云存储中数据持有性证明模型的研究

发布时间：2018-05-17 21:11

本文选题：云存储 + 数据持有性证明　；参考：《郑州大学》2013年硕士论文

【摘要】：云时代迅猛而来,作为IT产业的下一代体系结构,云计算不仅仅是简单的将应用软件和数据库放到中心化的大规模数据中心,而是具有更大的灵活性,允许任意端点参与云服务交互,这点体现在云存储服务中就是：提供存储服务的实体可能是多种性质的提供商的整合。这种异构的新特点和对存储提供商的不完全可信使得对云环境下的数据持有性证明的研究愈显重要。数据持有性证明旨在帮助用户在使用外包存储数据前对数据完整性进行验证,避免用户因使用污染数据而造成经济社会损失。之前的相关研究工作要么缺乏对数据的可公开验证或者说数据可以由第三方进行验证的研究,要么未全面考虑云存储的新特性,而本文的方案对这两方面都有探索。本论文的主要工作有：在详细分析阐述云环境较之传统P2P环境出现的新特性的基础上,构建了一种适用于云存储环境下的数据持有性证明模型CS-PDP。该模型主要采用抽样检测的概率型验证和同态标签验证方法,同时加入一个云存储提供商代理CSPP,来协助用户与各式各样异构的云存储提供商进行交互,完成数据存储与数据完整性验证任务。而且中间代理CSPP采用可信计算技术进行构建,利用可信基和对安全审计日志的操作能在一定程度上保证中间代理的安全性和可信性。本文针对提出的模型算法进行了理论分析与实验。通过理论推导得出本文算法是正确的,只要存储提供商存储有用户的原始数据,便可以通过完整性验证。在安全性方面,算法还满足完备性和隐私性的要求。若存储服务商并没有存储原始数据,且这些数据被验证者要求证明其持有性,则服务商伪造的持有性证明将以极低的概率通过验证方的验证。同时,发起挑战的用户方或者任何第三方不能够或从交互信息中提取挖掘出额外的文件信息。模型采用概率型验证使得产生证明的时间不随文件大小而增长,一定程度的提升了性能。该模型具有减少计算、通信及存储开销的效果。另外,CS-PDP模型支持公开验证和允许进行任意次持有性验证挑战。
[Abstract]:As the next generation architecture of the IT industry, cloud computing is not just simply putting applications and databases in a centralized, large-scale data center, but more flexible. Allowing any endpoint to participate in cloud service interactions is reflected in the cloud storage service: the entity providing the storage service may be the integration of a variety of providers. The new characteristics of this heterogeneity and the incomplete trustworthiness of storage providers make it more important to study the proof of data holding in the cloud environment. The purpose of data holding certificate is to help users to verify the integrity of data before using the outsourced storage data and to avoid the economic and social loss caused by the use of contaminated data. Previous studies either lack of publicly verifiable data or data can be verified by a third party, or do not fully consider the new characteristics of cloud storage, and this scheme has explored both aspects. The main work of this thesis is as follows: based on the detailed analysis of the new features of cloud environment compared with the traditional P2P environment, a data holding proof model CS-PDPfor cloud storage environment is constructed. This model mainly uses probabilistic verification and homomorphic label verification method of sampling detection, and adds a cloud storage provider agent CSPPto to assist users to interact with a variety of heterogeneous cloud storage providers. Complete data storage and data integrity verification. Moreover, the intermediate agent CSPP is constructed with trusted computing technology, and the security and credibility of the intermediate agent can be guaranteed to a certain extent by using the trusted base and the operation of the security audit log. In this paper, the theoretical analysis and experiment of the proposed model algorithm are carried out. It is concluded that the algorithm is correct by theoretical derivation. As long as the storage provider stores the original data of the user, it can be verified by the integrity. In terms of security, the algorithm also meets the requirements of completeness and privacy. If the storage service provider does not store the original data and these data are required by the verifier to prove their possession, the false holding certificate of the service provider will be verified by the verifier at a very low probability. At the same time, the challenging user or any third party cannot extract or extract additional file information from the interactive information. Probabilistic verification of the model makes the time of producing proof does not increase with the file size, and improves the performance to a certain extent. The model has the effect of reducing computation, communication and storage overhead. In addition, the CS-PDP model supports open validation and allows for arbitrary holding verification challenges.
【学位授予单位】：郑州大学
【学位级别】：硕士
【学位授予年份】：2013
【分类号】：TP333

【参考文献】