本文選題：云計算 + 云存儲�。� 參考：《東北大學》2012年碩士論文

【摘要】：為用戶提供海量的按需存儲服務是云計算的重要應用之一。用戶經(jīng)常會將其大容量數(shù)據(jù),例如檔案文件、天文數(shù)據(jù)、氣象數(shù)據(jù)等委托給云服務提供商(Cloud Service Provider,CSP)進行存儲和管理,但由于客戶數(shù)據(jù)是放置在CSP的控制域內(nèi),而不是客戶控制域內(nèi),客戶很難相信數(shù)據(jù)不會被CSP或系統(tǒng)管理員所獲取和偽造,即客戶無法確定其存儲在CSP中的數(shù)據(jù)是否完整。而當前的網(wǎng)絡安全機制已不能滿足云存儲下數(shù)據(jù)的完整性驗證需求。 針對云存儲中數(shù)據(jù)的完整性驗證問題,目前的解決方案主要有兩類：1)將數(shù)據(jù)全部下載之后再進行完整性驗證,但是數(shù)據(jù)的下載操作不僅需要向CSP支付費用,同時還會占用用戶自身的網(wǎng)絡帶寬和存儲空間；2)數(shù)據(jù)持有證明(Provable Data Possession,PDP)方法,該方法通過某種知識證明協(xié)議或概率分析手段,允許用戶不用下載全部數(shù)據(jù),僅需要下載較少數(shù)據(jù)就能以高置信概率判斷整個外包存儲數(shù)據(jù)的完整性。但是,該方法僅支持靜態(tài)數(shù)據(jù)的完整性驗證,對于動態(tài)數(shù)據(jù)的完整性驗證支持不夠。 針對當前的數(shù)據(jù)完整性驗證方案不支持動態(tài)更新的問題,本文提出一種支持數(shù)據(jù)動態(tài)更新的新型完整性驗證方案——動態(tài)數(shù)據(jù)持有證明方案(Dynamic Provable Data Possession, DPDP)。DPDP方案在實現(xiàn)數(shù)據(jù)完整性驗證功能的同時,支持數(shù)據(jù)的插入、修改和刪除操作。為構建滿足實際應用需求的DPDP方案,本文提出一種新型認證數(shù)據(jù)結構——基于查詢級的認證跳表(Rank based Authenticated Skip List, R-ASL)。R-ASL引入了查詢級的概念,并使用新的哈希方法,不僅能夠完成數(shù)據(jù)的完整性驗證,還支持數(shù)據(jù)的動態(tài)更新。論文首先給出了R-ASL的形式化定義以及哈希方法的實現(xiàn)方式,然后設計并實現(xiàn)了R-ASL的查詢、驗證以及更新算法,并將R-ASL應用到DPDP中,并對其相關性能進行了實驗分析。實驗分析證明,DPDP方案為實現(xiàn)動態(tài)更新而引起的通信代價和計算代價可以接受的。
[Abstract]:Providing users with massive on-demand storage services is one of the important applications of cloud computing. Users often delegate their bulk data, such as archival files, astronomical data, meteorological data, to cloud Service providers for storage and management, but because customer data is placed in the CSP control domain, It is difficult for customers to believe that data will not be obtained and falsified by CSP or system administrators, that is, customers cannot determine whether the data stored in CSP is complete or not. However, the current network security mechanism can not meet the needs of data integrity verification under cloud storage. In view of the problem of data integrity verification in cloud storage, there are mainly two kinds of solutions: 1: 1) download the data to verify the integrity of the data, but the downloading operation of the data not only needs to pay a fee to CSP. It also takes up the user's own network bandwidth and storage space) Provable Data possessionPs (PDPs) method, which allows users not to download all data through some kind of knowledge proof protocol or probabilistic analysis method. The integrity of the whole outsourced storage data can be judged by high confidence probability only by downloading less data. However, this method only supports static data integrity verification, but not dynamic data integrity verification. For the problem that the current data integrity verification scheme does not support dynamic updates, In this paper, a new integrity verification scheme, dynamic Provable Data Possession, DPDP).DPDP scheme, which supports data dynamic updating, is proposed. The dynamic Provable Data Possession, DPDP).DPDP scheme supports the insertion, modification and deletion of data at the same time as the function of data integrity verification. In order to construct a DPDP scheme to meet the requirements of practical applications, this paper proposes a new authentication data structure, which is based on query level, which introduces the concept of query level into the authentication hop table Rank based Authenticated Skip List, R-ASL).R-ASL, and uses a new hash method. Not only can complete the data integrity verification, but also support the dynamic update of data. This paper first gives the formal definition of R-ASL and the implementation of hash method, then designs and implements the query, verification and update algorithm of R-ASL, and applies R-ASL to DPDP, and analyzes its performance experimentally. The experimental results show that the communication cost and computational cost caused by the DDP scheme are acceptable.
【學位授予單位】：東北大學
【學位級別】：碩士
【學位授予年份】：2012
【分類號】：TP333

【參考文獻】

相關期刊論文 前7條

1 徐劍;周福才;李欣陽;朱志良;;面向P2P存儲的分布式認證跳表[J];東北大學學報(自然科學版);2012年01期

2 卿斯?jié)h,周永彬,張振峰,劉娟;認證字典及其在PKI中的應用研究[J];電子學報;2004年08期

3 張敏;洪澄;陳馳;;一種服務器透明的外包數(shù)據(jù)庫查詢驗證方法[J];計算機研究與發(fā)展;2010年01期

4 咸鶴群;馮登國;;外包數(shù)據(jù)庫模型中的完整性檢測方案[J];計算機研究與發(fā)展;2010年06期

5 徐劍;陳旭;李福祥;周福才;;基于有向哈希樹的認證跳表算法[J];計算機科學;2011年09期

6 曹夕;許力;陳蘭香;;云存儲系統(tǒng)中數(shù)據(jù)完整性驗證協(xié)議[J];計算機應用;2012年01期

7 徐劍;周福才;陳旭;朱志良;;云計算中基于認證數(shù)據(jù)結構的數(shù)據(jù)外包認證模型[J];通信學報;2011年07期

，

本文編號：1910605