基于属性的分层关键词审计与智能合约辅助下的批量故障定位

IF 5.3 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Cloud Computing Pub Date : 2024-08-30 DOI:10.1109/TCC.2024.3452324

Jingting Xue;Shuqin Luo;Fagen Li;Wenzheng Zhang;Liang Liu;Yu Zhou;Xiaojun Zhang

{"title":"基于属性的分层关键词审计与智能合约辅助下的批量故障定位","authors":"Jingting Xue;Shuqin Luo;Fagen Li;Wenzheng Zhang;Liang Liu;Yu Zhou;Xiaojun Zhang","doi":"10.1109/TCC.2024.3452324","DOIUrl":null,"url":null,"abstract":"Keyword-based auditing (KA) provides a means for users to verify the integrity of only the outsourced data they are interested in. Existing KA schemes employ relation authentication labels to conduct targeted audits with keywords, which significantly improves the cost-effectiveness. However, such schemes typically support only a single-challenge scenario, which may not always be practical. To overcome this constraint, we introduce a hierarchical challenge mechanism grounded in user attributes. This mechanism leverages inequality and affiliation relationships to comply with a predefined tree structure for access policies. Incorporated during the challenge-response phase of the auditing model, it permits users to initiate cross-challenges. Expanding upon this hierarchical mechanism, we propose an attribute-based hierarchical keyword auditing scheme, abbreviated as \n<inline-formula><tex-math>$\\mathcal{AHKA}$</tex-math></inline-formula>\n. \n<inline-formula><tex-math>$\\mathcal{AHKA}$</tex-math></inline-formula>\n combines searchable encryption to conduct cross-targeted audits and benefits from the hash collision mapping of Bloom filters to safeguard against keyword guessing attacks. Moreover, we design a fault localization algorithm based on a variant of the binary search technique. It locates in batch the faulty cloud servers and damaged data blocks after an audit failure. As an integral part of \n<inline-formula><tex-math>$\\mathcal{AHKA}$</tex-math></inline-formula>\n, the algorithm significantly enhances our scheme's practicability. Security analyses indicate that \n<inline-formula><tex-math>$\\mathcal{AHKA}$</tex-math></inline-formula>\n can effectively withstand both forgery and replace attacks on audit proofs. The smart contract component ensures that our scheme's processes can be monitored and regulated. Experimental data corroborate that deploying \n<inline-formula><tex-math>$\\mathcal{AHKA}$</tex-math></inline-formula>\n on the client side and on the blockchain is both efficient and feasible.","PeriodicalId":13202,"journal":{"name":"IEEE Transactions on Cloud Computing","volume":"12 4","pages":"1232-1247"},"PeriodicalIF":5.3000,"publicationDate":"2024-08-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Attribute-Based Hierarchical Keyword Auditing With Batch Fault Localization Assisted by Smart Contracts\",\"authors\":\"Jingting Xue;Shuqin Luo;Fagen Li;Wenzheng Zhang;Liang Liu;Yu Zhou;Xiaojun Zhang\",\"doi\":\"10.1109/TCC.2024.3452324\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Keyword-based auditing (KA) provides a means for users to verify the integrity of only the outsourced data they are interested in. Existing KA schemes employ relation authentication labels to conduct targeted audits with keywords, which significantly improves the cost-effectiveness. However, such schemes typically support only a single-challenge scenario, which may not always be practical. To overcome this constraint, we introduce a hierarchical challenge mechanism grounded in user attributes. This mechanism leverages inequality and affiliation relationships to comply with a predefined tree structure for access policies. Incorporated during the challenge-response phase of the auditing model, it permits users to initiate cross-challenges. Expanding upon this hierarchical mechanism, we propose an attribute-based hierarchical keyword auditing scheme, abbreviated as \\n<inline-formula><tex-math>$\\\\mathcal{AHKA}$</tex-math></inline-formula>\\n. \\n<inline-formula><tex-math>$\\\\mathcal{AHKA}$</tex-math></inline-formula>\\n combines searchable encryption to conduct cross-targeted audits and benefits from the hash collision mapping of Bloom filters to safeguard against keyword guessing attacks. Moreover, we design a fault localization algorithm based on a variant of the binary search technique. It locates in batch the faulty cloud servers and damaged data blocks after an audit failure. As an integral part of \\n<inline-formula><tex-math>$\\\\mathcal{AHKA}$</tex-math></inline-formula>\\n, the algorithm significantly enhances our scheme's practicability. Security analyses indicate that \\n<inline-formula><tex-math>$\\\\mathcal{AHKA}$</tex-math></inline-formula>\\n can effectively withstand both forgery and replace attacks on audit proofs. The smart contract component ensures that our scheme's processes can be monitored and regulated. Experimental data corroborate that deploying \\n<inline-formula><tex-math>$\\\\mathcal{AHKA}$</tex-math></inline-formula>\\n on the client side and on the blockchain is both efficient and feasible.\",\"PeriodicalId\":13202,\"journal\":{\"name\":\"IEEE Transactions on Cloud Computing\",\"volume\":\"12 4\",\"pages\":\"1232-1247\"},\"PeriodicalIF\":5.3000,\"publicationDate\":\"2024-08-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Transactions on Cloud Computing\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10660487/\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Cloud Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10660487/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

基于关键字的审计（KA）为用户提供了一种方法来验证他们感兴趣的外包数据的完整性。现有的KA方案采用关系身份验证标签对关键字进行有针对性的审计，大大提高了成本效益。然而，这样的方案通常只支持单一挑战场景，这可能并不总是实用的。为了克服这一限制，我们引入了基于用户属性的分层挑战机制。该机制利用不平等和从属关系来遵守访问策略的预定义树结构。在审计模型的质询-响应阶段合并，它允许用户发起交叉质询。在这个分层机制的基础上，我们提出了一个基于属性的分层关键字审计方案，缩写为$\mathcal{AHKA}$。$\mathcal{AHKA}$结合可搜索加密进行交叉目标审计，并受益于布隆过滤器的哈希冲突映射，以防止关键字猜测攻击。此外，我们设计了一种基于二叉搜索技术的故障定位算法。对审计失败后出现故障的云服务器和损坏的数据块进行批量定位。该算法作为$\mathcal{AHKA}$的组成部分，大大提高了方案的实用性。安全分析表明，$\mathcal{AHKA}$可以有效抵御审计证明的伪造和替换攻击。智能合约组件确保我们的方案流程可以被监控和监管。实验数据证实，在客户端和区块链上部署$\mathcal{AHKA}$是有效和可行的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Attribute-Based Hierarchical Keyword Auditing With Batch Fault Localization Assisted by Smart Contracts

Keyword-based auditing (KA) provides a means for users to verify the integrity of only the outsourced data they are interested in. Existing KA schemes employ relation authentication labels to conduct targeted audits with keywords, which significantly improves the cost-effectiveness. However, such schemes typically support only a single-challenge scenario, which may not always be practical. To overcome this constraint, we introduce a hierarchical challenge mechanism grounded in user attributes. This mechanism leverages inequality and affiliation relationships to comply with a predefined tree structure for access policies. Incorporated during the challenge-response phase of the auditing model, it permits users to initiate cross-challenges. Expanding upon this hierarchical mechanism, we propose an attribute-based hierarchical keyword auditing scheme, abbreviated as

$\mathcal{AHKA}$

combines searchable encryption to conduct cross-targeted audits and benefits from the hash collision mapping of Bloom filters to safeguard against keyword guessing attacks. Moreover, we design a fault localization algorithm based on a variant of the binary search technique. It locates in batch the faulty cloud servers and damaged data blocks after an audit failure. As an integral part of

$\mathcal{AHKA}$

, the algorithm significantly enhances our scheme's practicability. Security analyses indicate that

$\mathcal{AHKA}$

can effectively withstand both forgery and replace attacks on audit proofs. The smart contract component ensures that our scheme's processes can be monitored and regulated. Experimental data corroborate that deploying

$\mathcal{AHKA}$

on the client side and on the blockchain is both efficient and feasible.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE Transactions on Cloud Computing Computer Science-Software

CiteScore

9.40

自引率

6.20%

发文量

167

期刊介绍： The IEEE Transactions on Cloud Computing (TCC) is dedicated to the multidisciplinary field of cloud computing. It is committed to the publication of articles that present innovative research ideas, application results, and case studies in cloud computing, focusing on key technical issues related to theory, algorithms, systems, applications, and performance.