| Cloud computing as an innovative information technology,has attracted the attention of many small and medium-sized enterprises and individuals due to its powerful storage capability,computing capability,and pay-on-demand service.Users migrate their local data to the cloud,which releases the pressure of users on local storage management.However,the frequent cloud data security incidents in recent years have reduced the public's trust in cloud service providers,which limits the application of cloud computing.Therefore,in order to detect whether the data stored by the user on the cloud server is complete and available,a series of cloud data integrity auditing schemes have been proposed.This thesis analyzes and improves some existing auditing schemes,and provides a solution to an issue that has not been considered in the existing schemes.The specific research contents as follows:(1)We improve a data integrity auditing scheme which was proposed by He.He's scheme not only overcomes the defect that the most existing auditing schemes based on elliptic curve cryptography without privacy-preserving,but also does not have the problems of certificate management and key custody by adopting certificateless cryptography.However,Liao pointed out a malicious cloud server can delete or modify the data without being discovered by the verifier in the scheme but did not give an improvement.To resist attacks,we make an improvement in the tag generation phase and the auditing phase.The new scheme supports all the features of the original scheme,and which is proven to be secure under the random oracle model.(2)We analyze a public auditing scheme in fog-to-cloud computing which was proposed by Tian.The scheme is the first data auditing scheme for fog-to-cloud computing scenarios.We analyze its security and give two attacks.These attacks show that the malicious cloud server deletes or modifies data can forge a valid response to pass the verifier's verification,thus making he/she believes that the data is intact.Finally,a simple but effective improvement is given,which makes the scheme able to resist the two attacks mentioned above,and supports all the features of the original scheme.(3)We propose a public auditing scheme for compound data.At present,the existing shared data auditing schemes only support one way of data generation,and most of them only support data generated independently by group members,and the others only support data generated by a fixed number of group members' cooperation.In view of the above deficiency,a public auditing scheme supports compound data is proposed.In our scheme,the data upload each time can be produced by the cooperation of any number of group members or independently by the group members.In addition,the auditing requirements of shared data in our scheme can be met effectively,includes data privacy protection,identity privacy protection,and identity traceability. |
PDF Full Text Request