计算机工程 ›› 2013, Vol. 39 ›› Issue (7): 55-58.doi: 10.3969/j.issn.1000-3428.2013.07.012

所属专题: 云计算专题

• 云计算专题 • 上一篇    下一篇

一种隐私保护的多副本完整性验证方案

刘婷婷1,赵 勇2   

  1. (1. 解放军信息工程大学三院,郑州 450012;2. 北京工业大学计算机科学与技术学院,北京 100084)
  • 收稿日期:2013-02-22 出版日期:2013-07-15 发布日期:2013-07-12
  • 作者简介:刘婷婷(1984-),女,博士研究生,主研方向:云安全,密码学;赵 勇,讲师、博士
  • 基金项目:
    国家科技重大专项基金资助项目(2012ZX03002003)

A Privacy-preserving Multi-copy Integrity Verification Scheme

LIU Ting-ting 1, ZHAO Yong 2   

  1. (1. The 3rd Institute, PLA Information Engineering University, Zhengzhou 450012, China; 2. College of Computer Science and Technology, Beijing University of Technology, Beijing 100084, China)
  • Received:2013-02-22 Online:2013-07-15 Published:2013-07-12

摘要: 为使用户能够及时判断云数据的完整性状态,并且在损坏小于一定程度时修复数据,提出一种隐私保护的多副本完整性验证方案。基于Parakh秘密共享方案设计多副本机制,保证数据的可取回性。将用户身份信息与可用数据隔离存储,通过存储认证码建立身份信息与拆分数据块之间的映射关系,使攻击者无法建立可用数据与用户之间的联系。基于多示证方的零知识证明思想,设计挑战-应答协议,使用户能及时判断云端数据是否完整,并确定出错的数据服务器。分析结果表明,该方案可提高用户存储空间的利用率,保护用户的身份隐私,较好地解决了云计算外包服务模式和云服务商可信性不易评估引起的数据问题。

关键词: 云存储, 云安全, 数据安全, 可取回性证明, 数据完整性验证

Abstract: To make users check the integrity of cloud data in time and retrieve the data even when some part of the data are destroyed, a privacy-preserving multi-copy integrity verification scheme is proposed. The multi-copy mechanism is raised based on Parakh secret sharing scheme to ensure the data retrievability. A segment mechanism is presented to separate user’s identity information and the available data. The storage authentication code is designed to establish contact between data and its owner which prevent the attackers obtaining the relationship between the user and his data. A challenge-response protocol is proposed based on multi-prover zero-knowledge proof. Analysis shows that the scheme is space efficient for cloud servers and protects the identity privacy against attackers, which resolves the problems arose by the outsource service mode of cloud computing and by the untrustworthiness of the cloud service provider.

Key words: cloud storage, cloud security, data security, Proof of Retrievability(POR), data integrity verification

中图分类号: