系統識別號 | U0002-1708201610141600 |
---|---|
DOI | 10.6846/TKU.2016.00455 |
論文名稱(中文) | 雲端儲存與計算服務的稽核研究 |
論文名稱(英文) | Auditing Study for Cloud Storages and Cloud Computations |
第三語言論文名稱 | |
校院名稱 | 淡江大學 |
系所名稱(中文) | 資訊工程學系資訊網路與多媒體碩士班 |
系所名稱(英文) | Master's Program in Networking and Multimedia, Department of Computer Science and Information Engine |
外國學位學校名稱 | |
外國學位學院名稱 | |
外國學位研究所名稱 | |
學年度 | 104 |
學期 | 2 |
出版年 | 105 |
研究生(中文) | 李宗霖 |
研究生(英文) | Tsung-Lin Li |
學號 | 603420109 |
學位類別 | 碩士 |
語言別 | 英文 |
第二語言別 | |
口試日期 | 2016-07-07 |
論文頁數 | 60頁 |
口試委員 |
指導教授
-
黃心嘉(sjhwang@gms.tku.edu.tw)
委員 - 賴義鵬(yopolai@gmail.com) 委員 - 左瑞麟(tsoraylin@gmail.com) 委員 - 黃仁俊(victor@gms.tku.edu.tw) |
關鍵字(中) |
個人隱私保護 公開稽核 行動裝置上的雲端儲存 雲端儲存 Merkle雜湊樹 雲端計算 數位簽章 |
關鍵字(英) |
Identity privacy-preserving public auditing mobile cloud storage cloud storage Merkle hash trees cloud computing digital signature schemes |
第三語言關鍵字 | |
學科別分類 | |
中文摘要 |
對於雲端計算服務以及雲端儲存服務而言,稽核是相當重要的。其中,行動裝置上對於雲端儲存服務的稽核方法必須支持動態群組以及個人隱私保護。為了達到個人身分隱私保護,Yu 等學者提出他們支援動態群組的方法。然而,我們針對動態群體的攻擊明確指出他們的方法,當群體成員與群體金鑰變動時、無法滿足前向與後向的安全性要求。為了改正這個安全缺失,提出我們的第一個方法,除了前向與後向的安全性要求外,還提供最大化的個人身分隱私保護。 對於雲端計算稽核方面,Wei等學者提出他們的雲端計算稽核方法。然而,他們針對攻擊者的行為假設是不實際的。移除不實際的假設後,將導致稽核所需的數量大增,稽核者的計算需求將變得龐大,導致可能無法在合理的時間內回應稽核結果。同時,發現不正確的計算結果的稽核機率也無法達到使用者的要求。針對改善線上稽核的效能或是稽核機率,我們提出一些策略有效地增加稽核驗證子的數量,透過稽核驗證子數量增加,可以改善效能或是稽核的機率。我們的策略利用了離線計算或是利用雲端計算伺服器計算能力,藉以提升線上稽核效能和稽核機率。根據我們的效能分析與探討,我們的策略不只是提升線上效能,也能用來提升線上稽核機率。 |
英文摘要 |
Auditing is important both for cloud computing services and cloud storage services. The audit scheme of cloud storage services for mobile devices should support dynamic groups and identity privacy protection. To audit uploading files for the dynamic mobile groups, Yu et al. proposed their scheme to protect identity-privacy. However, our dynamic group attacks shows that their scheme does not satisfy the forward and backward privacy for the group secret key change after some members leave. To provide forward and backward privacy for the group secret keys, our first protocol is proposed. Besides, our protocol provides the maximal identify-privacy protection. For cloud computation, Wei et al. proposed their cloud computation auditing scheme. However, their assumption about the adversary’s behaviors is impractical. After removing this impractical assumption, auditors’ computation load becomes so heavy that auditors may not return the auditing results in reasonable time. The probability of finding out incorrect computed results cannot reach the users’ requirement. To improve the on-line audit performance or probability, some improving strategies are proposed to increase the number of auditors efficiently. Then the increase of the number of auditors will improve either audit performance or audit probability. Our strategies utilize the off-line computation and cloud computation server help to improve the online audit performance and the audit probability. According to our performance analysis and the discussion, our strategies improve not only the online audit performance but also the audit probability for cloud computation. |
第三語言摘要 | |
論文目次 |
Table of Content Chapter 1 Introduction 1 Chapter 2 Review 5 2.1 Yu et al.’s Identity Privacy-Preserving Public Auditing Protocol for Dynamic Groups 5 2.2 Security Assumptions for Our Identity-Privacy Public Auditing Supporting Dynamic Groups for Mobile Cloud Storages 8 2.3 System Model, Assumptions, and Security Requirements for Our Auditing Strategies 9 2.4 Merkle Hash Trees 12 2.5 Threat Model and Secure Cloud Computation Auditing Requirement 13 Chapter 3 Our Identity-Privacy Public Auditing Supporting Dynamic Groups for Mobile Cloud Storage 15 3.1 Dynamic Group Weakness in Yu et al.’s Scheme 15 3.2 Our New Protocol 16 Chapter 4 Security Analysis for Our Identity-Privacy Public Auditing Supporting Dynamic Groups for Mobile Cloud Storage 22 Chapter 5 Our Cloud Computation Auditing Strategies 27 5.1 Our Brief Cloud Computation Delegation and Auditing Scheme 27 5.2 The Off-Line Easy-Auditor Improving Strategy 30 5.3 The Function-Based Improving Strategy 32 5.4 The Mixed Improving Strategy 36 Chapter 6 Probability/Performance Analysis and Discussion for Our Auditing Strategies 41 6.1 Probability Analysis 41 6.2 Discussions about Probability Analysis 43 6.3 Performance Analysis 43 6.4 Discussions about Performance Analysis 46 Chapter 7 Conclusions 48 References 49 Appendix 53 List of Tables Table 1: The Notations of Our Protocol 17 Table 2: The Notations of Our Auditing Strategies 27 Table 3: Relationship among the Parameters k, |
參考文獻 |
[1] M. Arrington, “Gmail Disaster: Reports of Mass Email Deletions (2006)”, https://techcrunch.com/2006/12/28/gmail-disaster-reports-of-mass-email-deletions/. [2] M. Belenkiy, M. Chase, C. Erway, J. Jannotti, A. Küpçü, and A. Lysyanskaya, “Incentivizing Outsourced Computation,” Proceedings of the 3rd International Workshop on Economics of Networked Systems, Seattle, WA, USA, August 17-22, 2008, pp.85-90. [3] H. Canepa and D. Lee, “A Virtual Cloud Computing Provider for Mobile Devices,” Proceeding of 1st ACM Workshop on Mobile Cloud Computing and Services Social Networks and Beyond (MCS 2010), Vol. 6. ACM Digital Library, San Francisco, 2010. [4] R. Canetti, B. Riva, and G. Rothblum, “Verifiable Computation with Two or More Clouds,” Workshop on Cryptography and Security in Clouds, Zurich, Switzerland, March 15-16, 2011. [5] W. Diffie, and M.E. Hellman, “New directions in cryptography,” IEEE Transactions on Information Theory, Vol. 22, Issue 6, pp. 644-654, Nov. 1976. [6] H.T. Dinh, C. Lee, D. Niyato, and P. Wang, “A Survey of Mobile Cloud Computing: Architecture, Applications, and Approaches,” Wireless Communication and Mobile Computing, Vol. 13, No. 8, pp. 1587-1611, 2013. [7] N. Fernando, S.W. Loke, and W. Rahayu, “Mobile Cloud Computing: A Survey,” Future Generation Computer Systems , Vol. 29, pp. 84-106, 2013. [8] R. Gennaro, C. Gentry and B. Parno, “Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers,” 30th International Cryptology Conference (CYPTO 2010), Santa Barbara, California, USA, August 15-19, 2010, pp.465.482. [9] P. Golle and I. Mironov, “Uncheatable Distributed Computations,” The Cryptographers’ Track at RSA Conference 2001, San Francisco, CA, USA, April 8-12,2001, pp.425-440. [10] D. Huang, T. Xing, and H. Wu, “Mobile Cloud Computing Service Models: A User-centric Approach,” IEEE Network, Vol. 27, No. 5, pp. 6–11, 2013. [11] K. Kumar and Y.H. Lu, “Cloud Computing for Mobile Users: Can Offloading Computation Save Energy? ” IEEE Journal Computer, Vol. 43, No. 4, pp. 51-56, 2010. [12] M. Krigsman, “Apples MobileMe Experiences Post-launch Pain (2008),” http://www.zdnet.com/article/apples-mobileme-experiences-post-launch-pain/. [13] P. Mell and T. Grance, “Draft NIST Working Definition of Cloud Computing (2009),” http://csrc.nist.gov/groups/SNS/cloud-computing/index.html. [14] F. Monrose, P. Wycko, and A. Rubin, “Distributed Execution with Remote Audit,” Proceedings of the Network and Distributed Systems Security Symposium (NDSS), San Diego, California, USA, 1999, pp.103-113. [15] B.P. Rimal, E. Choi, and I. Lumb, “A Taxonomy and Survey of Cloud Computing Systems,” Proceeding of 5th International Joint Conference of INC, IMS and IDC, NCM 2009, Seoul, Korea, IEEE Press, 2009, pp. 44-51. [16] A. Sadeghi, T. Schneider, and M. Winandy, “Token-based Cloud Computing: Secure Outsourcing of Data and Arbitrary Computations with Lower Latency,” Trust and Trustworthy Computing, Berlin, Germany, June 21-23, 2010, pp.417-429. [17] C.P. Schnorr, “Efficient Signature Generation by Smart Cards,” ACMJournal of Cryptology, Vol.4, Issue 3, pp.161-174, 1991. [18] M. Shiels. “Phone Sales Hit by Sidekick Loss (2009),” http://news.bbc.co.uk/2/hi/technology/8303952.stm. [19] B. Wang, B. Li, and H. Li, “Knox: Privacy-Preserving Auditing for Shared Data with Large Groups in the Cloud,” Applied Cryptography and Network Security (ACNS 2012), LNCS 7341, Heidelberg: Springer, 2012, pp. 507–525. [20] B. Wang, B. Li, and H. Li, “Oruta: Privacy-Preserving Auditing for Shared Data in the Cloud,” Proceeding of IEEE 5th International Conference on Cloud Computing (IEEE Cloud 2012), Honolulu, HI, USA, June 24-29, 2012, pp. 295–302. [21] B. Wang, B. Li, and H. Li, “Privacy-Preserving Public Auditing for Shared Cloud Data Supporting Group Dynamics,” Proceeding of IEEE International Conference on Communications(ICC 2013), Budapest, Hungary, June 9-13, 2013, pp. 1946-1950. [22] C. Wang, S. S. M. Chow, Q. Wang, K. Ren, and W. Lou, “Privacy-Preserving Public Auditing for Secure Cloud Storage,” IEEE Transactions on Computers, Vol. 62, No. 2, pp. 362–375, 2013. [23] C. Wang, K. Ren, W. Lou, and J. Li, “Toward Public Auditable Secure Cloud Data Storage Services,” IEEE Network, Vol. 24, No. 4, pp. 19-24, 2010. [24] Q. Wang, C. Wang, K. Ren, W. Lou, and J. Li, “Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing,” Proceeding of ESORICS 2009, Saint Malo, France, Sep. 21-25, 2009, pp. 355-370. [25] Q. Wang, C. Wang, K. Ren, W. Lou, and J. Li, “Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing,” IEEE Transactions on Parallel Distributed Systems, Vol. 22, No. 5, pp. 847-859, 2012. [26] L. Wei, H. Zhu, Z. Cao, W. Jia, and A. Vasilakos, “Seccloud: Bridging Secure Storage and Computation in Cloud,” 30th International Conference on Distributed Computing Systems Workshops (IEEE ICDCSW 2010), Genova, Italy, June 21-25, 2010. [27] L. Wei, H. Zhu, Z. Cao, W. Jia, X. Dong, W. Jia, Y. Chen, and A. Vasilakos, “Security and Privacy for Storage and Computation in Cloud Computing,” Information Sciences,Vol.258, pp.371-386 , Feb. 2014. [28] K. Yang and X. Jia, “An Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud Computing,” IEEE Transactions on Parallel Distributed Systems, Vol. 24, No. 9, pp. 1717–1726, 2013. [29] Y. Yu, Y. Mu, J. Ni, J. Deng, and K. Huang, “Identity Privacy-Preserving Public Auditing with Dynamic Group for Secure Mobile Cloud Storage,” International Conference, NSS, Springer International Publishing, 2014, pp.28-40 [30] Y. Zhu, H. Hu, G.J. Ahn, and S. Stephen, “Yau: Efficient Audit Service Outsourcing for Data Integrity in Clouds,” Journal of Systems and Software, Vol. 85, No. 5, pp.1083-1095, 2012. [31] Y. Zhu, H. Hu, G.J. Ahn, and M. Yu, “Cooperative Provable Data Possession for Integrity Verification in Multicloud storage,” IEEE Transactions on Parallel Distributed Systems, Vol. 23, No. 12, pp. 2231-2244, 2012. [32] Y. Zhu, S.B. Wang, G.J. Ahn, and D. Ma, “Secure Collaborative Integrity Verification for Hybrid Cloud Environments,” International Journal of Cooperative Information Systems, Vol. 21, No. 3, pp. 165-198, 2012. |
論文全文使用權限 |
如有問題,歡迎洽詢!
圖書館數位資訊組 (02)2621-5656 轉 2487 或 來信