| Cloud storage has some features: the high scalability of storage capacity and performance, without geographical constraints and pay-per-use, provides scalable, independent of location, cheap, transparent storage services for user, greatly reducing the user’s burden of data management. Cloud storage has become a faster profit growth point in cloud computing, more and more individuals and enterprises to adopt cloud storage service. But, cloud service providers are not fully trusted, the user’s datas is under security threats. Therefore, providing a mechanism that can verify the integrity of outsourced datas for user is necessary. Because the dynamics is an important feature of the data and outsourced datas will be updated frequently in a real cloud storage environment, so the user should have the ability to perform dynamic operations for their outsourced datas.However, the integrity of the data and the dynamic operations on the datas seems contradictory, how to resolve this conflict and simultaneously achieve dynamic operations and integrity verification of the data is a challenge. This thesis researches this regard,including:1. Analyzed the security of existing DPDP scheme, and found Erway’s scheme is not only to achieve dynamic data update, but also support for integrity verification after the update, the defects is that the structure of rank-based authenticated skip list is too complex. Wang’s scheme has lower efficiency while verifying the data integrity and cannot support dynamic data storage. The reason why Wang’s scheme cannot support dynamic data storage is the information that included in the auxiliary authentication information of modified Merkle Hash Tree is insufficient to authenticate the location of a data block.2. Analyzed the security of a remote data possession checking protocol proposed by Chen et al, which uses algebraic signatures technology, and found that it is easy to suffer from replay attack and deletion attack. This thesis proposed a remote data possession checking protocol with full dynamics for a single file, this protocol fixes the security vulnerabilities in Chen’s scheme by using Shacham and Waters’ s technique. This thesis gave the security proof of this protocol based on Ateniese’s security model and analyzed the performance of this protocol by experiment.3. Analyzed the existing provable data possession scheme with full dynamics for multiple replicas, and found that only a small number of provable data possession schemes for multi-replicas can support dynamic data update, and the existing provable data possession scheme with full dynamics for multiple replicas that uses “one time-one replica”is very inefficient. Based on the Multi-replicas Merkle Hash Tree, this thesis presented a provable data possession scheme with full dynamics for multiple replicas. It can efficiently verify the updates of all replicas at once by using the Multi-replicas Merkle Hash Tree. In addition, this thesis’ s scheme produces less communication overhead in dealing with the integrity verification of multiple replicas and dynamic updates. |
PDF Full Text Request