针对云存储服务数据完整性存在的问题,借鉴目前远程数据完整性验证方案,提出基于区块链的云存储数据完整性验证方案。首先,将完整性证明存储在具有防篡改特性的区块链上,构建了可问责的数据完整性证明;同时以区块链上的智能合约代替第3方审计者对数据进行完整性验证。在验证阶段加入了对数据副本的完整性验证,并强制要求云存储服务存储至少一份数据副本。此外,首次引入第3方仲裁机构,利用可问责的数据完整性证明对恶意的云存储提供商和用户的非法请求进行完整性仲裁。最后经过分析和实验证明该方案是安全的,可行的。
Aiming at the problems existing in data integrity of cloud storage services, a blockchain-based cloud storage data integrity verification scheme is proposed by referring to the current remote data integrity verification scheme. Firstly, an integrity certificate is stored in a tamper-proof blockchain, thus an accountable data integrity certificate is constructed. At the same time, the third-party auditor is replaced by the smart contract in the blockchain to verify the integrity of the data. In the verification stage, the integrity verification of data copies is added, and the cloud storage service is forced to store at least one data copy. In addition, a third-party arbitration organization is introduced for the first time, which uses the accountable data integrity certificate to arbitrate the integrity of illegal requests from malicious cloud storage providers and users. Finally, the proposed scheme is proved to be safe and feasible by analysis and experiment.
[1] 周可, 王桦, 李春花. 云存储技术及其应用[J]. 中兴通讯技术, 2010, 16(4):24-27. Zhou K, Wang H, Li C H. Cloud storage technology and its application[J]. ZTE Technology, 2010, 16(4):24-27. (in Chinese)
[2] Zang L N, Zheng Y J, He Z Q. The problems in cloud computing security and its solutions[C]//2015 International Conference on Automation, Mechanical Control and Computational Engineering, 2015:221-225.
[3] Julisch K, Hall M. Security and control in the cloud[J]. Information Systems Security, 2010, 19(6):299-309.
[4] Sun X. Critical security issues in cloud computing:a survey[C]//IEEE International Conference on High Performance & Smart Computing, 2018:216-221.
[5] Wang Q, Wang C, Li J, et al. Enabling public verifiability and data dynamics for storage security in cloud computing[C]//European Symposium on Research in Computer Security. Heidelberg, Berlin:Springer, 2009:355-370.
[6] Ateniese G, Burns R, Curtmola R, et al. Provable data possession at untrusted stores[C]//ACM Conference on Computer & Communications Security, 2007:598-609.
[7] 谭霜, 贾焰, 韩伟红. 云存储中的数据完整性证明研究及进展[J]. 计算机学报, 2015, 38(1):164-177. Tan S, Jia Y, Han W H. Research and development of provable data integrity in cloud storage[J]. Chinese Journal of Computers, 2015, 38(1):164-177. (in Chinese)
[8] Ateniese G, Burns R, Curtmola R, et al. Provable data possession at untrusted stores[C]//ACM Conference on Computer and Communications Security, 2007:598-609.
[9] Ateniese G, Burns R, Curtmola R, et al. Remote data checking using provable data possession[J]. ACM Transactions on Information & System Security, 2011, 14(1):1-34.
[10] Juels A. Pors:proofs of retrievability for large files[C]//ACM Conference on Computer and Communications Security, 2007:584-597.
[11] Ristenpart T, Tromer E, Shacham H, et al. Hey, you, get off of my cloud:exploring information leakage in third-party compute clouds[C]//Proceedings of the 16th ACM Conference on Computer and Communications Security, 2009:199-212.
[12] Nakamoto S. Bitcoin:a peer-to-peer electronic cash system[EB/OL]. https://bitcoin.org/bitcoin.pdf.
[13] Pierro M D. What is the blockchain?[J]. Computing in Science and Engineering, 2017, 19(5):92-95.
[14] Zikratov I, Kuzmin A, Akimenko V, et al. Ensuring data integrity using blockchain technology[C]//201720th Conference of Open Innovations Association, 2017:534-539.
[15] 杨淳. 基于区块链的云存储数据完整性检测的研究[D]. 成都:电子科技大学, 2020.
[16] 刘广沛. 基于区块链的云数据完整性保护机制[D]. 南京:南京邮电大学, 2018.
