计算机工程与应用 ›› 2018, Vol. 54 ›› Issue (1): 70-76.DOI: 10.3778/j.issn.1002-8331.1611-0339

• 大数据与云计算 • 上一篇    下一篇

一种新型的Merkle哈希树云数据完整性审计方案

苏  迪,刘竹松   

  1. 广东工业大学 计算机学院,广州 510006
  • 出版日期:2018-01-01 发布日期:2018-01-15

New type of Merkle Hash Tree for integrity audit scheme in cloud storage

SU Di, LIU Zhusong   

  1. Faculty of Computer, Guangdong University of Technology, Guangzhou 510006, China
  • Online:2018-01-01 Published:2018-01-15

摘要: 在云存储中,针对现有云数据完整性审计方案所采用的认证数据结构存在的缺陷,设计了一种二叉有序默克尔哈希树认证数据结构BO-MHT。在节点上存储数据块信息提高节点利用率;采用局部权威根节点缩短认证路径长度。通过在节点增设版本标识来维持节点信息的新鲜性;在数据持有性证明PDP模型下采用BO-MHT结构设计实现一种新型的云数据完整性审计方案。理论分析及实验结果表明,该方案较好地实现了完整性审计功能,能有效地降低计算及通信开销,并且具有较高的审计效率。

关键词: 完整性审计, 动态操作, 云存储, 版本标识, 认证数据结构

Abstract: There are some?imperfections in the authenticated data structure used for cloud data integrity audit schemes. This paper thus presents a data structure named Binary Ordered Merkle Hash Tree (BO-MHT). In order to improve the utilization efficiency, each node stores the information of data blocks. The paper uses the local authority root node to shorten the length of authentication path. A version identifier is added to maintain the freshness of information at each node. With the provable data possession model, a new integrity auditing scheme is implemented via the BO-MHT structure. Theoretical analysis and experimental results show that the proposed scheme has realized the integrity auditing function which can effectively reduce the computational and communication costs, and has a high audit efficiency.

Key words: integrity audit, dynamic operation, cloud storage, version identifier, data structure authenticated