Web-age Information management (WIAM 2010), Springer-Verlag LNCS 6184,2010, pp.157-168.
[51]P. Williams, R. Sion, and B. Carbunar, "Building castles out of mud:Practical access pattern privacy and correctness on untrusted storage," ACM CCS'08, Oct. 27-31,2008, Alexandria, Virginia, pp.139-148.
[52]T.Aditya, P.Kumar Baruah, R.Mukkamala:Employing Bloom Filters for Enforcing Integrity of Outsourced Databases in Cloud Environments. ACC 2011.pp:446-460
[53]F.Kerschbaum:Public-Key Encrypted Bloom Filters with Applications to Supply Chain Integrity. DBSec 2011.pp:60-75
[54]T.Aditya, P.K.Baruah, R.Mukkamala:Space-Efficient Bloom Filters for Enforcing Integrity of Outsourced Data in Cloud Environments. IEEE CLOUD 2011.pp:292-299
[55]G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, "Provable data possession at untrusted stores," in CCS'07:Proceedings of the 14th ACM Conference on Computer and Communications Security, New York, NY, USA,2007, pp.598-609.
[56]Y. Deswarte, J.-J. Quisquater, and A. Sa" idane, "Remote integrity checking," in 6th Working Conference on Integrity and Internal Control in Information Systems (IICIS), S. J. L. Strous, Ed.,2003, pp.1-11.
[57]D. L. G. Filho and P. S. L. M. Barreto, "Demonstrating data possession and uncheatable data transfer," Cryptology ePrint Archive, Report 2006/150,2006.
[58]P. Golle, S. Jarecki, and I. Mironov, "Cryptographic primitives enforcing communication and storage complexity," in FC'02:Proceedings of the 6th International Conference on Financial Cryptography, Berlin, Heidelberg,2003, pp.120-135.
[59]F. Seb'e, J. Domingo-Ferrer, A. Martinez-Balleste, Y. Deswarte, and J.-J. Quisquater, "Efficient remote data possession checking in critical information infrastructures," IEEE Trans, on Knowl. and Data Eng., vol.20, no.8,2008.
[60]M. A. Shah, M. Baker, J. C. Mogul, and R. Swaminathan, "Auditing to keep online storage services honest," in HOTOS'07:Proceedings of the 1 lth USENIX workshop on Hot topics in operating systems, Berkeley, CA, USA,2007, pp.1-6
[61]K. Zeng, "Publicly verifiable remote data integrity," in Proceedings of the 10th International Conference on Information and Communications Security, ser. ICICS'08. Berlin, Heidelberg:Springer-Verlag,2008, pp.419-434.
[62]G. Ateniese, R. D. Pietro, L. V. Mancini, and G. Tsudik, "Scalable and efficient provable data possession," in SecureComm'08:Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks, New York, NY, USA,2008, pp.1-10.
[63]C. Erway, A. K, C. Papamanthou, and R. Tamassia, "Dynamic provable data possession," in CCS'09:Proceedings of the 16th ACM Conference on Computer and Communications Security, New York, NY, USA,2009, pp.213-222.
[64]Z. Hao, S. Zhong, and N. Yu, "A privacy-preserving remote data integrity checking protocol with data dynamics and public verifiability," IEEE Transactions on Knowledge and Data Engineering, vol.99, no. PrePrints,2011.
[65]A. Juels and B. S. Kaliski, "PORs:Proofs of Retrievability for large files," in CCS'07:Proceedings of the 14th ACM conference on Computer and communications security. ACM,2007, pp.584-597.
[66]H. Shacham and B. Waters, "Compact proofs of retrievability," Cryptology ePrint Archive, Report 2008/073,2008, http://eprint.iacr.org/.
[67]K. D. Bowers, A. Juels, and A. Oprea, "Proofs of retrievability:theory and implementation," in CCSW'09:Proceedings of the 2009 ACM workshop on Cloud computing security. New York, NY, USA:ACM,2009, pp.43-54.
[68]A. Brown, J. S. Chase:Trusted platform-as-a-service:a foundation for trustworthy cloud-hosted applications. CCSW 2011.pp:15-20
[69]S.Alsouri, T.Feller, S.Malipatlolla, S.Katzenbeisser:Hardware-based Security for Virtual Trusted Platform Modules. CoRR abs/1308.1539 (2013)
[70]C.Wang, Q. Wang, K.Ren, W. Lou:Ensuring data storage security in cloud computing. In:17th IEEE International Workshop on Quality of Service (IWQoS 2009), IEEE Press, New York (2009) pp.1-9.
[71]Q.Wang, C.Wang, J.Li, K.Ren, W.Lou:Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing. In:Backes, M., Ning, P. (eds) Computer Society-ESORICS 2009. LNCS, vol.5789, Springer, Heidelberg (2009) pp.355-370.
[72]E.Stefanov, M.Dijk, A.Juels, A.Oprea:Iris:a scalable cloud file system with efficient integrity checks.ACSAC 2012.pp:229-238
[73]S.Nepal, S.Chen, J.Yao, D.Thilakanathan:DIaaS:Data Integrity as a Service in the Cloud. IEEE CLOUD 2011.pp:308-315
[74]Y.Zhu, H. Wang, Z.Hu, G.Ahn, H.Hu, S.S. Yau:Dynamic audit services for integrity verification of outsourced storages in clouds. SAC 2011.pp:1550-1557
[75]C.Wang, Q.Wang, K.Ren, and W.Lou. Privacy preserving Public Auditing for Data Storage Security in Cloud Computing. IEEE InfoCom2010, 2010.
[76]H.Liu,. Zhang, J.Liu:Public Data Integrity Verification for Secure Cloud Storage. JNW 8(2) (2013).pp:373-380
[77]C.Reza, K. Osama, B. Randal, A. Giuseppe. MR-PDP:Multiple-Replica Provable Data Possession. In:The 28th International Conference on Distributed Computing Systems, IEEE Press, Beijing.2008. pp:411-420.
[78]K.Bowers, A. Juels, A. Oprea. HAIL:a high-availability and integrity layer for cloud storage. In:Proceedings of the 2009 ACM Conference on Computer and Communications Security (CCS 2009), ACM, New York.2009..pp:187-198.
[79]D. Xiao, Y. Yang, W. Yao, C. Wu, J. Liu, Y. Yang. Multiple-File Remote Data Checking for cloud storage. Computers & Security. Vol.31, Issue 2,2012..pp: 192-205.
[80]孔兰菊,"SaaS应用交付平台中多租户云数据管理关键技术研究,”山东大学,2011.
[81]S. Aulbach, T. Grust, D. Jacobs, A. Kemper, J.Rittinger. Multi-Tenant Databases for Software as a Service:Schema-Mapping Techniques. SIGMOD, (2008).
[82]K. Mouratidis, D. Sacharidis, and H. Pang. Partially Materialized Digest Scheme: An Efficient Verification Method for Outsourced Databases. International Journal on Very Large Data Bases,18(1) (2009).pp:363-381
[83]孔兰菊,李庆忠,桑成良.面向SaaS应用基于键值对模式的多租户索引研究.计算机学报.2010,12(3).pp:2239-2247
[84]C.Pang,Q.Li, L.Kong. An Index Model for Multitenant Data Storage in SaaS. WAIM 2013, LNCS 7923, (2013). pp.423-428.
[85]F. Chong, G. Carraro, and R. Wolter, "Multi-Tenant Data Architecture," 2006. [Online]. Available:http://msdn.microsoft.com/en-us/library/aa479086.aspx.
[86]W. Du, Z. Zhan, "A Practical Approach to Solve Secure Multi-Party Computation Problems" (2002). Electrical Engineering and Computer Science. Paper 19.
[87]D. G. Campbell, G. Kakivaya, and N. Ellis, "Extreme scale with full SQL language support in microsoft SQL Azure," Proceedings of the 2010 international conference on Management of data. ACM, Indianapolis, Indiana, USA,2010.pp.1021-1024
[88]E. Chu, J. Beckmann, and J. Naughton, "The case for a wide-table approach to manage sparse relational data sets," in Proceedings of the 2007 ACM SIGMOD international conference on Management of data-SIGMOD '07,2007, p.821.
[89]J. L. Beckmann, A. Halverson, R. Krishnamurthy, and J. F. Naughton, "Extending RDBMSs To Support Sparse Datasets Using An Interpreted Attribute Storage Format," in 22nd International Conference on Data Engineering (ICDE'06),2006, pp.58-58
[90]M. Janssen and A. Joha, "Challenges for adopting cloud-based software as a service (saas) in the public sector," in Proceedings of 19th European Conference on Information Systems (ECIS 2011),2011.
[91]W.Wei, T.Yu, R.Xue:iBigTable:practical data integrity for bigtable in public cloud. CODASPY(2013) pp:341-352
[92]Y.Shi, K. Zhang, Q.Li, "Meta-data Driven Data Chunk Based Secure Data Storage for SaaS", JDCTA:International Journal of Digital Content Technology and its Applications, Vol.5, No.1,2011. pp.173-185
[93]Y.Shi, K.Zhang, and Q.Li,"A New Data Integrity Verification Mechanism for SaaS". WISM 2010, LNCS 6318,2010, pp.236-243.
[94]M.Castro. Ph. D. Practical Byzantine Fault Tolerance. Dissertation, MIT, Jan, 2001, Also as Technical Report MIT-LCS-TR-817.
[95]A.R.Kirenan J.Srikant R Order-preserving encryption for numeric data.Sigmod 2004
[96]A. F. Barsoum, M. A. Hasan:On Verifying Dynamic Multiple Data Copies over Cloud Servers. IACR Cryptology ePrint Archive (IACR) 2011.pp:447
[97]B. Pinkas, A. Shulman-Peleg, S. Halevi, D. Harnik. Proofs of ownership in remote storage systems. Cryptology ePrint Archive, Report 2011/207 (2011).
[98]Q. Zheng, S. Xu. Secure and Efficient Proof of Storage with Deduplication. In: Proceeding COD ASP Y'12 Proceedings of the second ACM conference on Data and Application Security and Privacy. ACM. New York.2012..pp:1-12.
[99]咸鹤群,冯登国.外包数据库中完整性检测方案.计算机研究与发展.2010.47(6).pp:1107-1115.
[100]L.Zhang, Q.Li, Y.Shi, L.Li. An Integrity Verification Scheme for Multiple Replicas in Clouds, WISM'2012(The 2012 International Conference on Web Information Systems and Mining),2012.10, LNCS pp:264-274,
[101]H. Hacig, B.Iyer, C.Li, S.Mehrotra. Executing SQL over Encrypted Data in the Database-Service-Provider Model, ACM SIGMOD'2002.
[102]H.Hacigumus,B.Hore,B.Iyer, Sharad Mehrotra. Search on Encrypted Data. IBM Search Report 2007,.pp:385-425
[103]王正飞,汪卫,施伯乐.基于商用数据库管理系统的字符串数据的加密存储与查询,小型微型计算机系统,26(11),2005.pp:1933-1940
[104]A.C.Cem Say, A.K. Nircan:Random generation of monotonic functions for Monte Carlo solution of qualitative differential equations. Automatica 41(5), (2005).pp:739-754
[105]A.Boldyreva, N.Chenette, and A.O'Neill. Order-Preserving Encryption Revisited:Improved Security Analysis and Alternative Solutions, CRYPTO 2011, LNCS 2011.pp.578-595.
[106]A. Machanavajjhala, D. Kifer, J.Abowd, J. Gehrke, and L. Vilhuber, "Privacy: Theory meets Practice on the Map," in 2008 IEEE 24th International Conference on Data Engineering,2008, pp.277-286.
[107]N. R. Adam and J. C. Worthmann,"Security-control methods for statistical databases:a comparative study," ACM Comput. Surv., vol.21, no.4,1989.pp. 515-556
[108]R. Agrawal and R. Srikant, "Privacy-preserving data mining," in Proceedings of the 2000 ACM SIGMOD international conference on Management of data, 2000, pp.439-450
[109]S. Fienberg and J. McIntyre, "Data Swapping:Variations on a Theme by Dalenius and Reiss," in Privacy in Statistical Databases, vol.3050, J. Domingo-Ferrer and V. Torra, Eds. Springer Berlin/Heidelberg,2004, p.519.
[110]L. Sweeney, "k-Anonymity:A Model for Protecting Privacy," International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, vol.10, no. 5,2002. pp.557-570
[111]L. Sweeney, "Achieving k-Anonymity Privacy Protection Using Generalization and Suppression," International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, vol.10, no.5,2002.pp.571-588
[112]A.Machanavajjhala, J.Gehrke, D.Kifer, and M. Venkitasubramaniam, "1-Diversity:Privacy Beyond k-Anonymity," in ICDE,2006, p.24.
[113]N. Li, T. Li, and S. Venkatasubramanian, "t-Closeness:Privacy Beyond k-Anonymity and 1-Diversity," in ICDE,2007, pp.106-115.
[114]D. Agrawal, A. El Abbadi, F.Emekci, A.Metwally. Database Management as a Service:Challenges and Opportunities, in:Data Engineering,2009. ICDE '09. IEEE 25th International Conference on March 29 2009-April 2 2009. pp.1709-1716
[115]F.Emekci, D.Agrawal, AE. Abbadi, A.Gulbeden. Privacy preserving query processing using third parties. In:Barga RS, Zhou XF, eds. Proc. of the Int'l Conf. on Data Engineering. Washington:IEEE Computer Society Press,2006. 27.
[116]张坤.李庆忠.史玉良。面向SaaS应用的数据组合隐私保护机制研究.计算机学报,2010,33(11),pp.2044-2054.
[117]K.Zhang, Q.Li, Y. Shi. Research on Data Combination Privacy Preservation Mechanism for SaaS. Chinese Journal of Computer,33(11) 2010, pp:2044-2055
[118]张坤.“面向多租户应用的云数据隐私保护研究”,山东大学,2012
[119]K.Zhang,A.Abraham,Y.Shi:Data Combination Privacy Preservation Adjusting Mechanism for Software as a Service.SMC 2013,pp:2007-2012
[2]D. Feng, M. Zhang, Y. Zhang, Z. Xu. Study on Cloud Computing Security. Journal of Software,2011,22(1):71-83.
[3]S.Aulbach, D.Jacobs, A.Kemper, M.Seibold:A comparison of flexible schemas for software as a service.SIGMOD 2009, pp:881-888
[4]N. Santos, K. P. Gummadi, and R. Rodrigues/Towards trusted cloud computing," in Proceedings of the 2009 conference on Hot topics in cloud computing,2009.
[5]W. Itani, A. Kayssi, and A. Chehab, "Privacy as a Service:Privacy-Aware Data Storage and Processing in Cloud Computing Architectures," in 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing, 2009, pp:711-716.
[6]M.Castro. Practical Byzantine Fault Tolerance. Dissertation, MIT, Jan,2001, Also as Technical Report MIT-LCS-TR-817.
[7]S. Aulbach, T. Grust, D. Jacobs, A. Kemper, J.Rittinger. Multi-Tenant Databases for Software as a Service:Schema-Mapping Techniques. SIGMOD, (2008).
[8]R. Mietzner, F. Leymann, and M.P. Papazoglou, "Defining Composite Configurable SaaS Application Packages Using SCA, Variability Descriptors and Multi-tenancy Patterns," in 2008 Third International Conference on Internet and Web Applications and Services,2008, pp:156-161
[9]R.Merkle:A certified digital signature. CRYPTO (1989)
[10]R.L.Rivest "The MD4 Message Digest Algorithm" Advances in Cryptology-CRYPTO'90 proceedings, Springer-Verlag 1991, pp:303-311.
[11]R.L.Rivest "The MD5 Message Digest Algorithm" RFC 1321,Apr 1992.
[12]National Institute of Standards and Technology. FIPS PUB 180-1:Secure Hash Standard. National Institute of Standards and Technology (1995)
[13]R.L.Rivest, A.Shamir, L.Adleman:A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM21(2), (1978) pp:120-126
[14]A. K. Lenstra, E. R. Verheul. Selecting Cryptographic Key Sizes. Journal of Cryptology,14,2001, pp:255-293.
[15]P.T. Devanbu, M.Gertz, C.U. Martel, S.G. Stubblebine:Authentic Data Publication Over the Internet. Journal of Computer Security (JCS) 11(3).pp:291-314(2003)
[16]F.Li, M. Hadjieleftheriou, G. Kollios, L. Reyzin:Dynamic authenticated index structures for outsourced databases. SIGMOD 2006.pp:121-132
[17]咸鹤群,冯登国.外包数据库模型中的完整性检测方案[J].计算机研究与发展,2010,47(6).pp:1107-1115
[18]Y. Yang, S.Papadopoulos, D.Papadias. Authenticated indexing for out sourced spatial database[j]. VLDB Journal,2009,18(3).pp:631-648
[19]F.Li, M.Hadjieleftheriou, G.Kollios, L.Reyzin:Authenticated Index Structures for Aggregation Queries. ACM Trans. Inf. Syst. Secur. (TISSEC) 13(4):32 (2010)
[20]D.Jacobs, S.Aulbach:Ruminations on Multi-Tenant Databases. BTW 2007.pp:514-521
[21]Y.Yang, D.Papadias, S.Papadopoulos, P.Kalnis:Authenticated join processing in outsourced databases. SIGMOD 2009.pp:5-18
[22]X.Lin, J.Xu, J.Gu:Continuous Skyline Queries with Integrity Assurance in Outsourced Spatial Databases. WAIM 2012.pp:114-126
[23]D. Boneh, C. Gentry, B. Lynn, and H. Shacham. A Survey of Two Signature Aggregation Techniques. CryptoBytes,6(2),2003
[24]C. U. Martel, G. Nuckolls, P. T. Devanbu, M. Gertz,A.Kwong, and S. G. Stubblebine. A General Model for Authenticated Data Structures. Algorithmica, 39(l)2004.pp:21-41.
[25]M. Gertz, A.Kwong, C.U. Martel, G.Nuckolls:Databases that tell the Truth: Authentic Data Publication.IEEE Data Eng. Bull. (DEBU) 27(1) (2004).pp:26-33
[26]H.Pang, J.Zhang, K.Mouratidis:Scalable Verification for Outsourced Dynamic Databases. PVLDB 2(1) (2009).pp:802-813
[27]H. Pang, K.L. Tan. Authenticating query results in edge computing [C] Proc of ICDE 2004. Washington:IEEE Computer Society,2004:.pp 560-571.
[28]M. Narasimha, G.Tsudik:Authentication of Outsourced Databases Using Signature Aggregation and Chaining. DASFAA 2006.pp:420-436
[29]张敏,洪澄,陈驰.一种服务器透明的外包数据库查询验证方法[J].计算机研究与发展,2010,47(1).pp:182-190.
[30]H. Pang, A.Jain, K.Ramamritham, K.Tan:Verifying Completeness of Relat ional Query Results in Data Publishing. SIGMOD 2005:407-418
[31]W.Cheng, H.Pang, K.Tan:Authenticating Multi-dimensional Query Results in Data Publishing. DBSec 2006.pp:60-73
[32]D. Ma, R. H. Deng, H. Pang, and J. Zhou. Authenticating Query Results in Data Publishing. In ICICS, pages 376-388,2005.
[33]W. Cheng, K. Tan:Authenticating kNN Query Results in Data Publishing. Secure Data Management 2007.pp:47-63
[34]W.Cheng, K. Tan:Query assurance verification for outsourced multi-dimensional databases. Journal of Computer Security 17(1) (2009).pp:101-126
[35]H.Pang and K.Tan.2008. Verifying Completeness of Relational Query Answers from Online Servers. ACM Trans. Inf. Syst. Secur.11,2, Article 5 (May 2008), 50 pages.
[36]S.Aulbach, T.Grust, D.Jacobs, A.Kemper, J.Rittinger:Multi-tenant databases for software as a service:schema-mapping techniques. SIGMOD 2008.pp:1195-1206
[37]G.D.Battista, B.Palazzi:Authenticated Relational Tables and Authenticated Skip Lists. DBSec 2007.pp:31-46
[38]J.L. Munoz, J.Forne, Os.Esparza, M.Soriano:Implementation of an Efficient Authenticated Dictionary for Certificate Revocation.ISCC 2003.pp:238-243
[39]徐剑,周福才,杨牧洲,李福祥,朱志良.面向分布式查询认证的分层hash链表.计算机研究与发展49(7) 2012.pp:1533-1544
[40]S.Aulbach, D.Jacobs, A.Kemper, M.Seibold:A comparison of flexible schemas for software as a service. SIGMOD 2009:881-888
[41]C. D. Weissman, S.Bobrowski:The design of the force.com multitenant internet application development platform. SIGMOD 2009.pp:889-896
[42]杨平平,杜小勇,王洁萍.DAS模式下基于密文分组索引的完整性验证.计算机科学与探索.2010,4(5),.pp:426-435.
[43]S.Papadopoulos, D.Papadias, W.Cheng, K.Tan:Separating Authentication from Query Execution in Outsourced Databases. ICDE 2009.pp:1148-1151
[44]S. Papadopoulos, Y. Yang, and D. Papadias. CADS:Continuous Authentication on Data Streams. In VLDB,2007.pp:135-146
[45]Wang, H., Yin, J., Perng, C., Yu, P.:Dual encryption for query integrity assurance. In:Proceedings of the 17th ACM Conference on Information and Knowledge Management (CIKM 2008), ACM, New York(2008)pp.863-872.
[46]M.Xie, H.Wang, J.Yin, X.Meng:Integrity Auditing of Outsourced Data. VLDB 2007.pp:782-793
[47]M. Xie, H.X. Wang, J. Yin, X.F. Meng. Providing freshness guarantees for outsourced databases. In:Proc. of the 11th Int'l Conf. on Extending Database Technology:Advances in Database Technology, Vol.261. New York:ACM Press,2008.pp:323-332.
[48]Y.Zhu, H.Hu, G.Ahn, S.S. Yau:Efficient audit service outsourcing for data integrity in clouds. Journal of Systems and Software (JSS) 85(5) (2012).pp:1083-1095
[49]闫巧芝,王洁萍,杜小勇.DAS下一种基于生成检测查询的数据有效性验证方法.NDBC2009第26届中国数据库学术会议论文集.2010.7.28,pp:197-209
[50]M. Zhang, K. Cai, and D. feng, "Fine-grained cloud DB damage examination based on Bloom filters," Proc. ACM Web-age Information management (WIAM 2010), Springer-Verlag LNCS 6184,2010, pp.157-168.
[51]P. Williams, R. Sion, and B. Carbunar, "Building castles out of mud:Practical access pattern privacy and correctness on untrusted storage," ACM CCS'08, Oct. 27-31,2008, Alexandria, Virginia, pp.139-148.
[52]T.Aditya, P.Kumar Baruah, R.Mukkamala:Employing Bloom Filters for Enforcing Integrity of Outsourced Databases in Cloud Environments. ACC 2011.pp:446-460
[53]F.Kerschbaum:Public-Key Encrypted Bloom Filters with Applications to Supply Chain Integrity. DBSec 2011.pp:60-75
[54]T.Aditya, P.K.Baruah, R.Mukkamala:Space-Efficient Bloom Filters for Enforcing Integrity of Outsourced Data in Cloud Environments. IEEE CLOUD 2011.pp:292-299
[55]G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, "Provable data possession at untrusted stores," in CCS'07:Proceedings of the 14th ACM Conference on Computer and Communications Security, New York, NY, USA,2007, pp.598-609.
[56]Y. Deswarte, J.-J. Quisquater, and A. Sa" idane, "Remote integrity checking," in 6th Working Conference on Integrity and Internal Control in Information Systems (IICIS), S. J. L. Strous, Ed.,2003, pp.1-11.
[57]D. L. G. Filho and P. S. L. M. Barreto, "Demonstrating data possession and uncheatable data transfer," Cryptology ePrint Archive, Report 2006/150,2006.
[58]P. Golle, S. Jarecki, and I. Mironov, "Cryptographic primitives enforcing communication and storage complexity," in FC'02:Proceedings of the 6th International Conference on Financial Cryptography, Berlin, Heidelberg,2003, pp.120-135.
[59]F. Seb'e, J. Domingo-Ferrer, A. Martinez-Balleste, Y. Deswarte, and J.-J. Quisquater, "Efficient remote data possession checking in critical information infrastructures," IEEE Trans, on Knowl. and Data Eng., vol.20, no.8,2008.
[60]M. A. Shah, M. Baker, J. C. Mogul, and R. Swaminathan, "Auditing to keep online storage services honest," in HOTOS'07:Proceedings of the 1 lth USENIX workshop on Hot topics in operating systems, Berkeley, CA, USA,2007, pp.1-6
[61]K. Zeng, "Publicly verifiable remote data integrity," in Proceedings of the 10th International Conference on Information and Communications Security, ser. ICICS'08. Berlin, Heidelberg:Springer-Verlag,2008, pp.419-434.
[62]G. Ateniese, R. D. Pietro, L. V. Mancini, and G. Tsudik, "Scalable and efficient provable data possession," in SecureComm'08:Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks, New York, NY, USA,2008, pp.1-10.
[63]C. Erway, A. K, C. Papamanthou, and R. Tamassia, "Dynamic provable data possession," in CCS'09:Proceedings of the 16th ACM Conference on Computer and Communications Security, New York, NY, USA,2009, pp.213-222.
[64]Z. Hao, S. Zhong, and N. Yu, "A privacy-preserving remote data integrity checking protocol with data dynamics and public verifiability," IEEE Transactions on Knowledge and Data Engineering, vol.99, no. PrePrints,2011.
[65]A. Juels and B. S. Kaliski, "PORs:Proofs of Retrievability for large files," in CCS'07:Proceedings of the 14th ACM conference on Computer and communications security. ACM,2007, pp.584-597.
[66]H. Shacham and B. Waters, "Compact proofs of retrievability," Cryptology ePrint Archive, Report 2008/073,2008, http://eprint.iacr.org/.
[67]K. D. Bowers, A. Juels, and A. Oprea, "Proofs of retrievability:theory and implementation," in CCSW'09:Proceedings of the 2009 ACM workshop on Cloud computing security. New York, NY, USA:ACM,2009, pp.43-54.
[68]A. Brown, J. S. Chase:Trusted platform-as-a-service:a foundation for trustworthy cloud-hosted applications. CCSW 2011.pp:15-20
[69]S.Alsouri, T.Feller, S.Malipatlolla, S.Katzenbeisser:Hardware-based Security for Virtual Trusted Platform Modules. CoRR abs/1308.1539 (2013)
[70]C.Wang, Q. Wang, K.Ren, W. Lou:Ensuring data storage security in cloud computing. In:17th IEEE International Workshop on Quality of Service (IWQoS 2009), IEEE Press, New York (2009) pp.1-9.
[71]Q.Wang, C.Wang, J.Li, K.Ren, W.Lou:Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing. In:Backes, M., Ning, P. (eds) Computer Society-ESORICS 2009. LNCS, vol.5789, Springer, Heidelberg (2009) pp.355-370.
[72]E.Stefanov, M.Dijk, A.Juels, A.Oprea:Iris:a scalable cloud file system with efficient integrity checks.ACSAC 2012.pp:229-238
[73]S.Nepal, S.Chen, J.Yao, D.Thilakanathan:DIaaS:Data Integrity as a Service in the Cloud. IEEE CLOUD 2011.pp:308-315
[74]Y.Zhu, H. Wang, Z.Hu, G.Ahn, H.Hu, S.S. Yau:Dynamic audit services for integrity verification of outsourced storages in clouds. SAC 2011.pp:1550-1557
[75]C.Wang, Q.Wang, K.Ren, and W.Lou. Privacy preserving Public Auditing for Data Storage Security in Cloud Computing. IEEE InfoCom2010, 2010.
[76]H.Liu,. Zhang, J.Liu:Public Data Integrity Verification for Secure Cloud Storage. JNW 8(2) (2013).pp:373-380
[77]C.Reza, K. Osama, B. Randal, A. Giuseppe. MR-PDP:Multiple-Replica Provable Data Possession. In:The 28th International Conference on Distributed Computing Systems, IEEE Press, Beijing.2008. pp:411-420.
[78]K.Bowers, A. Juels, A. Oprea. HAIL:a high-availability and integrity layer for cloud storage. In:Proceedings of the 2009 ACM Conference on Computer and Communications Security (CCS 2009), ACM, New York.2009..pp:187-198.
[79]D. Xiao, Y. Yang, W. Yao, C. Wu, J. Liu, Y. Yang. Multiple-File Remote Data Checking for cloud storage. Computers & Security. Vol.31, Issue 2,2012..pp: 192-205.
[80]孔兰菊,"SaaS应用交付平台中多租户云数据管理关键技术研究,”山东大学,2011.
[81]S. Aulbach, T. Grust, D. Jacobs, A. Kemper, J.Rittinger. Multi-Tenant Databases for Software as a Service:Schema-Mapping Techniques. SIGMOD, (2008).
[82]K. Mouratidis, D. Sacharidis, and H. Pang. Partially Materialized Digest Scheme: An Efficient Verification Method for Outsourced Databases. International Journal on Very Large Data Bases,18(1) (2009).pp:363-381
[83]孔兰菊,李庆忠,桑成良.面向SaaS应用基于键值对模式的多租户索引研究.计算机学报.2010,12(3).pp:2239-2247
[84]C.Pang,Q.Li, L.Kong. An Index Model for Multitenant Data Storage in SaaS. WAIM 2013, LNCS 7923, (2013). pp.423-428.
[85]F. Chong, G. Carraro, and R. Wolter, "Multi-Tenant Data Architecture," 2006. [Online]. Available:http://msdn.microsoft.com/en-us/library/aa479086.aspx.
[86]W. Du, Z. Zhan, "A Practical Approach to Solve Secure Multi-Party Computation Problems" (2002). Electrical Engineering and Computer Science. Paper 19.
[87]D. G. Campbell, G. Kakivaya, and N. Ellis, "Extreme scale with full SQL language support in microsoft SQL Azure," Proceedings of the 2010 international conference on Management of data. ACM, Indianapolis, Indiana, USA,2010.pp.1021-1024
[88]E. Chu, J. Beckmann, and J. Naughton, "The case for a wide-table approach to manage sparse relational data sets," in Proceedings of the 2007 ACM SIGMOD international conference on Management of data-SIGMOD '07,2007, p.821.
[89]J. L. Beckmann, A. Halverson, R. Krishnamurthy, and J. F. Naughton, "Extending RDBMSs To Support Sparse Datasets Using An Interpreted Attribute Storage Format," in 22nd International Conference on Data Engineering (ICDE'06),2006, pp.58-58
[90]M. Janssen and A. Joha, "Challenges for adopting cloud-based software as a service (saas) in the public sector," in Proceedings of 19th European Conference on Information Systems (ECIS 2011),2011.
[91]W.Wei, T.Yu, R.Xue:iBigTable:practical data integrity for bigtable in public cloud. CODASPY(2013) pp:341-352
[92]Y.Shi, K. Zhang, Q.Li, "Meta-data Driven Data Chunk Based Secure Data Storage for SaaS", JDCTA:International Journal of Digital Content Technology and its Applications, Vol.5, No.1,2011. pp.173-185
[93]Y.Shi, K.Zhang, and Q.Li,"A New Data Integrity Verification Mechanism for SaaS". WISM 2010, LNCS 6318,2010, pp.236-243.
[94]M.Castro. Ph. D. Practical Byzantine Fault Tolerance. Dissertation, MIT, Jan, 2001, Also as Technical Report MIT-LCS-TR-817.
[95]A.R.Kirenan J.Srikant R Order-preserving encryption for numeric data.Sigmod 2004
[96]A. F. Barsoum, M. A. Hasan:On Verifying Dynamic Multiple Data Copies over Cloud Servers. IACR Cryptology ePrint Archive (IACR) 2011.pp:447
[97]B. Pinkas, A. Shulman-Peleg, S. Halevi, D. Harnik. Proofs of ownership in remote storage systems. Cryptology ePrint Archive, Report 2011/207 (2011).
[98]Q. Zheng, S. Xu. Secure and Efficient Proof of Storage with Deduplication. In: Proceeding COD ASP Y'12 Proceedings of the second ACM conference on Data and Application Security and Privacy. ACM. New York.2012..pp:1-12.
[99]咸鹤群,冯登国.外包数据库中完整性检测方案.计算机研究与发展.2010.47(6).pp:1107-1115.
[100]L.Zhang, Q.Li, Y.Shi, L.Li. An Integrity Verification Scheme for Multiple Replicas in Clouds, WISM'2012(The 2012 International Conference on Web Information Systems and Mining),2012.10, LNCS pp:264-274,
[101]H. Hacig, B.Iyer, C.Li, S.Mehrotra. Executing SQL over Encrypted Data in the Database-Service-Provider Model, ACM SIGMOD'2002.
[102]H.Hacigumus,B.Hore,B.Iyer, Sharad Mehrotra. Search on Encrypted Data. IBM Search Report 2007,.pp:385-425
[103]王正飞,汪卫,施伯乐.基于商用数据库管理系统的字符串数据的加密存储与查询,小型微型计算机系统,26(11),2005.pp:1933-1940
[104]A.C.Cem Say, A.K. Nircan:Random generation of monotonic functions for Monte Carlo solution of qualitative differential equations. Automatica 41(5), (2005).pp:739-754
[105]A.Boldyreva, N.Chenette, and A.O'Neill. Order-Preserving Encryption Revisited:Improved Security Analysis and Alternative Solutions, CRYPTO 2011, LNCS 2011.pp.578-595.
[106]A. Machanavajjhala, D. Kifer, J.Abowd, J. Gehrke, and L. Vilhuber, "Privacy: Theory meets Practice on the Map," in 2008 IEEE 24th International Conference on Data Engineering,2008, pp.277-286.
[107]N. R. Adam and J. C. Worthmann,"Security-control methods for statistical databases:a comparative study," ACM Comput. Surv., vol.21, no.4,1989.pp. 515-556
[108]R. Agrawal and R. Srikant, "Privacy-preserving data mining," in Proceedings of the 2000 ACM SIGMOD international conference on Management of data, 2000, pp.439-450
[109]S. Fienberg and J. McIntyre, "Data Swapping:Variations on a Theme by Dalenius and Reiss," in Privacy in Statistical Databases, vol.3050, J. Domingo-Ferrer and V. Torra, Eds. Springer Berlin/Heidelberg,2004, p.519.
[110]L. Sweeney, "k-Anonymity:A Model for Protecting Privacy," International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, vol.10, no. 5,2002. pp.557-570
[111]L. Sweeney, "Achieving k-Anonymity Privacy Protection Using Generalization and Suppression," International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, vol.10, no.5,2002.pp.571-588
[112]A.Machanavajjhala, J.Gehrke, D.Kifer, and M. Venkitasubramaniam, "1-Diversity:Privacy Beyond k-Anonymity," in ICDE,2006, p.24.
[113]N. Li, T. Li, and S. Venkatasubramanian, "t-Closeness:Privacy Beyond k-Anonymity and 1-Diversity," in ICDE,2007, pp.106-115.
[114]D. Agrawal, A. El Abbadi, F.Emekci, A.Metwally. Database Management as a Service:Challenges and Opportunities, in:Data Engineering,2009. ICDE '09. IEEE 25th International Conference on March 29 2009-April 2 2009. pp.1709-1716
[115]F.Emekci, D.Agrawal, AE. Abbadi, A.Gulbeden. Privacy preserving query processing using third parties. In:Barga RS, Zhou XF, eds. Proc. of the Int'l Conf. on Data Engineering. Washington:IEEE Computer Society Press,2006. 27.
[116]张坤.李庆忠.史玉良。面向SaaS应用的数据组合隐私保护机制研究.计算机学报,2010,33(11),pp.2044-2054.
[117]K.Zhang, Q.Li, Y. Shi. Research on Data Combination Privacy Preservation Mechanism for SaaS. Chinese Journal of Computer,33(11) 2010, pp:2044-2055
[118]张坤.“面向多租户应用的云数据隐私保护研究”,山东大学,2012
[119]K.Zhang,A.Abraham,Y.Shi:Data Combination Privacy Preservation Adjusting Mechanism for Software as a Service.SMC 2013,pp:2007-2012