博碩士論文 995403005 詳細資訊




以作者查詢圖書館館藏 以作者查詢臺灣博碩士 以作者查詢全國書目 勘誤回報 、線上人數:7 、訪客IP:54.162.133.222
姓名 楊誠育(Cheng-Yu Yang)  查詢紙本館藏   畢業系所 通訊工程學系
論文名稱 雲端環境安全資料儲存證明之研究
(The Study of Secure Provable-Data-Possession in Cloud Environments)
檔案 [Endnote RIS 格式]    [Bibtex 格式]    至系統瀏覽論文 (2022-6-30以後開放)
摘要(中) 由於行動裝置對雲端資源存取的需求,因此雲端計算和雲端儲存服務日益重要。雲端環境提供的外部儲存服務已經成為一個常見並且隨處可取用的使用者資料存取平台。然而,使用者終究無法如同本機內部硬碟般存取外部雲端儲存資料,以致外部儲存服務無法得到使用者的完全信任。對於前述安全性問題,目前有許多資料儲存證明協定(Provable-Data-Possession Protocol)被提出。本研究的協定基於橢圓曲線雙線性特點,發展雲端儲存的資料儲存證明協定。本研究改良現有研究的效能,減少驗證的計算成本。除探討一般的身份憑證,本研究率先提出以屬性憑證為基礎的雲端環境資料儲存證明協定。對於無憑證認證為基礎的雲端環境,提出新的資料儲存證明模型以改良現存研究中的資安漏洞。此外,並針對無憑證認證的雲端環境,整合雲端備份的架構,提出驗證儲存資料完整性的協定。整體而言,與其他資料儲存證明協定相較,本研究提供較低計算成本和高安全性。
摘要(英) Cloud computing and cloud storage are important developments because they can be accessed by mobile devices. The outsourced storage in cloud environment has become a stable, location-independent platform for managing user data. However, the outsourced data are not trustworthy because they cannot be accessed locally by users. To resolve the critical issue, many studies have proposed provable-data-possession (PDP) protocol to examine the integrity of outsource data in cloud environments securely and efficiently. This study developed secure PDP protocols based on the bilinear arithmetic of elliptic curves for cloud storage system. This study proposes efficient PDP protocols, which allow the verifier to examine data possession in cloud environments at a lower computational cost. In addition to discussing general certificate, this dissertation presents the first study for achieving authentication by attribute in the storage auditing protocol. For cloud environments without certificate, a new model is proposed to improve security breaches in existing research. In addition, this study provides the PDP protocol in cloud backup environment without certificate to ensure that all the outsourced copies are actually correct. Comparisons with other state-of-the-art schemes show that this study is more secure and efficient.
關鍵字(中) ★ 雲端安全
★ 密碼學
★ 資料儲存證明協定
★ 公開稽核服務
關鍵字(英) ★ cloud security
★ cryptography
★ provable data possession protocol
★ public audit service
論文目次 中文摘要 i
Abstract ii
Table of Contents iii
List of Figures vi
List of Tables vii
Chapter 1 Introduction 1
1.1 Research Motivation 1
1.2 Research Background 2
1.3 Classification of Research 6
1.4 Contribution of Dissertation 8
1.5 Organization of Dissertation 8
Chapter 2 Literature Reviews 9
2.1 Yang et al. scheme [12] 9
2.2 Guo et al. scheme [24] 12
2.3 Zhang et al. scheme [27] 15
Chapter 3 Enhanced Provable-Data-Possession in Cloud Computing with Multiple Owners 18
3.1 Preliminary Remarks and Definitions 18
3.2 Methods: EPDP 20
3.3 Secure Dynamic and Batch Provable-Data-Possession Protocol 24
3.3.1 Constructions for Dynamic Provable-Data-Possession Protocol 24
3.3.2 Algorithms for Batch Provable-Data-Possession Protocol 27
3.4 Security Analysis 32
3.5. Results 37
3.6 Summary 39
Chapter 4 File Changes with Security Proof Stored in Cloud Service Systems 41
4.1. Preliminaries and Definitions 41
4.2. Proposed Protocol 41
4.3. Security Analysis 49
4.4 Performance Analysis 55
4.5 Summary 57
Chapter 5 Provable-Data-Possession in Cloud Computing with Attribute Proof 58
5.1 Preliminary Remarks and Definitions 58
5.2 Methods 62
5.2.1 Provable-Data-Possession in Cloud Computing with Attribute Proof scheme (PDPCCAP) 62
5.2.2 Extended Discussion 66
5.3 Threat Model 67
5.4. Efficiency 74
5.4.1 Analysis of the Efficiency of the different Attribute Proofs 74
5.4.2 Probability of Misbehavior Detection 74
5.5 Summary 76
Chapter 6 A Secure Protocol for Identity-based Provable-Data- Possession in Cloud Storage 77
6.1 System Model and Security Model of ID-PDP 77
6.1.1 System model 78
6.1.2 Security model 78
6.2 Constructions for the proposed ID-PDP protocol 79
6.3 Security Analysis 82
6.3.1. Attack 1: Data deletion by malicious CSP 84
6.3.2. Attack 2: Data modification by malicious CSP 85
6.4 Performance Analysis 87
6.4.1 Storage overhead 87
6.4.2 Computation overhead 88
6.4.3 Communication overhead 88
6.5 Summary 89
Chapter 7 Identity-Based Integrity Verification of Replica without Public Key Infrastructure in Cloud Storage 90
7.1 Construction and Security Model of Proposed Scheme 90
7.1.1 Construction for ID-IVR Protocol 90
7.1.2 Security Model 92
7.2 Construction of the proposed ID-IVR Protocol 93
7.3 Dynamic Integrity Protocol 97
7.4 Security and Performance of Proposed ID-IVR Protocol 100
7.4.1 Security Analysis 101
7.4.2 Performance Analysis 104
7.5 Summary 105
Chapter 8 Conclusion 106
Bibliography 109
參考文獻 [1] Chen, EY., Pei, Y., Chen, S., Tian, Y., Kotcher, R., and Tague, P., “Oauth demystified for mobile application developers,” Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 892–903, 2014.
[2] Chin, E., Felt, AP., Greenwood, K., and Wagner, D., “Analyzing inter-application communication in Android,” Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, pp. 239–252, 2011.
[3] Denning, T., Kohno, T., and Levy, H.M., “Computer security and the modern home,” Communications of the ACM, vol. 56(1), pp. 94–103, 2013.
[4] Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., and Song, D., ”Provable data possession at untrusted stores,” Proceedings of the 14th ACM Conference on Computer and Communication Security, pp. 598–609, 2007.
[5] Shacham, H. and Waters, B., “Compact Proofs of Retrievability,” Proceedings of the 14th International Conference Theory and Application of Cryptology and Information Security: Advances in Cryptology, pp. 90-107, 2008.
[6] Erway, C., Kupcu, A., Papamanthou, C., and Tamassia. R., “Dynamic Provable Data Possession,” Proceedings of the 15th ACM Conference on Computer and Communication Security, pp. 213-222, 2009.
[7] Ateniese, G., Kamara, S., and Katz. J., “Proofs of storage from homomorphic identification protocols,” Proceedings of the 15th International Conference Theory and Application of Cryptology and Information Security: Advances in Cryptology, pp. 319-333, 2009.
[8] Ateniese, G., Burns, R., Curtmola, R., Herring, J., Khan, O., Kissner, L., Peterson, Z., and Song, D., “Remote data checking using provable data possession,” ACM Transactions on Information and System Security, vol. 14, pp. 1–34, 2011.
[9] Ateniese, G., Pietro, R.D., Mancini, L.V., and Tsudik, G., “Scalable and efficient provable data possession,” Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks, pp. 1-10, 2008.
[10] Wang, Q., Wang, C., Ren, K., Lou, W., and Li, J., “Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing,” IEEE Transactions on Parallel Distributed Systems, vol. 22, pp. 847-859, 2011.
[11] Wang, C., Wang, Q., Ren, K., and Lou, W., “Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing,” Proceedings of the 29th Conference on Information Communications, pp. 525-533, 2010.
[12] Yang, K. and Jia, X., “An efficient and secure dynamic auditing protocol for data storage in cloud computing,” IEEE Transactions on Parallel and Distributed Systems, vol. 24, pp. 1717–1726, 2012.
[13] Wang, B., Li, B., and Li, H., “Oruta: Privacy-Preserving Public Auditing for Shared Data in the Cloud,” IEEE Transactions on Cloud Computing, vol. 2, pp. 43-56, 2014.
[14] Zhu, Y., Wang, S., Hu, H., Ahn, G.-J., and Ma, D., “Secure Collaborative Integrity Verification for hybrid cloud environment,” International Journal of Cooperative Information Systems, vol. 21, pp. 165–197, 2012.
[15] Zhu, Y., Hu, H., Ahn, G.-J., and Yu., M., “Cooperative Provable Data Possession for Integrity Verification in Multi-Cloud Storage,” IEEE Transactions on Parallel and Distributed Systems, vol. 23, pp. 2231-2244, 2012.
[16] Zhu, Y., Ahn, G.-J., Hu, H., Yau, S. S., An, H.G., and Hu, C.J., “Dynamic Audit Services for Outsourced Storages in Clouds,” IEEE Transactions on Services Computing, vol. 6(2), pp. 227-238, 2013.
[17] Sookhak, M., Akhunzada, A., Gani, A., Khan, M. K., Anuar, and N. B., “Towards Dynamic Remote Data Auditing in Computational Clouds,” The Scientific World Journal, vol. 2014, Article ID 269357, 2014.
[18] Wang, F., Xu, L., Wang, H., Chen, Z., “Identity-based non-repudiable dynamic provable data possession in cloud storage,” Computers and Electrical Engineering, 2017. doi: 10.1016/j.compeleceng.2017.09.025
[19] Lin, C., Shen, Z., Chen, Q., Sheldon, F. T., “A Data Integrity Verification Scheme in Mobile Cloud Computing,” Journal of Network and Computer Applications, vol. 77, pp. 146–151, 2017.
[20] Yang, G., Yu, J., Shen, W., Su, Q., Fu, Z., Hao R., “Enabling public auditing for shared data in cloud storage supporting identity privacy and traceability,” The Journal of Systems and software, vol. 113, pp. 130-139, 2016.
[21] Yuan, J. and Yu, S., “Public integrity auditing for dynamic data sharing with multiuser modification,” IEEE Transactions on Information Forensics and Security, vol. 10(8), pp. 1717-1726, 2015.
[22] Slamanig, D., Stingl, C., Menard, C., Heiligenbrunner, M., and Thierry, J., “Anonymity and application privacy in context of mobile computing in ehealth,” Mobile Response 2008. Lecture Notes in Computer Science, Springer, Berlin, Heidelberg, vol. 5424, pp. 148–157, 2009.
[23] Bjones, R., Krontiris, I., Paillier, P., and Rannenberg, K., “Integrating anonymous credentials with aids for privacy respecting online authentication,” Privacy Technologies and Policy, Springer, Berlin, Heidelberg, pp. 111–124, 2014.
[24] Guo, N., Gao, T., and Wang, J., “Privacy-preserving and efficient attributes proof based on selective aggregate CL-signature scheme,” International Journal of Computer Mathematics, vol. 93(2), pp. 273–288, 2014.
[25] Camenisch, J. and Lysyanskaya, A., “Signature schemes and anonymous credentials from bilinear maps,” Proceedings of the 24th Annual International Cryptology Conference Advances in Cryptology, LNCS, August, Springer, Berlin, Heidelberg, vol. 3152, pp. 56–72, 2004.
[26] Bhargav-Spantzel, A., Squicciarini, A. C., and Xue, R., “Multifactor Identity Verification Using Aggregated Proof of Knowledge,” IEEE Transactions on System, Man, and Cybernetics, vol. 40(4), pp. 372–383, 2010.
[27] Zhang, J. and Dong, Q., “Efficient ID-based public auditing for the outsourced data in cloud storage,” Information Sciences, vol. 343–344, pp. 1–14, 2016.
[28] He, D., Wang, H., Zhang, J., and Wang, L., “Insecurity of an identity-based public auditing protocol for the outsourced data in cloud storage,” Information Sciences, vol. 375, pp. 48–53, 2017.
[29] Wang, H., Wu, Q., Qin, B., and Domingo-Ferrer, J., “Identity-based remote data possession checking in public clouds,” IET Information Security, vol. 8(2), pp. 114–121, 2014.
[30] Wang, H., He, D., and Tang, S., “Identity-based proxy-oriented data uploading and remote data integrity checking in public cloud,” IEEE Transactions on Information Forensics and Security, vol. 11(6), pp. 1165–1176, 2016.
[31] Curtmola, R., Khan, O., Burns, R., and Ateniese, G., “MR-PDP: Multiple-Replica Provable Data Possession,” Proceedings of the 28th International Conference on Distributed Computing Systems, pp. 411–420, 2008.
[32] Barsoum, A.F. and Hasan, M.A., “Integrity Verification of Multiple Data Copies over Untrusted Cloud Servers,” Proceedings of the 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, pp. 829–834, 2012.
[33] Mo, Z., Zhou, Y., Chen, S., and Xu, C., “Enabling non-repudiable data possession verification in cloud storage systems,” Proceedings of the 7th International Conference on Cloud Computing, pp. 232–239, 2014.
[34] Peng, S., Zhou, F., Wang, Q., Xu, Z., and Xu, J., “Identity-based public multi-replica provable data possession,” IEEE Access 5, pp. 26990–27001, 2017.
[35] Boneh, D., Lynn, B., and Shacham, H., “Short Signatures from the Weil Pairing,” Journal of Cryptology, vol. 17, pp. 297-319, 2004.
[36] Lynn, B., “PBC library–the pairing-based cryptography library,” http://crypto.stanford.edu/pbc/. Accessed 30 July 2018.
[37] Boneh, D., Lynn, B., Gentry, C., and Shacham, H., “Aggregate and veriably encrypted signatures from bilinear maps,” Proceedings of the 22nd International Conference on Theory and Applications of Cryptographic Techniques, pp. 416-432, 2003.
[38] Lysyanskaya, A., Rivest, R., Sahai, A., and Wolf, S., "Pseudonym systems.,” Selected Areas in Cryptography, LNCS. Springer, Vol. 1758, pp. 184–199, 1999.
[39] Begum, N., Nakanishi, T., and Nogami, Y., “An efficiency improvement in an anonymous credential system for CNF formulas on attributes with constant-size proofs,” 2nd International Conference on Electrical Engineering and Information Communication Technology, pp. 1-5, 2015.
[40] Shoup, V., “Lower Bounds for Discrete Logarithms and Related Problems,” Proceedings of the 16th Annual International Conference on Theory and Application of Cryptographic Techniques: Advances in Cryptology, pp. 256–266, 1997.
[41] Mahmood, K., “Performance Comparison of NOSQL Database Cassandra and SQL Server for Large Databases,” Journal of Independent Studies and Research-Computing, vol. 14, pp. 21-25, 2016.
[42] Alborghetti, S., “New options and better performance in cqlsh copy, “ https://www.datastax.com/dev/blog/new-features-in-cqlsh-copy. Accessed 30 July 2018.
指導教授 陳彥文 王旭正 審核日期 2018-8-23
推文 facebook   plurk   twitter   funp   google   live   udn   HD   myshare   reddit   netvibes   friend   youpush   delicious   baidu   
網路書籤 Google bookmarks   del.icio.us   hemidemi   myshare   

若有論文相關問題,請聯絡國立中央大學圖書館推廣服務組 TEL:(03)422-7151轉57407,或E-mail聯絡  - 隱私權政策聲明