本文選題：云計算 + 云存儲��； 參考：《東北大學(xué)》2012年碩士論文

【摘要】：為用戶提供海量的按需存儲服務(wù)是云計算的重要應(yīng)用之一。用戶經(jīng)常會將其大容量數(shù)據(jù),例如檔案文件、天文數(shù)據(jù)、氣象數(shù)據(jù)等委托給云服務(wù)提供商(Cloud Service Provider,CSP)進(jìn)行存儲和管理,但由于客戶數(shù)據(jù)是放置在CSP的控制域內(nèi),而不是客戶控制域內(nèi),客戶很難相信數(shù)據(jù)不會被CSP或系統(tǒng)管理員所獲取和偽造,即客戶無法確定其存儲在CSP中的數(shù)據(jù)是否完整。而當(dāng)前的網(wǎng)絡(luò)安全機(jī)制已不能滿足云存儲下數(shù)據(jù)的完整性驗證需求。 針對云存儲中數(shù)據(jù)的完整性驗證問題,目前的解決方案主要有兩類：1)將數(shù)據(jù)全部下載之后再進(jìn)行完整性驗證,但是數(shù)據(jù)的下載操作不僅需要向CSP支付費用,同時還會占用用戶自身的網(wǎng)絡(luò)帶寬和存儲空間；2)數(shù)據(jù)持有證明(Provable Data Possession,PDP)方法,該方法通過某種知識證明協(xié)議或概率分析手段,允許用戶不用下載全部數(shù)據(jù),僅需要下載較少數(shù)據(jù)就能以高置信概率判斷整個外包存儲數(shù)據(jù)的完整性。但是,該方法僅支持靜態(tài)數(shù)據(jù)的完整性驗證,對于動態(tài)數(shù)據(jù)的完整性驗證支持不夠。 針對當(dāng)前的數(shù)據(jù)完整性驗證方案不支持動態(tài)更新的問題,本文提出一種支持?jǐn)?shù)據(jù)動態(tài)更新的新型完整性驗證方案——動態(tài)數(shù)據(jù)持有證明方案(Dynamic Provable Data Possession, DPDP)。DPDP方案在實現(xiàn)數(shù)據(jù)完整性驗證功能的同時,支持?jǐn)?shù)據(jù)的插入、修改和刪除操作。為構(gòu)建滿足實際應(yīng)用需求的DPDP方案,本文提出一種新型認(rèn)證數(shù)據(jù)結(jié)構(gòu)——基于查詢級的認(rèn)證跳表(Rank based Authenticated Skip List, R-ASL)。R-ASL引入了查詢級的概念,并使用新的哈希方法,不僅能夠完成數(shù)據(jù)的完整性驗證,還支持?jǐn)?shù)據(jù)的動態(tài)更新。論文首先給出了R-ASL的形式化定義以及哈希方法的實現(xiàn)方式,然后設(shè)計并實現(xiàn)了R-ASL的查詢、驗證以及更新算法,并將R-ASL應(yīng)用到DPDP中,并對其相關(guān)性能進(jìn)行了實驗分析。實驗分析證明,DPDP方案為實現(xiàn)動態(tài)更新而引起的通信代價和計算代價可以接受的。
[Abstract]:Providing users with massive on-demand storage services is one of the important applications of cloud computing. Users often delegate their bulk data, such as archival files, astronomical data, meteorological data, to cloud Service providers for storage and management, but because customer data is placed in the CSP control domain, It is difficult for customers to believe that data will not be obtained and falsified by CSP or system administrators, that is, customers cannot determine whether the data stored in CSP is complete or not. However, the current network security mechanism can not meet the needs of data integrity verification under cloud storage. In view of the problem of data integrity verification in cloud storage, there are mainly two kinds of solutions: 1: 1) download the data to verify the integrity of the data, but the downloading operation of the data not only needs to pay a fee to CSP. It also takes up the user's own network bandwidth and storage space) Provable Data possessionPs (PDPs) method, which allows users not to download all data through some kind of knowledge proof protocol or probabilistic analysis method. The integrity of the whole outsourced storage data can be judged by high confidence probability only by downloading less data. However, this method only supports static data integrity verification, but not dynamic data integrity verification. For the problem that the current data integrity verification scheme does not support dynamic updates, In this paper, a new integrity verification scheme, dynamic Provable Data Possession, DPDP).DPDP scheme, which supports data dynamic updating, is proposed. The dynamic Provable Data Possession, DPDP).DPDP scheme supports the insertion, modification and deletion of data at the same time as the function of data integrity verification. In order to construct a DPDP scheme to meet the requirements of practical applications, this paper proposes a new authentication data structure, which is based on query level, which introduces the concept of query level into the authentication hop table Rank based Authenticated Skip List, R-ASL).R-ASL, and uses a new hash method. Not only can complete the data integrity verification, but also support the dynamic update of data. This paper first gives the formal definition of R-ASL and the implementation of hash method, then designs and implements the query, verification and update algorithm of R-ASL, and applies R-ASL to DPDP, and analyzes its performance experimentally. The experimental results show that the communication cost and computational cost caused by the DDP scheme are acceptable.
【學(xué)位授予單位】：東北大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2012
【分類號】：TP333

【參考文獻(xiàn)】

相關(guān)期刊論文 前7條

1 徐劍;周福才;李欣陽;朱志良;;面向P2P存儲的分布式認(rèn)證跳表[J];東北大學(xué)學(xué)報(自然科學(xué)版);2012年01期

2 卿斯?jié)h,周永彬,張振峰,劉娟;認(rèn)證字典及其在PKI中的應(yīng)用研究[J];電子學(xué)報;2004年08期

3 張敏;洪澄;陳馳;;一種服務(wù)器透明的外包數(shù)據(jù)庫查詢驗證方法[J];計算機(jī)研究與發(fā)展;2010年01期

4 咸鶴群;馮登國;;外包數(shù)據(jù)庫模型中的完整性檢測方案[J];計算機(jī)研究與發(fā)展;2010年06期

5 徐劍;陳旭;李福祥;周福才;;基于有向哈希樹的認(rèn)證跳表算法[J];計算機(jī)科學(xué);2011年09期

6 曹夕;許力;陳蘭香;;云存儲系統(tǒng)中數(shù)據(jù)完整性驗證協(xié)議[J];計算機(jī)應(yīng)用;2012年01期

7 徐劍;周福才;陳旭;朱志良;;云計算中基于認(rèn)證數(shù)據(jù)結(jié)構(gòu)的數(shù)據(jù)外包認(rèn)證模型[J];通信學(xué)報;2011年07期

，

本文編號：1910605