| 基于零空间的网络编码云存储完整性校验方案 |
| 王伟平, 张俊峰, 王建新 |
| 中南大学 信息科学与工程学院, 长沙 410083 |
| Data integrity check based on null space for network coding based cloud storage |
| WANG Weiping, ZHANG Junfeng, WANG Jianxin |
| School of Information Science and Engineering, Central South University, Changsha 410083, China |
摘要:
| |||
| 摘要基于网络编码云存储的数据完整性校验过程, 面临着验证过程中计算开销较大、安全性弱等问题。为解决这些问题, 该文提出了基于零空间的网络编码云存储数据完整性校验方案——NS-NCCS。该方案首先计算出原始信息的零空间, 利用零空间生成验证向量, 并将验证向量发送给独立的第3方验证节点完成数据验证。分析与计算结果表明: 与NC-Audit方案相比, 该方案在完整性验证过程中可以显著降低漏检率、有效防止验证节点反推出原始信息、节省计算开销以及有效支持数据修复。 | |||
| 关键词 :零空间,网络编码,完整性,云存储 | |||
| Abstract:The process of data integrity check for network coding based cloud storage has problems of poor safety and large computational overhead. A scheme of data integrity check was developed based on null space for network coding based cloud storage (NS-NCCS) to solve these problems. In the scheme, the null space of original information is calculated and used to generate the integrity verification vector which is then sent to an independent third-party verification node for data integrity validation. Analyses and simulations show that compared with NC-Audit, NS-NCCS significantly decreases the omission factor during the data integrity checking and effectively prevents the original information disclosure in the process of verification, with the computational overhead reduced and data repair supported. | |||
| Key words:null spacenetwork codingdata integritycloud storage | |||
| 收稿日期: 2014-10-28 出版日期: 2016-01-29 | |||
| |||
| 引用本文: |
| 王伟平, 张俊峰, 王建新. 基于零空间的网络编码云存储完整性校验方案[J]. 清华大学学报(自然科学版), 2016, 56(1): 83-88,96. WANG Weiping, ZHANG Junfeng, WANG Jianxin. Data integrity check based on null space for network coding based cloud storage. Journal of Tsinghua University(Science and Technology), 2016, 56(1): 83-88,96. |
| 链接本文: |
| http://jst.tsinghuajournals.com/CN/10.16511/j.cnki.qhdxxb.2016.23.002或 http://jst.tsinghuajournals.com/CN/Y2016/V56/I1/83 |
图表:
 |
| 图1 NC-Audit方案的存储验证过程 |
 |
| 表1 符号说明 |
 |
| 图2 NS-NCCS方案存储验证过程图 |
 |
| 表2 两种完整性校验方案安全性比较 |
 |
| 表3 m=4kB时两种方案验证所需乘运算次数 |
 |
| 表4 m=4MB时两种方案验证所需乘运算次数 |
 |
| 表5 验证过程中存储节点和TPA 所需运行时间 |
参考文献:
| [1] Hu Y, Chen H C H, Lee P P C, et al. NCCloud: Applying network coding for the storage repair in a cloud-of-clouds [C]//USENIX FAST. 2012: 265 -272. [2] Shah M A, Swaminathan R, Baker M. Privacy-preserving audit and extraction of digital contents, HP Labs Technical Report No. HPL-2008-32 [R]. 2008. [3] Bowers K D, Juels A, Oprea A. Proofs of retrievability: Theory and implementation[C]//Proceedings of the 2009 ACM Workshop on Cloud Computing Security. ACM, 2009: 43-54. [4] Bowers K D, Juels A, Oprea A. HAIL: A high-availability and integrity layer for cloud storage [C]//Proceedings of the 16th ACM Conference on Computer and Communications Security. ACM, 2009: 187-198. [5] Wang C, Wang Q, Ren K, et al. Toward secure and dependable storage services in cloud computing [J]. IEEE Transactions on Services Computing, 2012, 5(2): 220-232. [6] Rodrigues R, Liskov B. High availability in DHTs: Erasure coding vs. replication [M]//Peer-to-Peer Systems IV. Springer Berlin Heidelberg, 2005: 226-239. [7] Dikaliotis T K, Dimakis A G, Ho T. Security in distributed storage systems by communicating a logarithmic number of bits [C]//2010 IEEE International Symposium on Information Theory Proceedings (ISIT). IEEE, 2010: 1948-1952. [8] Chen H C H, Lee P P C. Enabling data integrity protection in regenerating-coding-based cloud storage [C]//31st Symposium on Reliable Distributed Systems (SRDS). IEEE, 2012: 51-60. [9] Chen B, Curtmola R, Ateniese G, et al. Remote data checking for network coding-based distributed storage systems [C]//Proceedings of the 2010 ACM Workshop on Cloud Computing Security. ACM, 2010: 31-42. [10] Le A, Markopoulou A. NC-Audit: Auditing for network coding storage [C]//Network Coding (NetCod), 2012 International Symposium on. IEEE, 2012: 155-160. [11] Le A, Dimakis A G. Auditing for distributed storage systems, Cornell University Technical Report [R/OL]. http: //arxiv.org/abs/1203.1730. [12] Wang C, Wang Q, Ren K, et al. Privacy-preserving public auditing for data storage security in cloud computing [C]//INFOCOM, 2010 Proceedings IEEE. San Diego, CA: IEEE, 2010. [13] Yu S C, Wang C, Ren K, et al. Achieving secure, scalable, and fine-grained data access control in cloud computing [C]//INFOCOM, 2010 Proceedings IEEE. San Diego, CA: IEEE, 2010. [14] Roman S. Advanced Linear Algebra (Second Edition) [M]. Springer, 2005. [15] Elias K, Li B C. Null keys: Limiting malicious attacks via null space properties of network coding [C]//INFOCOM, 2009 Proceedings IEEE. IEEE, 2009: 1224-1232. |
相关文章:
|
