本文選題：云計(jì)算 + 云存儲(chǔ)��； 參考：《東北大學(xué)》2012年碩士論文

【摘要】：為用戶(hù)提供海量的按需存儲(chǔ)服務(wù)是云計(jì)算的重要應(yīng)用之一。用戶(hù)經(jīng)常會(huì)將其大容量數(shù)據(jù),例如檔案文件、天文數(shù)據(jù)、氣象數(shù)據(jù)等委托給云服務(wù)提供商(Cloud Service Provider,CSP)進(jìn)行存儲(chǔ)和管理,但由于客戶(hù)數(shù)據(jù)是放置在CSP的控制域內(nèi),而不是客戶(hù)控制域內(nèi),客戶(hù)很難相信數(shù)據(jù)不會(huì)被CSP或系統(tǒng)管理員所獲取和偽造,即客戶(hù)無(wú)法確定其存儲(chǔ)在CSP中的數(shù)據(jù)是否完整。而當(dāng)前的網(wǎng)絡(luò)安全機(jī)制已不能滿(mǎn)足云存儲(chǔ)下數(shù)據(jù)的完整性驗(yàn)證需求。 針對(duì)云存儲(chǔ)中數(shù)據(jù)的完整性驗(yàn)證問(wèn)題,目前的解決方案主要有兩類(lèi)：1)將數(shù)據(jù)全部下載之后再進(jìn)行完整性驗(yàn)證,但是數(shù)據(jù)的下載操作不僅需要向CSP支付費(fèi)用,同時(shí)還會(huì)占用用戶(hù)自身的網(wǎng)絡(luò)帶寬和存儲(chǔ)空間；2)數(shù)據(jù)持有證明(Provable Data Possession,PDP)方法,該方法通過(guò)某種知識(shí)證明協(xié)議或概率分析手段,允許用戶(hù)不用下載全部數(shù)據(jù),僅需要下載較少數(shù)據(jù)就能以高置信概率判斷整個(gè)外包存儲(chǔ)數(shù)據(jù)的完整性。但是,該方法僅支持靜態(tài)數(shù)據(jù)的完整性驗(yàn)證,對(duì)于動(dòng)態(tài)數(shù)據(jù)的完整性驗(yàn)證支持不夠。 針對(duì)當(dāng)前的數(shù)據(jù)完整性驗(yàn)證方案不支持動(dòng)態(tài)更新的問(wèn)題,本文提出一種支持?jǐn)?shù)據(jù)動(dòng)態(tài)更新的新型完整性驗(yàn)證方案——?jiǎng)討B(tài)數(shù)據(jù)持有證明方案(Dynamic Provable Data Possession, DPDP)。DPDP方案在實(shí)現(xiàn)數(shù)據(jù)完整性驗(yàn)證功能的同時(shí),支持?jǐn)?shù)據(jù)的插入、修改和刪除操作。為構(gòu)建滿(mǎn)足實(shí)際應(yīng)用需求的DPDP方案,本文提出一種新型認(rèn)證數(shù)據(jù)結(jié)構(gòu)——基于查詢(xún)級(jí)的認(rèn)證跳表(Rank based Authenticated Skip List, R-ASL)。R-ASL引入了查詢(xún)級(jí)的概念,并使用新的哈希方法,不僅能夠完成數(shù)據(jù)的完整性驗(yàn)證,還支持?jǐn)?shù)據(jù)的動(dòng)態(tài)更新。論文首先給出了R-ASL的形式化定義以及哈希方法的實(shí)現(xiàn)方式,然后設(shè)計(jì)并實(shí)現(xiàn)了R-ASL的查詢(xún)、驗(yàn)證以及更新算法,并將R-ASL應(yīng)用到DPDP中,并對(duì)其相關(guān)性能進(jìn)行了實(shí)驗(yàn)分析。實(shí)驗(yàn)分析證明,DPDP方案為實(shí)現(xiàn)動(dòng)態(tài)更新而引起的通信代價(jià)和計(jì)算代價(jià)可以接受的。
[Abstract]:Providing users with massive on-demand storage services is one of the important applications of cloud computing. Users often delegate their bulk data, such as archival files, astronomical data, meteorological data, to cloud Service providers for storage and management, but because customer data is placed in the CSP control domain, It is difficult for customers to believe that data will not be obtained and falsified by CSP or system administrators, that is, customers cannot determine whether the data stored in CSP is complete or not. However, the current network security mechanism can not meet the needs of data integrity verification under cloud storage. In view of the problem of data integrity verification in cloud storage, there are mainly two kinds of solutions: 1: 1) download the data to verify the integrity of the data, but the downloading operation of the data not only needs to pay a fee to CSP. It also takes up the user's own network bandwidth and storage space) Provable Data possessionPs (PDPs) method, which allows users not to download all data through some kind of knowledge proof protocol or probabilistic analysis method. The integrity of the whole outsourced storage data can be judged by high confidence probability only by downloading less data. However, this method only supports static data integrity verification, but not dynamic data integrity verification. For the problem that the current data integrity verification scheme does not support dynamic updates, In this paper, a new integrity verification scheme, dynamic Provable Data Possession, DPDP).DPDP scheme, which supports data dynamic updating, is proposed. The dynamic Provable Data Possession, DPDP).DPDP scheme supports the insertion, modification and deletion of data at the same time as the function of data integrity verification. In order to construct a DPDP scheme to meet the requirements of practical applications, this paper proposes a new authentication data structure, which is based on query level, which introduces the concept of query level into the authentication hop table Rank based Authenticated Skip List, R-ASL).R-ASL, and uses a new hash method. Not only can complete the data integrity verification, but also support the dynamic update of data. This paper first gives the formal definition of R-ASL and the implementation of hash method, then designs and implements the query, verification and update algorithm of R-ASL, and applies R-ASL to DPDP, and analyzes its performance experimentally. The experimental results show that the communication cost and computational cost caused by the DDP scheme are acceptable.
【學(xué)位授予單位】：東北大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2012
【分類(lèi)號(hào)】：TP333

【參考文獻(xiàn)】

相關(guān)期刊論文 前7條

1 徐劍;周福才;李欣陽(yáng);朱志良;;面向P2P存儲(chǔ)的分布式認(rèn)證跳表[J];東北大學(xué)學(xué)報(bào)(自然科學(xué)版);2012年01期

2 卿斯?jié)h,周永彬,張振峰,劉娟;認(rèn)證字典及其在PKI中的應(yīng)用研究[J];電子學(xué)報(bào);2004年08期

3 張敏;洪澄;陳馳;;一種服務(wù)器透明的外包數(shù)據(jù)庫(kù)查詢(xún)驗(yàn)證方法[J];計(jì)算機(jī)研究與發(fā)展;2010年01期

4 咸鶴群;馮登國(guó);;外包數(shù)據(jù)庫(kù)模型中的完整性檢測(cè)方案[J];計(jì)算機(jī)研究與發(fā)展;2010年06期

5 徐劍;陳旭;李福祥;周福才;;基于有向哈希樹(shù)的認(rèn)證跳表算法[J];計(jì)算機(jī)科學(xué);2011年09期

6 曹夕;許力;陳蘭香;;云存儲(chǔ)系統(tǒng)中數(shù)據(jù)完整性驗(yàn)證協(xié)議[J];計(jì)算機(jī)應(yīng)用;2012年01期

7 徐劍;周福才;陳旭;朱志良;;云計(jì)算中基于認(rèn)證數(shù)據(jù)結(jié)構(gòu)的數(shù)據(jù)外包認(rèn)證模型[J];通信學(xué)報(bào);2011年07期

，

本文編號(hào)：1910605