基于云存储的数据完整性验证方法研究

发布时间：2018-08-08 21:56

【摘要】：云存储作为一种新兴的存储方式,凭借其存储空间大,灵活性高,且存储成本低等优势,备受用户的喜爱。在云存储快速发展的过程中,其安全性也显得尤为重要,尤其是在数据完整性验证方面。用户使用云存储时,将数据存储到云端,用户本地将不再拥有该数据的任何备份,一旦云端发生设备故障,或遭到入侵者攻击,都会造成用户数据的损坏甚至丢失。而提供云存储服务的商家往往会为了避免纠纷、减少赔偿、维持声誉等原因向用户隐瞒这些事件的发生以及造成的后果。本文就上述问题,对云存储的数据完整性验证展开了深入研究。重点分析当前已有的完整性验证方案在性能上、安全上的不足,分别对于单一云和混合云的两种云存储环境提出优化的完整性验证方案,并对提出的方案进行理论分析和仿真验证,证明方案的正确性和在性能上的优势。本论文的主要工作有:(1)分析了当前云存储中存在的各种安全性问题,主要是数据完整性验证问题。然后分别在单一云和混合云的环境下,对当前已有的完整性验证方案,在性能上(如通信开销、计算开销等)以及安全性上(如支持第三方验证等)分析其中存在的问题或需要改进的地方。最后总结了当前需要研究的重点和方向。(2)在单一云的环境下,针对已有的数据的完整性验证方案,总结它们的共性和不足,提出一种通信开销更小、验证方式更简便、效率更高的验证方案。本方案在Merkel Tree模型的基础上,利用了Diffie-Hellman算法的特性,在用户最小化本地存储开销(仅O(1))和通信过程开销O(logn)的前提下,实现了可以对云端数据进行无限次、且选择性地验证。(3)在混合云的环境下,本文采用了基于双线性映射的BLS签名算法,提出了在用户的数据存于多个云端的情况下,可以一次性验证数据完整性的方案。该方案引入“中继者”的角色,使用同态聚合的方式,实现了混合云环境下的数据完整性高效验证。
[Abstract]:Cloud storage as a new storage method, with its large storage space, high flexibility, and low storage costs and other advantages, is popular with users. In the process of rapid development of cloud storage, its security is especially important, especially in data integrity verification. When a user uses cloud storage, he stores the data to the cloud, and the user will no longer have any backup of the data. Once the cloud fails or is attacked by an intruder, the data of the user will be damaged or even lost. In order to avoid disputes, reduce compensation and maintain reputation, merchants providing cloud storage services often conceal the occurrence and consequences of these events from users. In this paper, the data integrity verification of cloud storage is studied. This paper focuses on the analysis of the performance and security shortcomings of the existing integrity verification schemes, and proposes an optimized integrity verification scheme for the two cloud storage environments, single cloud and mixed cloud, respectively. The theoretical analysis and simulation results show that the scheme is correct and has advantages in performance. The main work of this thesis is as follows: (1) the security problems in cloud storage are analyzed, mainly data integrity verification. Then, in the case of a single cloud and a mixed cloud, the current integrity verification scheme is validated in terms of performance, such as communication overhead, Computing overhead, etc.) and security (such as support for third-party verification) to analyze the problems or areas that need to be improved. Finally, the emphasis and direction of current research are summarized. (2) in a single cloud environment, for the existing data integrity verification scheme, sum up their commonalities and shortcomings, propose a communication cost is smaller, verification method is more simple, A more efficient verification scheme. On the basis of Merkel Tree model, this scheme makes use of the characteristic of Diffie-Hellman algorithm. Under the premise of minimizing local storage cost (O (1) only) and communication process overhead (O (logn), the scheme realizes infinite times for cloud data. And selective verification. (3) in the mixed cloud environment, the BLS signature algorithm based on bilinear mapping is adopted, and a scheme is proposed to verify the data integrity once the user's data is stored in more than one cloud. This scheme introduces the role of "relay" and uses homomorphic aggregation to verify the data integrity efficiently in the mixed cloud environment.
【学位授予单位】：北京邮电大学
【学位级别】：硕士
【学位授予年份】：2016
【分类号】：TP333;TP309

【相似文献】