雲端儲存資料外包(outsourced)是雲端運算的服務項目中最為普遍且成熟的項目，但如何確保存放於雲端的資料的完整性(integrity)與正確性(correctness)卻是此應用推廣必須積極面對的課題。委由一個可信的第三方稽核者(Third Party Auditor)對雲端儲存資料進行稽核(auditing)機制，因其不增加使用者的負擔並同時顧及使用者的隱私(privacy)保護故是具體有效的解決方案，然而檔案資料龐大且有必須顧及資料私密性，採行Merkle hash tree予以輔助是目前常見的有效率作法，但由於使用者對檔案區塊的修正、插入與刪除等動態操作，僅直接採行Merkle hash tree依然造成整體稽核機制效能不彰，本論文提出採用Merkle hash tree的雲端儲存稽核機制在動態操作過程Merkle hash tree中子樹調整基準與進行重建之方法，使稽核機制稽核過程不僅能夠保護使用者資料，更能充分提供使用者對檔案進行有效率的動態操作，但卻不會如原來因直接採行Merkle hash tree而造成通訊成本以及使用者和稽核者計算成本增加的弱點。本論文方法適合於各種採行Merkle hash tree之稽核機制在不影響其原來稽核功能及安全性前提下，使其有效率地提供動態操作功能並增強其實用性。

Outsourcing data to cloud storage is one of the most common and mature application of all kinds of cloud services. How to verify the integrity and correctness of the user’s data in the cloud storage is a really serious problem in the cloud-based application. The general solution is to authorize a trusted third party auditor to audit the data in the cloud storage from time to time. It will be a concrete and efficient solution, if it makes no additional burden to the user and takes the user's privacy into consideration at the same time. Because of lots of data files in the cloud storage, many solutions use Merkle hash tree technique to enhance the efficiency and guaranteeing the privacy. Merkle hash tree of each data file will be askew after performing many dynamic data operations such as inserting or deleting of data block. The performances of many cloud storage public auditing schemes based on Merkle hash tree are poor by this case. The paper proposes an efficiency method to adjust Merkle hash tree in the dynamic data operation. The proposed scheme can be embedded into any cloud storage public auditing scheme based on Merkle hash tree technique. The public auditing scheme includes the proposed method will provide the dynamic operations efficiently without losing the privacy-preserving functionality.

目錄
第一章 前言 1
第二章 相關研究 5
2.1 技術簡介 5
2.2 Wang等學者方法[3]簡介 10
2.3 分析與討論Wang等學者方法[3]動態操作方法 15
第三章 論文方法 17
3.1 插入區塊 17
3.2 插入區塊 23
第四章 討論與分析 27
4.1 插入區塊之正確性分析 27
4.2 刪除區塊之正確性分析 28
4.3 動態操作效能分析 30
4.4 其他安全性分析 31
第五章 結論 33
參考文獻 34
附錄：英文論文 36

圖目錄
圖2-1：Merkle Hash Tree(當節點個數為偶數) 7
圖2-2：Merkle Hash Tree(當節點個數為奇數) 7
圖2-3：對應於檔案F之Merkle Hash Tree MHT 12
圖2-4：基本完整性驗證之通訊協定 13
圖2-5：將節點h(bi)以h(bi*)取代 14
圖3-1：在節點h(bi)後方插入節點h(b′) 18
圖3-2：MHT之初始狀態 19
圖3-3：在節點h(b3)後方插入節點h(b3′) 20
圖3-4：在節點h(b3)後方插入節點h(b3′′) 20
圖3-5：重建Merkle Hash Tree 之子樹MHT′D 21
圖3-6：在完成插入節點h(b3′)前之Merkle Hash Tree 21
圖3-7：完成插入節點h(b3′′)後之MHT′ 22
圖3-8：MHT刪除h(bi) 24
圖4-1：Merkle Hash Tree MHT 27
圖4-2：插入區塊操作後的Merkle Hash Tree MHT′ 28
圖4-3：刪除區塊操作後的Merkle Hash Tree MHT′ 29

表目錄
表2-1：本論文之符號定義 9

[1] P. Mell and T. Grance, “The NIST Definition of Cloud Computing,” NIST, Information Technology Laboratory, NIST SP 800-145, 2011. [Online] Available:  http://www.nist.gov/itl. [Accessed: Oct. 14, 2011]
[2] C. Wang, Q. Wang, K. Ren, and W. Lou, “Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing,” in Proceedings of IEEE INFORCOM conference on Computer Communications, Mar., 2010, pp. 1-9.
[3] Q. Wang, C. Wang, K. Ren, W. Lou, and J. Li, “Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing,” IEEE Transactions on Parallel and Distributed Systems, vol. 22, no.5, May, 2011.
[4] G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, “Provable data possession at untrusted stores,” Cryptology ePrint Archive, Report 2007/202, 2007. [Online] Available: http://eprint.iacr.org. [Accessed: Mar. 5, 2012]
[5] A. Juels and J. Burton S. Kaliski, “Pors: Proofs of retrievability for large files,” in Proceedings of CCS '07 the 14th ACM conference on Computer and communications security, Alexandria, VA, Oct. 2007, pp. 584–597.
[6] H. Shacham and B. Waters, “Compact proofs of retrievability,” in Proceeding of Asiacrypt '08 the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology, vol. 5350, Dec 2008, pp. 90–107.
[7] G. I., ur Rehman A., and Islam, M. H., “Cloud computing security auditing,” in Proceeding of IEEE Next Generation Information Technology (ICNIT) The 2nd International Conference, 2011, pp. 143-148.
[8] R. C. Merkle, “Protocol for Public Key Cryptosystems,” in Proceeding of IEEE Symposium on Security and Privacy ’80, pp. 122-133, 1980.
[9] D. Boneh, B. Lynn, and H. Shacham, “Short Signature from the Weil Pairing,” in Proceedings of ASIACRYPT '01 the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology, 2001, pp. 514-532.
[10] P. L. Karlton, S. H. Fuller, R. E. Scroggs, and E. B. Koehler, “Performance of Height-Balanced Trees,” Communications of the ACM, Vol. 19, no. 1, 1976, pp. 23-28.