{"title":"支持数据动态的基于证书的多副本云存储审计","authors":"Hao Zhou , Wenting Shen , Jinlu Liu","doi":"10.1016/j.cose.2024.104096","DOIUrl":null,"url":null,"abstract":"<div><div>With the advent of cloud computing, users are increasingly choosing to store their data on cloud. As a result, data integrity and availability have emerged as key concerns for data owners. Users expect to store multiple copies of their data to cloud and ensure the integrity of these data copies. Currently, numerous multi-copy cloud storage auditing schemes have been proposed. However, most of them depend on public key infrastructure, identity-based cryptography, or certificateless cryptography. These schemes encounter challenges such as complicated certificate management, key escrow, or the necessity for a secure channel for distributing keys, respectively. Furthermore, most of them are not resilient to copy-summation attack. To address the above problems, we propose a certificate-based multi-copy cloud storage auditing scheme supporting data dynamics. We design a novel dynamic structure named Leaves Merkle hash tree (LMHT) to achieve multi-copy dynamic updates. Different from traditional Merkle hash trees, LMHT has significant advantages in data deletion. In addition, the proposed scheme can resist copy-summation attack, in which cloud cannot pass the verification if it only stores summation of all copies without storing data blocks’ all copies. Security analysis and performance evaluation demonstrate that the proposed scheme is secure and efficient.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"148 ","pages":"Article 104096"},"PeriodicalIF":4.8000,"publicationDate":"2024-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Certificate-based multi-copy cloud storage auditing supporting data dynamics\",\"authors\":\"Hao Zhou , Wenting Shen , Jinlu Liu\",\"doi\":\"10.1016/j.cose.2024.104096\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>With the advent of cloud computing, users are increasingly choosing to store their data on cloud. As a result, data integrity and availability have emerged as key concerns for data owners. Users expect to store multiple copies of their data to cloud and ensure the integrity of these data copies. Currently, numerous multi-copy cloud storage auditing schemes have been proposed. However, most of them depend on public key infrastructure, identity-based cryptography, or certificateless cryptography. These schemes encounter challenges such as complicated certificate management, key escrow, or the necessity for a secure channel for distributing keys, respectively. Furthermore, most of them are not resilient to copy-summation attack. To address the above problems, we propose a certificate-based multi-copy cloud storage auditing scheme supporting data dynamics. We design a novel dynamic structure named Leaves Merkle hash tree (LMHT) to achieve multi-copy dynamic updates. Different from traditional Merkle hash trees, LMHT has significant advantages in data deletion. In addition, the proposed scheme can resist copy-summation attack, in which cloud cannot pass the verification if it only stores summation of all copies without storing data blocks’ all copies. Security analysis and performance evaluation demonstrate that the proposed scheme is secure and efficient.</div></div>\",\"PeriodicalId\":51004,\"journal\":{\"name\":\"Computers & Security\",\"volume\":\"148 \",\"pages\":\"Article 104096\"},\"PeriodicalIF\":4.8000,\"publicationDate\":\"2024-09-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers & Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0167404824004012\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824004012","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
Certificate-based multi-copy cloud storage auditing supporting data dynamics
With the advent of cloud computing, users are increasingly choosing to store their data on cloud. As a result, data integrity and availability have emerged as key concerns for data owners. Users expect to store multiple copies of their data to cloud and ensure the integrity of these data copies. Currently, numerous multi-copy cloud storage auditing schemes have been proposed. However, most of them depend on public key infrastructure, identity-based cryptography, or certificateless cryptography. These schemes encounter challenges such as complicated certificate management, key escrow, or the necessity for a secure channel for distributing keys, respectively. Furthermore, most of them are not resilient to copy-summation attack. To address the above problems, we propose a certificate-based multi-copy cloud storage auditing scheme supporting data dynamics. We design a novel dynamic structure named Leaves Merkle hash tree (LMHT) to achieve multi-copy dynamic updates. Different from traditional Merkle hash trees, LMHT has significant advantages in data deletion. In addition, the proposed scheme can resist copy-summation attack, in which cloud cannot pass the verification if it only stores summation of all copies without storing data blocks’ all copies. Security analysis and performance evaluation demonstrate that the proposed scheme is secure and efficient.
期刊介绍:
Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world.
Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.