系統識別號 | U0002-0708202123041000 |
---|---|
DOI | 10.6846/TKU.2021.00184 |
論文名稱(中文) | 區塊鏈技術建立物聯網和雲端儲存系統資料安全機制之研究 |
論文名稱(英文) | The Security of Internet of Thing and Cloud Storage Systems Based on Blockchain |
第三語言論文名稱 | |
校院名稱 | 淡江大學 |
系所名稱(中文) | 資訊工程學系碩士班 |
系所名稱(英文) | Department of Computer Science and Information Engineering |
外國學位學校名稱 | |
外國學位學院名稱 | |
外國學位研究所名稱 | |
學年度 | 109 |
學期 | 2 |
出版年 | 110 |
研究生(中文) | 黃廷譽 |
研究生(英文) | Ting-Yu Huang |
學號 | 609410013 |
學位類別 | 碩士 |
語言別 | 繁體中文 |
第二語言別 | 英文 |
口試日期 | 2021-06-16 |
論文頁數 | 94頁 |
口試委員 |
指導教授
-
黃仁俊
委員 - 左瑞麟 委員 - 黃心嘉 委員 - 黃仁俊 |
關鍵字(中) |
物聯網 雲端儲存 區塊鏈 資料完整性 邊界運算 |
關鍵字(英) |
Internet of Thing Cloud storage Blockchain Data Integrity Edge Computing |
第三語言關鍵字 | |
學科別分類 | |
中文摘要 |
近年來物聯網技術於工作或生活各領域有廣大且普及的應用,物聯網裝置匯集了許多重要資料供人們進一步分析、研究,但礙於裝置本身運算能力有限與儲存空間不足,需要將大量資料轉移至雲端儲存中心,再供分析與應用。在雲端運算服務中,其最主要的服務之一為提供儲存空間,供使用者可以隨時隨地取得資料。雖然雲端儲存服務能有效為使用者管理資料,但卻存在雲端儲存資料完整性的安全疑慮,畢竟該系統是由第三方所管理,存在資料擁有者無法控制之潛在問題。目前雖有研究提出一些公開稽核機制,在資料上傳至雲端時,接受第三方稽核檢驗儲存之資料以確保儲存資料之完整性。第三方稽核將產生稽核記錄以供使用者與雲端進行確認、驗證,但該機制仍舊是依賴特定第三方機構稽核的模式,此第三方機構本身之營運與運作也可能存在是否足以確切確保雲端儲存資料之完整性之疑慮。本論文提出之安全機制將確保物聯網節點將資料上傳至雲端伺服器資料傳輸過程之安全以及儲存在雲端伺服器內資料的安全,以本論文方法與數位簽章技術,確保資料傳輸過程的私密性、完整性與不可否認性,並將資料相關非私密內容與各物聯網節點的簽章驗證資料寫入智能合約並發佈至區塊鏈,藉由區塊鏈採用分散式帳本與難以竄改的特性,讓區塊鏈擔任可信任第三方提供驗證資料之角色,當使用者自雲端擷取資料,安全機制會利用區塊鏈智能合約檢驗擷取資料的完整性、資料的來源,藉此提升物聯網與雲端服務整合之應用服務具有安全可以信任之資料存取功能。 |
英文摘要 |
In recent years, Internet of Things (IoT) technology has been widely used in various fields of work and our everyday life. IoT nodes collected lots of important data for further analyze and study. However, due to the limited computing power of the device itself and insufficient storage space, a large amount of data needs to be transferred to the cloud storage center for further use. In cloud computing services, one of its important services is to provide storage space for users to access data anytime and anywhere. Although cloud storage services can effectively manage data for users, there exists security concerns about the integrity of cloud storage data. After all, the cloud system is managed by a third party, and there are potential problems beyond the control of the data owner. Although some studies have proposed some public auditing mechanisms, when data is uploaded to the cloud, a third-party auditor will ensure the integrity of the stored data. The third-party auditor will generate audit records for users and cloud system to confirm and verify. But the mechanism is still relying on a specific third-party audit model, it may have doubts about whether it is sufficient to ensure the integrity of the cloud storage data. The security mechanism proposed in this paper will ensure the security of data transmission process while IoT nodes uploading data to the cloud server and the security of data stored in the cloud server. Using the method proposed in this paper and digital signature technology can ensure the privacy of the data transmission process, data Integrity and non-repudiation. The non-private content of data and the data signatures generated by IoT nodes will write into the smart contract and deployed to Blockchain. With Blockchain’s distributed ledger technology and enhanced security feature, Blockchain can provide data for verification as a trustworthy third-party provider. After user downloaded data form the cloud, the mechanism will use the content of smart contract which deployed on Blockchain to verify the integrity and source of data automatically, to enhance the security between IoT and cloud services system. |
第三語言摘要 | |
論文目次 |
第一章 前言 1 第二章 相關研究 4 2.1 相關研究議題 4 2.2 區塊鏈技術介紹 5 2.2.1 區塊鏈運作模式 7 2.3 以太坊簡介 9 2.3.1 以太坊運作模式 10 2.4 智能合約 11 2.5 橢圓曲線密碼學 12 2.5.1 橢圓曲線迪菲-赫爾曼金鑰交換 13 2.5.2 橢圓曲線數位簽章 14 第三章 論文方法 16 3-1. 初始階段 17 3-2. 上傳階段 18 3-3. 擷取階段 21 第四章 實驗結果與討論 25 4.1實驗環境 25 4.2實驗項目 26 4.3安全性討論 39 4.3.1資料私密性 39 4.3.2資料完整性、可鑑別性、可歸責性與不可否認性 39 4.3.3 區塊鏈之安全性 40 4.3.4 與TPA之安全性差異 40 第五章 結論與未來研究方向 42 參考文獻 43 附錄一 英文論文 45 圖目錄 圖1. 區塊鏈示意圖 5 圖2.傳統架構與區塊鏈架構 6 圖3.區塊鏈運作流程圖 8 圖4.以太坊手續費計算機 10 圖5.智能合約流程圖 11 圖6.數位簽章流程圖 13 圖7.ECDH協定流程圖 14 圖8.系統架構圖 16 圖10. 智能合約內容 21 圖11. 資料驗證流程圖 22 圖12.建立安全通道示意圖 27 圖13.樹莓Pi與邊界伺服器安全通道建立時間 27 圖14.邊界伺服器與伺服器建立安全通道時間 28 圖15.加密資料與產生簽章時間 29 圖16.驗證簽章與解密資料時間 30 圖17.傳送資料與簽章時間 30 圖18.接收資料與簽章時間 31 圖19.產生與驗證簽章時間 32 圖20.傳送與接收簽章時間 33 圖21.伺服器搜尋資料時間 34 圖22.傳輸與接收資料時間 35 圖23.區塊鏈搜尋智能合約時間 36 圖24.客戶端驗證資料時間 37 圖25. 樹莓Pi準備資料到完成要送出之時間 37 圖26.邊界伺服器收到樹莓Pi的資料到完成送出之時間 38 圖27. 邊界伺服器收到伺服器的資料到完成智能合約之時間 38 |
參考文獻 |
參考文獻 [1] C. Wang, S. Chow, Q. Wang, K. Ren and W. Lou, "Privacy-Preserving Public Auditing for Secure Cloud Storage", IEEE Transactions on Computers, vol. 62, no. 2, pp. 362-375, 2013. [2] B. Mahalakshmi and G. Suseendran, "An Analysis of Cloud Computing Issues on Data Integrity Privacy and its Current solutions", Research Article, pp. 467-482, 2019. [3] M. Dworkin, E. Barker, J. Nechvatal, J. Foti, L. Bassham, E. Roback and J. Dray Jr. (2001), Advanced Encryption Standard (AES), Federal Inf. Process. Stds. (NIST FIPS), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.FIPS.197 (Accessed March 26, 2021) [4] G. Gürsoy, C.M. Brannon and M. Gerstein, "Using Ethereum blockchain to store and query pharmacogenomics data via smart contracts", BMC Med Genomics 13, 74 (2020). https://doi.org/10.1186/s12920-020-00732-x [5] H. Zhu et al., "A Secure and Efficient Data Integrity Verification Scheme for Cloud-IoT Based on Short Signature," in IEEE Access, vol. 7, pp. 90036-90044, 2019, doi: 10.1109/ACCESS.2019.2924486. [6] J. Zhou, Z. Cao, X. Dong and A. V. Vasilakos, "Security and Privacy for Cloud-Based IoT: Challenges," in IEEE Communications Magazine, vol. 55, no. 1, pp. 26-33, January 2017, doi: 10.1109/MCOM.2017.1600363CM. [7] K. Christidis and M. Devetsikiotis, "Blockchains and Smart Contracts for the Internet of Things," in IEEE Access, vol. 4, pp. 2292-2303, 2016, doi: 10.1109/ACCESS.2016.2566339. [8] M. M. Lekshmi and N. Subramanian, "Data Auditing in Cloud Storage using Smart Contract," 2020 Third International Conference on Smart Systems and Inventive Technology (ICSSIT), 2020, pp. 999-1002, doi: 10.1109/ICSSIT48917.2020.9214112. [9] Q. Wang, C. Wang, K. Ren, W. Lou and J. Li, "Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing," in IEEE Transactions on Parallel and Distributed Systems, vol. 22, no. 5, pp. 847-859, May 2011, doi: 10.1109/TPDS.2010.183. [10] S. Han and J. Xing, "Ensuring data storage security through a novel third party auditor scheme in cloud computing," 2011 IEEE International Conference on Cloud Computing and Intelligence Systems, 2011, pp. 264-268, doi: 10.1109/CCIS.2011.6045072. [11] S. Hiremath and S. Kunte, "A novel data auditing approach to achieve data privacy and data integrity in cloud computing," 2017 International Conference on Electrical, Electronics, Communication, Computer, and Optimization Techniques (ICEECCOT), Mysuru, India, 2017, pp. 306-310, doi: 10.1109/ICEECCOT.2017.8284517. [12] X. Tang, Y. Huang, C. Chang and L. Zhou, "Efficient Real-Time Integrity Auditing With Privacy-Preserving Arbitration for Images in Cloud Storage System," in IEEE Access, vol. 7, pp. 33009-33023, 2019, doi: 10.1109/ACCESS.2019.2904040. [13] Y. Zhang, C. Xu, S. Yu, H. Li and X. Zhang, "SCLPV: Secure Certificateless Public Verification for Cloud-Based Cyber-Physical-Social Systems Against Malicious Auditors," in IEEE Transactions on Computational Social Systems, vol. 2, no. 4, pp. 159-170, Dec. 2015, doi: 10.1109/TCSS.2016.2517205. [14] Y. Zhang, C. Xu, H. Li and X. Liang, "Cryptographic Public Verification of Data Integrity for Cloud Storage Systems," in IEEE Cloud Computing, vol. 3, no. 5, pp. 44-52, Sept.-Oct. 2016, doi: 10.1109/MCC.2016.94. [15] Z. Xiao and Y. Xiao, "Security and Privacy in Cloud Computing," in IEEE Communications Surveys & Tutorials, vol. 15, no. 2, pp. 843-859, Second Quarter 2013, doi: 10.1109/SURV.2012.060912.00182. [16] N. Satoshi Bitcoin: A peer-to-peer electronic cash system. (2009). https://bitcoin.org/bitcoin.pdf [17] Ethereum Blockchain Whitepaper, https://ethereum.org/en/whitepaper/ [18] Smart Contract Tutorial, https://docs.soliditylang.org/en/v0.5.3/introduction-to-smart-contracts.html [19] Internet of Things – Wikipedia, https://en.wikipedia.org/wiki/Internet_of_things [20] Cloud Computing – Wikipedia, https://en.wikipedia.org/wiki/Cloud_computing [21] Edge Computing – Wikipedia, https://en.wikipedia.org/wiki/Edge_computing [22] D. Hankerson, A. Menezes, S. Vanstone, "Elliptic curve arithmetic. In: Guide to Elliptic Curve Cryptography", pp. 75–152. Springer, New York (2004). https://doi.org/10.1007/0-387-21846-7_3 |
論文全文使用權限 |
如有問題,歡迎洽詢!
圖書館數位資訊組 (02)2621-5656 轉 2487 或 來信