§ 瀏覽學位論文書目資料
本論文電子全文於2017-09-14起於校外公開使用
本論文紙本於2017-09-14起公開使用
本論文紙本於2017-09-14起公開使用
| 系統識別號 | U0002-1209201615284300 |
|---|---|
| DOI | 10.6846/TKU.2016.00326 |
| 論文名稱(中文) | 雲端儲存第三方稽核策略之探討 |
| 論文名稱(英文) | Research on Third-Party Auditing Strategies for Securing Cloud Storage |
| 第三語言論文名稱 | |
| 校院名稱 | 淡江大學 |
| 系所名稱(中文) | 電機工程學系碩士班 |
| 系所名稱(英文) | Department of Electrical and Computer Engineering |
| 外國學位學校名稱 | |
| 外國學位學院名稱 | |
| 外國學位研究所名稱 | |
| 學年度 | 104 |
| 學期 | 2 |
| 出版年 | 105 |
| 研究生(中文) | 莊涵君 |
| 研究生(英文) | Han-Chun Chuang |
| 學號 | 602470188 |
| 學位類別 | 碩士 |
| 語言別 | 繁體中文 |
| 第二語言別 | |
| 口試日期 | 2016-06-17 |
| 論文頁數 | 56頁 |
| 口試委員 |
指導教授
-
莊博任
委員 - 陳省隆 委員 - 許獻聰 |
| 關鍵字(中) |
雲端儲存 隱私保護 公共稽核 |
| 關鍵字(英) |
Cloud storage Privacy preserve Public audit |
| 第三語言關鍵字 | |
| 學科別分類 | |
| 中文摘要 |
雲端儲存可以讓使用者輕易的儲存資料,但儲存在雲端伺服器的外包資料其正確性是否有被確保則是個問題,由於使用者將資料儲存到雲端後本地端的原始資料就會刪除,因此檢查這些外包資料的正確性將會是個困難的任務,因此我們需要一個高效且能夠達成公共稽核的第三方(Third-party Auditor ,TPA)來完成檢查正確性的任務,但TPA做為一個第三方,我們並不能完全信任它,我們希望TPA能夠稽核資料的正確性,同時在稽核過程中不能得知有關使用者的資料內容,因此如何設計稽核流程成為這個議題的關鍵。
在第三方稽核方案的議題中,我們需要考量的幾個要點有:方案運算時間、支持批次稽核、隱私性;過去所提出的方案裡,已有完整的第三方公開稽核流程,但其隱私性是有洩漏的可能性,雖然在近年的方案中,有人提出以遮蔽的方式來解決隱私性的問題,但我們發現這樣的方式依然存在著資料被解讀的可能性,因此我們將以過去的方案為基礎,並加以改良來補足其隱私性的缺陷。
我們以過去的方案為基本架構,並對稽核的流程做改良,透過這樣的改動,解決了過去隱私性洩漏的問題;此外我們針對無效回應的問題做出改良,使TPA在進行批次稽核時,即便有無效的回應,也不會使其運算時間上升。
我們在文中證明了TPA如何針對過去方案來破解使用者的資料,並且在同樣的攻擊模式下是無法由我們所提出的方案達到相同的目的;此外我們利用Pairing-Based Cryptography(PBC)函式庫來模擬過去方案以及我們提出的方案,並進行各種情況下的模擬,最後可看出我們所提出的方案在增進隱私性的同時,不會使得使用者、雲端伺服器、TPA這三個實體增加額外的運算時間。
|
| 英文摘要 |
Cloud storage allows users to store data easily, but whether the integrity of outsourced data stored in the cloud server is guaranteed that is a problem. Because the local data will be deleted after the user saves data to the cloud, checking the integrity of the outsourcing data will be a difficult task. We need a efficient third-party which is able to support public audit (Third-party Auditor, TPA) to complete the task of checking the data integrity, but TPA as a third party, which we can not trust it completely. We hope that TPA can audit the integrity of the data, and TPA can not learned about the user's data in the audit processes, so how to design the audit processes become the key issue. In the issue of third-party audit strateties, we need to consider few key points: the strategy computation time, supporting batch audit, and privacy protection. The proposed strategies in the past have been complete third-party audit processes, but there is the possibility of privacy leakage. Although a strategy has been proposed which blinds the parameter to solve the privacy problem in recent years, we find it still exists the possibility of data to be learned. So we will enhance the privacy protection based on past strategies. We improve the audit processes to solve the problem of privacy leakage. In addition we make improvements for the problem of invalid responses. When TPA does the batch audit, even if there exists invalid responses, it does not increase computation time. We show how the TPA learn user's data in past strategies in this paper, and in the same attack patterns TPA can not achieve the same purpose in the strategy we proposed. In addition we use Pairing-Based Cryptography (PBC) library to simulate our strategy and the strategies which are proposed in the past under the variety of situations. Finally, we can see that our strategy improves the privacy protection, at the same time doesn't increase the computation time of the three entities, the user, the server, and the TPA. |
| 第三語言摘要 | |
| 論文目次 |
目錄 第一章、緒論 1 1.1、研究動機 1 1.2、問題描述與解決方案 2 1.3、論文架構 3 第二章、相關研究背景 4 2.1、背景知識 4 2.1.1、第三方稽核架構 4 2.1.2、橢圓曲線密碼學 6 2.1.3、雙線性映射函數 7 2.2、過去的解決方案 8 2.2.1、PoR 10 2.2.2、Blind方案 14 第三章、提出之新方案 18 3.1、設計概念 18 3.2、方案流程 19 3.2.1、新方案之基本稽核流程 19 3.2.2、新方案之批次稽核流程 20 3.2.3、新方案評估 22 第四章、模擬與效能評估 23 4.1、隱私成效評估:Zero Knowledge Proof 23 4.1.1、PoR 23 4.1.2、Blind 26 4.1.3、新方案 29 4.2、運算時間評估 31 4.2.1、User運算時間 32 4.2.2、Server運算時間 34 4.2.3、Batch運算時間 35 4.2.4、無效回應運算時間 42 第五章、結論與未來展望 50 5.1、結論 50 5.2、未來展望 52 附錄 53 參考文獻 54 圖目錄 圖2.1、第三方稽核架構圖 4 圖2.2、第三方稽核流程簡圖 8 圖4.1、User運算時間比較圖 32 圖4.2、Server運算時間比較圖 34 圖4.3、PoR的單次與批次稽核時間比較圖 36 圖4.4、Blind的單次與批次稽核時間比較圖 36 圖4.5、Ours的單次與批次稽核時間比較圖 37 圖4.6、各方案單次稽核時間比較圖(c=300) 38 圖4.7、各方案批次稽核時間比較圖(c=300) 39 圖4.8、各方案單次稽核時間比較圖(c=460) 39 圖4.9、各方案批次稽核時間比較圖(c=460) 40 圖4.10、二元搜尋運算流程圖 43 圖4.11、PoR的無效回應稽核時間比較圖 45 圖4.12、Blind的無效回應稽核時間比較圖 46 圖4.13、Ours的無效回應稽核時間比較圖 46 圖4.14、各方案無效回應單次稽核時間比較圖(c=300) 47 圖4.15、各方案無效回應批次稽核時間比較圖(c=300) 48 圖4.16、各方案無效回應單次稽核時間比較圖(c=460) 48 圖4.17、各方案無效回應批次稽核時間比較圖(c=460) 49 表目錄 表2.1、ECC與RSA密鑰長度 6 |
| 參考文獻 |
[1] L. Ben, B. Dan, and S. Hanav, “Short Signature from the Weil Pairing,” J. Cryptol., vol. Vol.17,No., pp. 1–24, 2004. [2] C. Science and M. Maas, “Pairing-Based Cryptography,” no. January, 2004. [3] C. Wang, S. S. M. Chow, Q. Wang, K. Ren, and W. Lou, “Privacy-preserving public auditing for secure cloud storage,” IEEE Trans. Comput., vol. 62, no. 2, pp. 362–375, 2013. [4] Q. Wang, C. Wang, K. Ren, W. Lou, and J. Li, “Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing,” IEEE Trans. Parallel Distrib. Syst., vol. 22, no. 5, pp. 847–859, May 2011. [5] M. Venkatesh, M. R. Sumalatha, and C. Selvakumar, “Improving public auditability, data possession in data storage security for cloud computing,” Int. Conf. Recent Trends Inf. Technol. ICRTIT 2012, pp. 463–467, 2012. [6] J. Angela Jennifa Sujana and T. Revathi, “Ensuring privacy in Data Storage as a Service for educational institution in cloud computing,” Proc. - 2012 Int. Symp. Cloud Serv. Comput. ISCOS 2012, pp. 96–100, 2013. [7] T. K. Chakraborty, A. Dhami, P. Bansal, and T. Singh, “Enhanced public auditability & secure data storage in cloud computing,” Proc. 2013 3rd IEEE Int. Adv. Comput. Conf. IACC 2013, pp. 101–105, 2013. [8] L. Chen and H. Chen, “Ensuring dynamic data integrity with public auditability for cloud storage,” Proc. - 2012 Int. Conf. Comput. Sci. Serv. Syst. CSSS 2012, no. i, pp. 711–714, 2012. [9] B. Wang, B. Li, and H. Li, “Oruta: Privacy-preserving public auditing for shared data in the cloud,” IEEE Trans. Cloud Comput., vol. 2, no. 1, pp. 43–56, 2014. [10] J. Yu, K. Ren, C. Wang, and V. Varadharajan, “Enabling Cloud Storage Auditing With Key-Exposure Resistance,” IEEE Trans. Inf. Forensics Secur., vol. 10, no. 6, pp. 1167–1179, 2015. [11] R. Navajothi and S. J. A. Fenelon, “An efficient, dynamic, privacy preserving public auditing method on untrusted cloud storage,” in International Conference on Information Communication and Embedded Systems (ICICES2014), 2014, pp. 1–6. [12] K. Yang and X. Jia, “An Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud Computing,” IEEE Trans. Parallel Distrib. Syst., vol. 24, no. 9, pp. 1717–1726, Sep. 2013. [13] J. Liu, K. Huang, H. Rong, H. Wang, and M. Xian, “Privacy-Preserving Public Auditing for Regenerating-Code-Based Cloud Storage,” IEEE Trans. Inf. Forensics Secur., vol. 10, no. 7, pp. 1513–1528, 2015. [14] H. Shacham and B. Waters, “Compact Proofs of Retrievability,” in Advances in Cryptology - ASIACRYPT 2008, Berlin, Heidelberg: Springer Berlin Heidelberg, 2008, pp. 90–107. [15] “PBC Library.” [Online]. Available: https://crypto.stanford.edu/pbc/. [16] “橢圓曲線密碼學.” [Online]. Available: https://zh.wikipedia.org/wiki/%E6%A4%AD%E5%9C%86%E6%9B%B2%E7%BA%BF%E5%AF%86%E7%A0%81%E5%AD%A6. |
| 論文全文使用權限 |
如有問題,歡迎洽詢!
圖書館數位資訊組 (02)2621-5656 轉 2487 或 來信