云存储中支持数据去重的群组数据持有性证明
作者:
作者单位:

作者简介:

通讯作者:

中图分类号:

基金项目:

国家自然科学基金(61272512,61100172);国家高技术研究发展计划(863)(2013AA01A214);教育部新世纪优秀人才计划(NCET-12-0046);北京市自然科学基金(4121001)


Group Provable Data Possession with Deduplication in Cloud Storage
Author:
Affiliation:

Fund Project:

National Natural Science Foundation of China (61272512, 61100172); National High-Tech R&D Program of China (863) (2013AA01A214); Program for New Century Excellent Talents in University (NCET-12-0046); Natural Science Foundation of Beijing (4121001)

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • |
  • 资源附件
  • |
  • 文章评论
    摘要:

    数据持有性证明(provable data possession,简称PDP)和数据可恢复性证明(proofs of retrievability,简称POR)是客户端用来验证存储在云端服务器上数据完整性的主要技术.近几年,它在学术界和工业界的应用广泛,很多PDP和POR方案相继出现.但是由于不同群组的特殊性和独特要求,使得群组PDP/POR方案多样化,并且群组应用中的许多重要功能(例如数据去重)没有被实现.如何构造高效及满足群组特定功能和安全需求的PDP/POR方案,已经引起了人们的广泛关注.给出了一种支持数据去重的群组PDP方案(GPDP),基于矩阵计算和伪随机函数, GPDP可以在支持数据去重的基础上,高效地完成数据持有性证明,并且可以在群组中抵抗恶意方选择成员攻击.在标准模型下证明了GPDP的安全性,并且在百度云平台上实现了GPDP的原型系统.为了评估方案的性能,使用了10GB的数据量进行实验和分析,结果表明:GPDP方案在达到群组中数据去重的目标的基础上,可以高效地保证抵抗选择攻击和数据持有性,即:预处理效率高于私有验证方案,而验证效率高于公开验证方案(与私有验证效率几乎相同).另外,与其他群组PDP/POR方案相比,GPDP方案将额外存储代价和通信代价都降到了最低.

    Abstract:

    Provable data possession (PDP) and proofs of retrievability (POR) are techniques for a client to verify the integrity of outsourced data in cloud storage. Recently, numerous PDP and POR schemes have been proposed while the techniques are widely used in academic and industrial community. However, due to specific and unique requirements of different groups, PDP/POR schemes vary and many functionalities such as data deduplication have not been implemented. How to construct an efficient group PDP/POR scheme to meet these unique requirements of functionality and security has received much attention. In this paper, a group PDP with deduplication (GPDP) is presented. Based on matrix calculation and pseudo-random function, GPDP can efficiently guarantee data possession with deduplication, as well as defend against selective opening attacks of a malicious party.The security of GPDP in the standard model is proved and a prototype based on GPDP scheme in a realistic cloud platform of Baidu is implemented. To evaluate the performance of GPDP, this work utilizes data size of 10GB for experiments and analysis. The result of experiments show that GPDP can guarantee data possession efficiently with deduplication and protect against selective opening attacks. In particular, the performance is superior to private schemes in the phase of pre-process and public schemes in the phase of verification (as efficient as private scheme in the phase of verification). Furthermore, GPDP reduces the extra storage and communication cost to a minimum than the other PDP/POR schemes applied in a group.

    参考文献
    相似文献
    引证文献
引用本文

王宏远,祝烈煌,李龙一佳.云存储中支持数据去重的群组数据持有性证明.软件学报,2016,27(6):1417-1431

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
  • 引用次数:
历史
  • 收稿日期:2015-08-13
  • 最后修改日期:2015-10-09
  • 录用日期:
  • 在线发布日期: 2016-01-22
  • 出版日期:
您是第位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号