 |
|
|
|
 |
 |
 |
|
 |
|
 |
|
|
王宏远,祝烈煌,李龙一佳.云存储中支持数据去重的群组数据持有性证明.软件学报,2016,27(6):1417-1431 |
云存储中支持数据去重的群组数据持有性证明 |
Group Provable Data Possession with Deduplication in Cloud Storage |
投稿时间:2015-08-13 修订日期:2015-10-09 |
DOI:10.13328/j.cnki.jos.004995 |
中文关键词: 群组数据持有性证明 选择攻击 数据去重 云存储 云计算 |
英文关键词:group provable data possession selective opening attack data deduplication cloud storage cloud computing |
基金项目:国家自然科学基金(61272512,61100172);国家高技术研究发展计划(863)(2013AA01A214);教育部新世纪优秀人才计划(NCET-12-0046);北京市自然科学基金(4121001) |
|
摘要点击次数: 3754 |
全文下载次数: 3175 |
中文摘要: |
数据持有性证明(provable data possession,简称PDP)和数据可恢复性证明(proofs of retrievability,简称POR)是客户端用来验证存储在云端服务器上数据完整性的主要技术.近几年,它在学术界和工业界的应用广泛,很多PDP和POR方案相继出现.但是由于不同群组的特殊性和独特要求,使得群组PDP/POR方案多样化,并且群组应用中的许多重要功能(例如数据去重)没有被实现.如何构造高效及满足群组特定功能和安全需求的PDP/POR方案,已经引起了人们的广泛关注.给出了一种支持数据去重的群组PDP方案(GPDP),基于矩阵计算和伪随机函数, GPDP可以在支持数据去重的基础上,高效地完成数据持有性证明,并且可以在群组中抵抗恶意方选择成员攻击.在标准模型下证明了GPDP的安全性,并且在百度云平台上实现了GPDP的原型系统.为了评估方案的性能,使用了10GB的数据量进行实验和分析,结果表明:GPDP方案在达到群组中数据去重的目标的基础上,可以高效地保证抵抗选择攻击和数据持有性,即:预处理效率高于私有验证方案,而验证效率高于公开验证方案(与私有验证效率几乎相同).另外,与其他群组PDP/POR方案相比,GPDP方案将额外存储代价和通信代价都降到了最低. |
英文摘要: |
Provable data possession (PDP) and proofs of retrievability (POR) are techniques for a client to verify the integrity of outsourced data in cloud storage. Recently, numerous PDP and POR schemes have been proposed while the techniques are widely used in academic and industrial community. However, due to specific and unique requirements of different groups, PDP/POR schemes vary and many functionalities such as data deduplication have not been implemented. How to construct an efficient group PDP/POR scheme to meet these unique requirements of functionality and security has received much attention. In this paper, a group PDP with deduplication (GPDP) is presented. Based on matrix calculation and pseudo-random function, GPDP can efficiently guarantee data possession with deduplication, as well as defend against selective opening attacks of a malicious party.The security of GPDP in the standard model is proved and a prototype based on GPDP scheme in a realistic cloud platform of Baidu is implemented. To evaluate the performance of GPDP, this work utilizes data size of 10GB for experiments and analysis. The result of experiments show that GPDP can guarantee data possession efficiently with deduplication and protect against selective opening attacks. In particular, the performance is superior to private schemes in the phase of pre-process and public schemes in the phase of verification (as efficient as private scheme in the phase of verification). Furthermore, GPDP reduces the extra storage and communication cost to a minimum than the other PDP/POR schemes applied in a group. |
HTML 下载PDF全文 查看/发表评论 下载PDF阅读器 |
|
|
|
|
|
|
 |
|
|
|
|
 |
|
 |
|
 |
|