摘要: |
云存储完整性验证技术允许用户将数据存储至云端服务器,并为用户提供可验证的完整性保证。典型的云存储完整性验证方案由两个阶段组成:一是数据处理阶段,用户使用私钥处理数据、生成可验证的元数据存储于云服务器,而本地只需保存与数据相关的一些参数,如密钥和数据标签等;二是数据完整性验证阶段,验证者通过和云服务器交互执行一个挑战/证明协议,能够以极高的概率判断出云端数据当前的完整性。到目前为止,已经涌现了大量的相关密码学方案。本文对可证明安全的可公开验证的云存储完整性验证关键密码学技术研究进展进行简要回顾,主要涵盖代理数据外包技术、代理完整性验证技术、基于身份的数据外包技术以及几种计算和通信效率优化技术等。 |
关键词: 云计算 远程数据存储 数据完整性 数据隐私 数据持有证明 元数据 数字签名 |
DOI:10.19363/j.cnki.cn10-1380/tn.2017.07.003 |
投稿时间:2017-02-10修订日期:2017-05-24 |
基金项目:本课题得到国家自然科学基金(Nos.61672083,61370190,61272501,61402029,61472429,61202465,61532021)资助。 |
|
A Survey on Cryptographic Technologies for Data Integrity Checking in Clouds |
WANG Yujue,WU Qianhong |
School of Computer Science and Information Security, Guilin University of Electronic Technology, Guilin 541004, China;School of Information Systems, Singapore Management University, Singapore 178902, Singapore;School of Electronic and Information Engineering, Beihang University, Beijing 100191, China |
Abstract: |
Data integrity checking schemes allow users to outsource data to a cloud server, with a guarantee that the integrity of outsourced data can be verified. A typical data integrity checking scheme consists of two phases. In the data processing phase, the data owner processes her data with a private key to generate verifiable metadata that will be stored at the cloud server, and only keeps at local some related parameters including keys and data labels. In the data integrity checking phase, the verifier interacts with the cloud server to jointly carry out a challenge/prove protocol, which can detect the current integrity state of outsourced data with overwhelming probability. To date, many data integrity checking schemes have been proposed. In this paper, we review the research progress of key cryptographic technologies of publicly verifiable data integrity checking with probable security, such as proxy data outsourcing, proxy data integrity checking, identity-based data outsourcing and several efficiency optimization technologies on computation and communication costs. |
Key words: cloud computing remote data storage data integrity data privacy provable data possession metadata digital signature |