支持数据动态的基于证书的多副本云存储审计

IF 4.8 2区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS
Hao Zhou , Wenting Shen , Jinlu Liu
{"title":"支持数据动态的基于证书的多副本云存储审计","authors":"Hao Zhou ,&nbsp;Wenting Shen ,&nbsp;Jinlu Liu","doi":"10.1016/j.cose.2024.104096","DOIUrl":null,"url":null,"abstract":"<div><div>With the advent of cloud computing, users are increasingly choosing to store their data on cloud. As a result, data integrity and availability have emerged as key concerns for data owners. Users expect to store multiple copies of their data to cloud and ensure the integrity of these data copies. Currently, numerous multi-copy cloud storage auditing schemes have been proposed. However, most of them depend on public key infrastructure, identity-based cryptography, or certificateless cryptography. These schemes encounter challenges such as complicated certificate management, key escrow, or the necessity for a secure channel for distributing keys, respectively. Furthermore, most of them are not resilient to copy-summation attack. To address the above problems, we propose a certificate-based multi-copy cloud storage auditing scheme supporting data dynamics. We design a novel dynamic structure named Leaves Merkle hash tree (LMHT) to achieve multi-copy dynamic updates. Different from traditional Merkle hash trees, LMHT has significant advantages in data deletion. In addition, the proposed scheme can resist copy-summation attack, in which cloud cannot pass the verification if it only stores summation of all copies without storing data blocks’ all copies. Security analysis and performance evaluation demonstrate that the proposed scheme is secure and efficient.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"148 ","pages":"Article 104096"},"PeriodicalIF":4.8000,"publicationDate":"2024-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Certificate-based multi-copy cloud storage auditing supporting data dynamics\",\"authors\":\"Hao Zhou ,&nbsp;Wenting Shen ,&nbsp;Jinlu Liu\",\"doi\":\"10.1016/j.cose.2024.104096\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>With the advent of cloud computing, users are increasingly choosing to store their data on cloud. As a result, data integrity and availability have emerged as key concerns for data owners. Users expect to store multiple copies of their data to cloud and ensure the integrity of these data copies. Currently, numerous multi-copy cloud storage auditing schemes have been proposed. However, most of them depend on public key infrastructure, identity-based cryptography, or certificateless cryptography. These schemes encounter challenges such as complicated certificate management, key escrow, or the necessity for a secure channel for distributing keys, respectively. Furthermore, most of them are not resilient to copy-summation attack. To address the above problems, we propose a certificate-based multi-copy cloud storage auditing scheme supporting data dynamics. We design a novel dynamic structure named Leaves Merkle hash tree (LMHT) to achieve multi-copy dynamic updates. Different from traditional Merkle hash trees, LMHT has significant advantages in data deletion. In addition, the proposed scheme can resist copy-summation attack, in which cloud cannot pass the verification if it only stores summation of all copies without storing data blocks’ all copies. Security analysis and performance evaluation demonstrate that the proposed scheme is secure and efficient.</div></div>\",\"PeriodicalId\":51004,\"journal\":{\"name\":\"Computers & Security\",\"volume\":\"148 \",\"pages\":\"Article 104096\"},\"PeriodicalIF\":4.8000,\"publicationDate\":\"2024-09-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers & Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0167404824004012\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824004012","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

随着云计算的出现,越来越多的用户选择在云上存储数据。因此,数据完整性和可用性成为数据所有者关注的重点。用户希望将数据的多个副本存储到云上,并确保这些数据副本的完整性。目前,已经提出了许多多副本云存储审计方案。不过,它们大多依赖于公钥基础设施、基于身份的加密技术或无证书加密技术。这些方案分别遇到了复杂的证书管理、密钥托管或分发密钥的安全通道的必要性等挑战。此外,它们大多无法抵御复制求和攻击。针对上述问题,我们提出了一种支持数据动态的基于证书的多副本云存储审计方案。我们设计了一种名为 "Leaves Merkle hash tree(LMHT)"的新型动态结构来实现多副本动态更新。与传统的 Merkle 哈希树不同,LMHT 在数据删除方面具有显著优势。此外,提出的方案还能抵御副本求和攻击,在这种攻击中,如果云只存储所有副本的求和,而不存储数据块的所有副本,就无法通过验证。安全分析和性能评估表明,所提出的方案既安全又高效。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Certificate-based multi-copy cloud storage auditing supporting data dynamics
With the advent of cloud computing, users are increasingly choosing to store their data on cloud. As a result, data integrity and availability have emerged as key concerns for data owners. Users expect to store multiple copies of their data to cloud and ensure the integrity of these data copies. Currently, numerous multi-copy cloud storage auditing schemes have been proposed. However, most of them depend on public key infrastructure, identity-based cryptography, or certificateless cryptography. These schemes encounter challenges such as complicated certificate management, key escrow, or the necessity for a secure channel for distributing keys, respectively. Furthermore, most of them are not resilient to copy-summation attack. To address the above problems, we propose a certificate-based multi-copy cloud storage auditing scheme supporting data dynamics. We design a novel dynamic structure named Leaves Merkle hash tree (LMHT) to achieve multi-copy dynamic updates. Different from traditional Merkle hash trees, LMHT has significant advantages in data deletion. In addition, the proposed scheme can resist copy-summation attack, in which cloud cannot pass the verification if it only stores summation of all copies without storing data blocks’ all copies. Security analysis and performance evaluation demonstrate that the proposed scheme is secure and efficient.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Computers & Security
Computers & Security 工程技术-计算机:信息系统
CiteScore
12.40
自引率
7.10%
发文量
365
审稿时长
10.7 months
期刊介绍: Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信