CN105787389A - Cloud file integrity public audit evidence generating method and public auditing method - Google Patents

Cloud file integrity public audit evidence generating method and public auditing method Download PDF

Info

Publication number
CN105787389A
CN105787389A CN201610118988.0A CN201610118988A CN105787389A CN 105787389 A CN105787389 A CN 105787389A CN 201610118988 A CN201610118988 A CN 201610118988A CN 105787389 A CN105787389 A CN 105787389A
Authority
CN
China
Prior art keywords
evidence
files
file
blocks
audit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610118988.0A
Other languages
Chinese (zh)
Other versions
CN105787389B (en
Inventor
冯朝胜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Normal University
Original Assignee
Sichuan Normal University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Normal University filed Critical Sichuan Normal University
Priority to CN201610118988.0A priority Critical patent/CN105787389B/en
Publication of CN105787389A publication Critical patent/CN105787389A/en
Application granted granted Critical
Publication of CN105787389B publication Critical patent/CN105787389B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • G06F21/645Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/16File or folder operations, e.g. details of user interfaces specifically adapted to file systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/1737Details of further file system functions for reducing power consumption or coping with limited storage space, e.g. in mobile devices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Human Computer Interaction (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a cloud file integrity public audit evidence generating method and a public auditing method. The cloud file integrity public audit evidence generating method comprises the steps that a cloud file is divided into file blocks; public audit labels are generated; the order of the file blocks is scrambled to form an out-of-order file, and signature evidence of all the file blocks in the out-of-order file is generated to obtain a file block signature evidence set; group hash values and hash values of all the file blocks in the out-of-order file are sequentially stored by adopting a binary-tree structure to obtain a public audit hash binary tree; public audit order-preserving evidence is generated; the public audit labels, the file block signature evidence set, the public audit order-preserving evidence and the out-of-order file are uploaded to a cloud server; when the uploaded parameters are all valid, cloud file storage outsourcing evidence is generated according to the public audit labels. According to the cloud file integrity public audit evidence generating method and the public auditing method, the auditing time is not limited, the data privacy can be guaranteed, and the auditing substituting problem is prevented from occurring.

Description

Cloud file integrality public audit evidence generates method and public audit method
Technical field
The present invention relates to cloud storage technical field, be specifically related to a kind of cloud file integrality public audit evidence and generate method and public audit method.
Background technology
For most of entity and individual, every day all generates data continuously, the storage of data become must faced by problem.The appearance of cloud computing provides a feasible solution to this problem: utilizing the cloud service delivery mode of " storage i.e. service " that with outsourcing form, file is stored Cloud Server, this type of file being stored in Cloud Server is referred to as cloud file.When needs are analyzed and process outsourcing data, it is possible to the file download of needs to this locality is carried out, it is also possible to directly the evaluation work of analyzing and processing file is contracted out to Cloud Server.Resource carries out concentrating and resource being supplied to method of service with resource pool form the cloud computing mode of user, eliminates user and manage many troubles of data so that user has only to pay close attention to the business of oneself, brings huge convenience and benefit to user.
Data storage is contracted out to while cloud service provider brings many benefits to entity and individual, also brings many safety problems, and one of them safety problem is exactly that cloud service provider may be distorted outsourcing and is stored in the data in high in the clouds.Preventing the main method that data are tampered is that cloud file is carried out integrity audit, and auditor can be data owner, it is also possible to be third party.If integrity audit work is mainly come in person by data owner and does, it is desirable to data owner is often online and its terminal has stronger computing capability, brings relatively burden to the owner.Better way is that integrity audit is contracted out to third party, and the third-party server general moment of special offer integrity auditing service is online and computing capability is stronger.But integrity audit is contracted out to third party also brings along some problems, main problem include computationally intensive, memory space require more, bandwidth consumption serious and privacy compromise.
For Completeness Design outsourcing problems faced, prior art proposes some solutions.But the subject matter that these schemes exist includes: audit number of times is limited, once number of times is finished, just cannot audit;Need auditing party's storage unit divided data;Do not support dynamic renewal;Exist and inscribe for interrogation, namely substitute target Audit data by other data.
Summary of the invention
The audit problem that number of times is limited, need auditing party's storage unit divided data, do not support dynamic renewal, there is generation examines being cloud file integrality and auditing to be solved by this invention.
The present invention is achieved through the following technical solutions:
A kind of cloud file integrality public audit evidence generates method, including: it is blocks of files by cloud file division;Generating public audit label, described public audit label includes the identification identifier of cloud file owners, the filename of cloud file, blocks of files quantity and random number;Scramble file block sequence is to form out of order file, and generates the signature evidence of each blocks of files in out of order file to obtain blocks of files signature evidence set;Employing binary tree structure stores the cryptographic Hash of group's cryptographic Hash of each blocks of files in out of order file according to the order of sequence to obtain public audit Hash binary tree;Generating public audit order-preserving evidence, described public audit order-preserving evidence includes integrity signature evidence and described public audit Hash binary tree;Described public audit label, described blocks of files signature evidence set, described public audit order-preserving evidence and out of order files passe are stored to Cloud Server;Cloud Server verifies that whether described public audit label, described blocks of files signature evidence set, described public audit order-preserving evidence and out of order file be all effective;When described public audit label, described blocks of files signature evidence set, described public audit order-preserving evidence and out of order file are all effective, Cloud Server generates cloud file storage outsourcing evidence according to described public audit label, and described cloud file is stored outsourcing evidence returns to cloud file owners and preserve.
Generating, based on above-mentioned cloud file integrality public audit evidence, the public audit evidence that method generates, the present invention also provides for a kind of cloud file integrality public audit method, including:
The public audit label of audit document is asked to Cloud Server;
Whether the public audit label of checking audit document is effective;
When the public audit label of audit document is effective, from the blocks of files sequence number of audit document, randomly choose r sequence number configuration file block sequence number set { k1,…,kr, and be that one random number of each element corresponding selection in blocks of files sequence number set is to form challenge requestSending to Cloud Server, wherein, 1≤r≤n, n is the blocks of files quantity of audit document, kiFor i-th element in blocks of files sequence number set,For the random number that i-th element in blocks of files sequence number set is corresponding, i is positive integer;
Receive described challenge request after, Cloud Server according toGenerate data integrity evidence, wherein, ProofchalFor described data integrity evidence,H () is by the character string maps hash function to multiplication loop group G, and G is rank is the multiplication loop group of Big prime p,It is k for sequence number in the out of order file of audit documentiBlocks of files,Adjoint manifold, SigαThe integrity signature evidence that (H (R)) is audit document, NPATF'For the cryptographic Hash of all nodes storage in the public audit Hash binary tree of audit document is all set to the null value Hash binary tree of sky, h'() it is by character string maps to addition cyclic group ZpHash function,It is k for sequence number in the out of order file of audit documentiThe signature evidence of blocks of files;
WillSubstituting into corresponding node in described null value Hash binary tree with cryptographic Hash corresponding to the root node of the public audit Hash binary tree of the file that is audited, wherein, h () is for being the hash function of CHAR by random length character string maps;
Judge e (H (R'), v)=e (SigαWhether (H (R)), g) set up, wherein, e is bilinear map, R' is the cryptographic Hash that the root node of the public audit Hash binary tree of audit document is corresponding, and g is the generation unit of multiplication loop group G, and v is the bilinearity public signature key of cloud file owners;
At e (H (R'), v)=e (Sigα(H (R)), when g) setting up, it is judged thatWhether set up, wherein, u is random number and u ∈ G;
?During establishment, it is judged that audit document passes through integrity checking, otherwise judges that audit document does not pass through integrity checking.
The present invention compared with prior art, has such advantages as and beneficial effect:
1, owing to real data and the evidence for carrying out auditing are stored in cloud, thus auditing party is without preserving any data;
2, existing auditing method is random default limited several evidences in cloud file, and evidence is once will be exposed by using, it is impossible to re-use, therefore each evidence is used only once, have several evidence to be just able to validate only several times.And the present invention carries out examining calender file block evidence and can't be directly returned to auditing party, it is absent from the problem that evidence exposes, it is only necessary to know that the audit of number of times do not limit by the file that outsourcing just can be stored in cloud by blocks of files quantity;
3, generating owing to the evidence of audit is based on blocks of files, after blocks of files is operated, the evidence of audit changes accordingly, thus supports the dynamic renewal of file data;
What 4, blocks of files stored in cloud out of order makes cloud service provider cannot recover file so that the actual sequence number of institute's Audit data block and the blocks of files PS of configuration file also cannot be known by public audit side, it is thus possible to guarantees the privacy of data;
5, when public audit order-preserving evidence makes to audit, each blocks of files must be sat in the right seat, if cloud service provider is played tricks, substitute audit aim blocks of files by other blocks of files, it is impossible to verified by order-preserving, i.e. e (H (R'), v)=e (Sigα(H (R)), g) can not set up, it is thus possible to prevent " generation examines " problem.
Accompanying drawing explanation
Accompanying drawing described herein is used for providing being further appreciated by the embodiment of the present invention, constitutes the part of the application, is not intended that the restriction to the embodiment of the present invention.In the accompanying drawings:
Fig. 1 is the schematic flow sheet of the cloud file integrality public audit evidence generation method of the embodiment of the present invention.
Detailed description of the invention
For making the object, technical solutions and advantages of the present invention clearly understand, below in conjunction with embodiment and accompanying drawing, the present invention is described in further detail, and exemplary embodiment and the explanation thereof of the present invention are only used for explaining the present invention, not as a limitation of the invention.
Embodiment 1
Before certain the cloud file integrality being stored in Cloud Server is carried out public audit, it is necessary first to carry out system initialization, and generate, being stored in by this cloud file in the process of Cloud Server, the integrity public audit evidence being used for integrity public audit.System initialization includes:
Cloud service provider generates the parameter for public audit and function.Specifically, definition bilinear map e:G × G → GT, G and GTThe multiplication loop group of to be all rank be Big prime p, g is the generation unit of multiplication loop group G, defines character string maps hash function H () to multiplication loop group G: { 0,1}*→ G (hereinafter referred to as group's hash function), definition is by character string maps to addition cyclic group ZpHash function h'(): { 0,1}*→Zp(hereinafter referred to as residue hash function), ZpThe addition cyclic group of to be mould be Big prime p, h () is for being the hash function of CHAR by random length character string maps.Cloud service provider is to a pair public and private key (pk of certification authority agent applicationcsp,skcsp), and by PKI pkcspOpen together with parameter defined above and function.
Cloud file owners generates the public and private key for public audit.Specifically, cloud file owners is to a pair public and private key (spk, ssk) of certification authority agent application, one random number α ∈ Z of reselectionp, calculate v ← gα, (α, gα) for bilinearity signature key pair, thus obtaining private key sk=(α, ssk) and PKI pk=(v, spk).PKI pk uploading to Cloud Server and open, system initialization completes.
Fig. 1 is the schematic flow sheet of the cloud file integrality public audit evidence generation method of the present embodiment, and described cloud file integrality public audit evidence generates method and includes:
Step S11, is blocks of files by cloud file division.
Specifically, cloud file F secret is divided into several blocks of files by client by cloud file owners.It should be noted that cloud file F can be divided into several equal-sized blocks of files, it is also possible to cloud file F is divided into several blocks of files differed in size.The blocks of files quantity of segmentation is more many, and the safety that cloud file F stores in Cloud Server is more high.In the present embodiment, illustrate so that cloud file F is divided into several equal-sized blocks of files.Those skilled in the art know how that by a cloud file division be several equal-sized blocks of files, do not repeat them here.So that cloud file F is divided into n blocks of files, according to data order, this n blocks of files is expressed as blocks of files m1..., blocks of files mi..., blocks of files mn, then cloud file F is expressed as F=(m1,…,mi,…,mn), miRepresenting the i-th blocks of files in cloud file F, i is the sequence number of blocks of files, and 1≤i≤n and i is positive integer.
Step S12, generates public audit label.
Described public audit label includes the cloud possessory identification identifier of file F, the filename of cloud file F, blocks of files quantity n and random number.Specifically, selecting random number u and u ∈ G, described public audit label is according to PALF=oid | | filename | | n | | u | | SSigssk(h (oid | | filename | | n | | u)) generates, wherein, and PALFFor described public audit label, oid is the cloud possessory identification identifier of file F, and filename is the filename of cloud file F, and SSig () is digital signature function, | | for concatenation operator.
Step S13, scramble file block sequence is to form out of order file, and generates the signature evidence of each blocks of files in out of order file to obtain blocks of files signature evidence set.
The file block sequence scramble of cloud file F is formed out of order file F'=(m1',…,mi',…,mn'), mi' for the i-th blocks of files in out of order file F'.Described blocks of files signature evidence set is according to PABPF={ σi}1≤i≤nObtain, wherein, PABPFFor described blocks of files signature evidence set, σiFor in out of order file F' i-th blocks of files signature evidence andSig () is bilinearity signature function.
Step S14, employing binary tree structure stores the cryptographic Hash of group's cryptographic Hash of each blocks of files in out of order file according to the order of sequence to obtain public audit Hash binary tree.
Specifically, calculate group's cryptographic Hash of each blocks of files, form the group sequence of hash values GH of out of order file F'F'=(H (m'1),…,H(mi'),…,H(mn′)).Group sequence of hash values GH based on out of order file F'F' according to the order of sequence generate public audit Hash binary tree leaf node data sequence LF'=(h (H (m1')),…,h(H(mi')),…,h(H(mn'))), then based on leaf node data sequence LF'Build public audit Hash binary tree PAT according to the order of sequenceF'.In the present embodiment, described public audit Hash binary tree PATF'In each non-leaf nodes there are two subtrees, the cryptographic Hash of group's cryptographic Hash of each leaf node correspondence one blocks of files of storage, the file block sequence of out of order file F' is public audit Hash binary tree PAT described in preorder traversalF'The leaf node order obtained.Certainly, the file block sequence of out of order file F' is it can also be provided that public audit Hash binary tree PAT described in postorder traversalF'The leaf node order obtained, or it is set to public audit Hash binary tree PAT described in inorder traversalF'The leaf node order obtained, this is not construed as limiting by the present invention.
Step S15, generates public audit order-preserving evidence.
Specifically, described public audit order-preserving evidence includes integrity signature evidence and described public audit Hash binary tree PATF', i.e. PASPF={ Sigα(H(R)),PATF', wherein, PASPF is described public audit order-preserving evidence, Sigα(H(R))←(H(R))αFor integrity signature evidence, R is described public audit Hash binary tree PATF'Cryptographic Hash corresponding to root node.
Step S16, stores described public audit label, described blocks of files signature evidence set, described public audit order-preserving evidence and out of order files passe to Cloud Server.
Step S17, Cloud Server verifies that whether described public audit label, described blocks of files signature evidence set, described public audit order-preserving evidence and out of order file be all effective.
Specifically, Cloud Server receives { F', PALF,PASPF,PABPFAfter, utilize PKI pk to verify its effectiveness.Wherein, the data of digital signature function SSig () are verified with general signature verification method, and the data of bilinearity signature function Sig () are then by judging e (H (mi'), v) with e (Sigα(mi'), g) whether equal it being verified, the two is equal is effective signed data.
When described public audit label, described blocks of files signature evidence set, described public audit order-preserving evidence and out of order file are all effective, perform step S18, Cloud Server generates cloud file storage outsourcing evidence according to described public audit label, and described cloud file is stored outsourcing evidence returns to cloud file owners and preserve.
Specifically, described cloud file storage outsourcing evidence according toGenerate, wherein, OSPFOutsourcing evidence is stored for described cloud file.Described cloud file is stored outsourcing evidence OSPFReturning to cloud file owners to preserve, cloud file owners receives described cloud file storage outsourcing evidence OSPFAnd after verifying that it is effectively, delete local data { F', PALF,PASPF,PABPF, so far complete the institute needed for generation cloud file integrality public audit on evidence.
Embodiment 2
After blocks of files is rewritten by cloud file owners, also change according to the file integrality public audit evidence that embodiment 1 generates.Thus the present embodiment provides another kind of cloud file integrality public audit evidence to generate method, evidence when also including rewriting blocks of files compared with embodiment 1 updates operation, and evidence during described rewriting blocks of files updates operation and includes:
Cloud file owners sends evidence to Cloud Server, and more newly requested (M, filename, j), wherein, M represents rewriting operation, and j is the blocks of files sequence number in out of order file before rewriting.Specifically, cloud file owners in Cloud Server by the blocks of files m of cloud file FiIt is modified, blocks of files miIn out of order file F', that correspondence is blocks of files m'j, i.e. blocks of files m'jFor the blocks of files before rewriting, description, uses blocks of files m'' for conveniencejRepresent revised blocks of files.
Receive described evidence more newly requested after, Cloud Server by retrieve described public audit Hash binary tree PATF'Generate H (m'j) adjoint manifold Δ j, and by undated parameter { H (mj′),Δj,Sigα(H(R)),NPATF'Return to cloud file owners, wherein, NPATF'For by described public audit Hash binary tree PATF'In all nodes storage cryptographic Hash be all set to sky null value Hash binary tree.Specifically, Cloud Server is at described public audit Hash binary tree PATF'In find sequence number to be j leaf node, thus obtaining H (mj') adjoint manifold Δ j.
Cloud file owners is by h (H (mj')) and the Δ j described null value Hash binary tree NPAT of substitutionF′In corresponding node to obtain described public audit Hash binary tree PATF'Cryptographic Hash corresponding to root node and update certification tree.
Judge Sigα(H (R'))=SigαWhether (H (R)) sets up, and wherein, R' is described public audit Hash binary tree PATF'Cryptographic Hash corresponding to root node.
At Sigα(H (R'))=SigαWhen (H (R)) sets up, the cryptographic Hash stored by the leaf node that sequence number in described renewal certification tree is j is by h (H (mj')) replace with h (H(m″j)) to form the renewal certification tree after updating, and the cryptographic Hash that the root node that obtains described renewal certification tree is corresponding.
The cryptographic Hash that root node according to described renewal certification tree is corresponding calculates the integrity signature evidence Sig α after updating (H (R ")), wherein, R " for cryptographic Hash corresponding to the root node of described renewal certification tree.
According toCalculate revised blocks of files mj" signature evidence, wherein, σ "jFor revised blocks of files mj" signature evidence.
Integrity signature evidence after renewal, the signature evidence updating certification tree and revised blocks of files after renewal are uploaded to Cloud Server and carry out corresponding data replacement.Specifically, Sig is usedα(H (R ")) replace Sigα(H (R)), with σ "jReplace σj
Embodiment 3
After blocks of files is deleted by cloud file owners, also change according to the file integrality public audit evidence that embodiment 1 generates.Thus the present embodiment provides another kind of cloud file integrality public audit evidence to generate method, evidence when also including deleting blocks of files compared with embodiment 1 updates operation, and evidence during described deletion blocks of files updates operation and includes:
Cloud file owners sends evidence to Cloud Server, and more newly requested (D, filename, j), wherein, D represents deletion action, and j is deleted file block sequence number in out of order file.Specifically, cloud file owners is by the blocks of files m of cloud file FiDelete from Cloud Server, blocks of files miIn out of order file F', that correspondence is blocks of files m'j, i.e. blocks of files m'jFor deleted file block.
Receive described evidence more newly requested after, Cloud Server by retrieve described public audit Hash binary tree PATF'Generate H (m'j) adjoint manifold Δ j, and by undated parameter { H (m'j),Δj,Sigα(H(R)),NPATF',PALFReturn to cloud file owners, wherein, NPATF'For the cryptographic Hash of all nodes storage in described public audit Hash binary tree is all set to the null value Hash binary tree of sky.Specifically, Cloud Server is at described public audit Hash binary tree PATF'In find sequence number to be j leaf node, thus obtaining H (mj') adjoint manifold Δ j.
Public audit label PAL described in cloud file owners's certificationFWhether effective.
At described public audit label PALFTime effective, cloud file owners is by h (H (mj')) and the Δ j described null value Hash binary tree NPAT of substitutionF'In corresponding node to obtain described public audit Hash binary tree PATF'Cryptographic Hash corresponding to root node and update certification tree.
Judge Sigα(H (R'))=SigαWhether (H (R)) sets up, and wherein, R' is the cryptographic Hash that the root node of described public audit Hash binary tree is corresponding.
At Sigα(H (R'))=SigαWhen (H (R)) sets up, make described renewal certification tree is pointed to the brotgher of node of leaf node that sequence number described in the pointed of the father node of the leaf node that sequence number is j is j and delete leaf node that sequence number in described renewal certification tree is j to form the renewal certification tree after renewal, calculating the cryptographic Hash that the root node of described renewal certification tree is corresponding.
The cryptographic Hash that root node according to described renewal certification tree is corresponding calculates the integrity signature evidence Sig after updatingα(H (R ")), wherein, R " for cryptographic Hash corresponding to the root node of described renewal certification tree.
According to PALF'=oid | | filename | | n-1 | | u | | SSigssk(h (oid | | filename | | n-1 | | u)) calculates the public audit label after updating, wherein, and PAL'FFor the public audit label after updating.
According toCalculate the signature evidence after the All Files block after deleted file block updates, wherein, σ 'q-1Signature evidence after updating for the q-1 blocks of files in out of order file, j+1≤q≤n and q is positive integer.
By update after public audit label, update after integrity signature evidence, deleted file block after All Files block update after signature evidence and update after renewal certification tree be uploaded to Cloud Server.
Cloud Server utilize PKI pk checking update after public audit label, update after integrity signature evidence, deleted file block after All Files block update after signature evidence and update after renewal certification tree whether all effective.
Public audit label in the updated, update after integrity signature evidence, deleted file block after All Files block update after signature evidence and renewal certification tree after updating all effectively time, carry out corresponding data and replace also basisObtain the cloud file storage outsourcing evidence after updating, and the cloud file storage outsourcing evidence after updating is returned to cloud file owners preserves, wherein, OSPF' store outsourcing evidence for the cloud file after updating.
Embodiment 4
After blocks of files is inserted by cloud file owners, also change according to the file integrality public audit evidence that embodiment 1 generates.Thus the present embodiment provides another kind of cloud file integrality public audit evidence to generate method, evidence when also including inserting blocks of files compared with embodiment 1 updates operation, and evidence during described insertion blocks of files updates operation and includes:
Cloud file owners sends evidence more newly requested (I, filename, j, m to Cloud Serverc), wherein, I represents update, and j is the blocks of files of on position sequence number in out of order file, mcFor the blocks of files being inserted into.Specifically, the blocks of files m that cloud file owners will be inserted on Cloud ServercIt is inserted into the blocks of files m of cloud file FiAfter, blocks of files miIn out of order file F', that correspondence is blocks of files mj', i.e. blocks of files mj' for the blocks of files of on position.
Receive described evidence more newly requested after, Cloud Server by retrieve described public audit Hash binary tree PATF'Generate H (mj') adjoint manifold Δ j, and by undated parameter { H (mj′),Δj,Sigα(H(R)),NPATF',PALFReturn to cloud file owners, wherein, NPATF'For the cryptographic Hash of all nodes storage in described public audit Hash binary tree is all set to the null value Hash binary tree of sky.Specifically, Cloud Server is at described public audit Hash binary tree PATF'In find sequence number to be j leaf node, thus obtaining H (mj') adjoint manifold Δ j.
Public audit label PAL described in cloud file owners's certificationFWhether effective.
When described public audit label PALF is effective, cloud file owners is by h (H (mj')) substitute into corresponding node in described null value Hash binary tree with Δ j and with cryptographic Hash corresponding to the root node obtaining described public audit Hash binary tree and update certification tree.
Judge Sigα(H (R'))=SigαWhether (H (R)) sets up, and wherein, R' is the cryptographic Hash that the root node of described public audit Hash binary tree is corresponding.
At Sigα(H (R'))=SigαWhen (H (R)) sets up, it is updated described renewal certification tree operating to obtain the renewal certification tree after updating: in described renewal certification tree, generate primary nodal point and secondary nodal point, the cryptographic Hash of group's cryptographic Hash of the blocks of files that described secondary nodal point storage is inserted into and the left and right child pointers of described secondary nodal point are all empty, making to update sequence number in certification tree described in the left pointed of described primary nodal point is the leaf node of j, make secondary nodal point described in the right pointed of described primary nodal point, make originally to point to the pointer that sequence number in described renewal certification tree is the leaf node of j to transfer to point to described primary nodal point, obtain the cryptographic Hash that the root node of described renewal certification tree is corresponding.
The cryptographic Hash that root node according to described renewal certification tree is corresponding calculates the integrity signature evidence Sig after updatingα(H (R ")), wherein, R " for cryptographic Hash corresponding to the root node of described renewal certification tree.
According to PALF'=oid | | filename | | n+1 | | u | | SSigssk(h (oid | | filename | | n+1 | | u)) obtains the public audit label after updating, wherein, and PAL'FFor the public audit label after updating.
According toCalculate the signature evidence after the All Files block after the blocks of files of on position updates, wherein, σ "qSignature evidence after updating for q-th blocks of files in out of order file, j+1≤q≤n+1 and q is positive integer, m "j+1=mc, m "p+1=mp', j+1≤p≤n.
By update after public audit label, update after integrity signature evidence, on position blocks of files after All Files block update after signature evidence and update after renewal certification tree be uploaded to Cloud Server.
Cloud Server utilize PKI pk checking update after public audit label, update after integrity signature evidence, on position blocks of files after All Files block update after signature evidence and update after renewal certification tree whether all effective.
Public audit label in the updated, update after integrity signature evidence, on position blocks of files after All Files block update after signature evidence and renewal certification tree after updating all effectively time, carry out corresponding data and replace also basisObtain the cloud file storage outsourcing evidence after updating, and the cloud file storage outsourcing evidence after updating is returned to cloud file owners preserves, wherein, OSPF' store outsourcing evidence for the cloud file after updating.
Embodiment 5
The present embodiment provides a kind of cloud file integrality public audit method, and the method is used by public audit third party, and the evidence of public audit can adopt any embodiment in embodiment 1~embodiment 4 to obtain, and described public audit method includes:
The public audit label of audit document is asked to Cloud Server.Specifically, after public audit third party obtains cloud file owners mandate, open in public audit file directory with the identification identifier oid of the cloud file owners file named, the filename filename of the cloud file (hereinafter referred to as audit document) to audit, corresponding cloud file F is selected from this document pressing from both sides again.Public audit third party sends data oid | | filename to Cloud Server to ask the public audit label PAL of cloud file FF, public audit label PAL is retrieved and returned to cloud service serverF
Whether the public audit label of checking audit document is effective.Specifically, public audit third party verifies the public audit label PAL of cloud file F with the PKI spk of cloud file ownersF.If the blocks of files quantity n and random number u of cloud file F are valid data, then verify the public audit label PAL of cloud file FFEffectively.
Public audit label PAL at audit documentFTime effective, from the blocks of files sequence number of audit document, randomly choose r sequence number configuration file block sequence number set { k1,…,kr, and be that one random number of each element corresponding selection in blocks of files sequence number set is to form challenge requestSend to Cloud Server, wherein, 1≤r≤n, kiFor i-th element in blocks of files sequence number set,For the random number that i-th element in blocks of files sequence number set is corresponding, i is positive integer.
Receive described challenge request after, Cloud Server according toGenerate data integrity evidence, wherein, ProofchalFor described data integrity evidence, It is k for sequence number in the out of order file of audit documentiBlocks of files,ΔkiForAdjoint manifold, NPATF'For the cryptographic Hash of all nodes storage in the public audit Hash binary tree of audit document is all set to the null value Hash binary tree of sky,It is k for sequence number in the out of order file of audit documentiThe signature evidence of blocks of files.
WillSubstituting into corresponding node in described null value Hash binary tree with cryptographic Hash corresponding to the root node of the public audit Hash binary tree of the file that is audited, wherein, h () is for being the hash function of CHAR by random length character string maps;
Judge e (H (R'), v)=e (Sigα(H(R)),g) whether set up, wherein, e is that bilinearity signature maps, and R' is the cryptographic Hash that the root node of the public audit Hash binary tree of audit document is corresponding.
At e (H (R'),v)=e (Sigα(H (R)), when g) setting up, it is judged thatWhether set up, wherein, u is random number and u ∈ G;
?During establishment, it is judged that audit document passes through integrity checking, and data are not tampered with, and otherwise judge that audit document does not pass through integrity checking.
Above-described detailed description of the invention; the purpose of the present invention, technical scheme and beneficial effect have been further described; it is it should be understood that; the foregoing is only the specific embodiment of the present invention; the protection domain being not intended to limit the present invention; all within the spirit and principles in the present invention, any amendment of making, equivalent replacement, improvement etc., should be included within protection scope of the present invention.

Claims (10)

1. a cloud file integrality public audit evidence generates method, it is characterised in that including:
It is blocks of files by cloud file division;
Generating public audit label, described public audit label includes the identification identifier of cloud file owners, the filename of cloud file, blocks of files quantity and random number;
Scramble file block sequence is to form out of order file, and generates the signature evidence of each blocks of files in out of order file to obtain blocks of files signature evidence set;
Employing binary tree structure stores the cryptographic Hash of group's cryptographic Hash of each blocks of files in out of order file according to the order of sequence to obtain public audit Hash binary tree;
Generating public audit order-preserving evidence, described public audit order-preserving evidence includes integrity signature evidence and described public audit Hash binary tree;
Described public audit label, described blocks of files signature evidence set, described public audit order-preserving evidence and out of order files passe are stored to Cloud Server;
Cloud Server verifies that whether described public audit label, described blocks of files signature evidence set, described public audit order-preserving evidence and out of order file be all effective;
When described public audit label, described blocks of files signature evidence set, described public audit order-preserving evidence and out of order file are all effective, Cloud Server generates cloud file storage outsourcing evidence according to described public audit label, and described cloud file is stored outsourcing evidence returns to cloud file owners and preserve.
2. cloud file integrality public audit evidence according to claim 1 generates method, it is characterized in that, in described public audit Hash binary tree, each non-leaf nodes has two subtrees, the cryptographic Hash of group's cryptographic Hash of each leaf node correspondence one blocks of files of storage, the file block sequence of out of order file is the leaf node order that public audit Hash binary tree described in preorder traversal obtains.
3. cloud file integrality public audit evidence according to claim 1 generates method, it is characterised in that described public audit label is according to PALF=oid | | filename | | n | | u | | SSigssk(h (oid | | filename | | n | | u)) generates, wherein, and PALFFor described public audit label, oid is the identification identifier of cloud file owners, filename is the filename of cloud file, n is blocks of files quantity, and u is random number and the multiplication loop group of u ∈ G, G to be rank be Big prime p, SSig () is digital signature function, ssk is the private key of cloud file owners, h () for being the hash function of CHAR by random length character string maps, | | for concatenation operator.
4. cloud file integrality public audit evidence according to claim 3 generates method, it is characterised in that described blocks of files signature evidence set is according to PABPF={ σi}1≤i≤nObtain, wherein, PABPFFor described blocks of files signature evidence set, σiFor in out of order file i-th blocks of files signature evidence andSig () is bilinearity signature function, and α is random number and α ∈ Zp, ZpThe addition cyclic group of to be mould be Big prime p, H () is by the character string maps hash function to multiplication loop group G, m 'iFor i-th blocks of files, h'(in out of order file) it is by character string maps to addition cyclic group ZpHash function, i is positive integer.
5. cloud file integrality public audit evidence according to claim 4 generates method, it is characterised in that described public audit order-preserving evidence is according to PASPF={ Sigα(H(R)),PATF'Generate, wherein, PASPFFor described public audit order-preserving evidence, Sigα(H (R)) is integrity signature evidence, PATF'For described public audit Hash binary tree, R is the cryptographic Hash that the root node of described public audit Hash binary tree is corresponding.
6. cloud file integrality public audit evidence according to claim 5 generate method, it is characterised in that described cloud file storage outsourcing evidence according to OSP F = o i d | | f i l e n a m e | | n | | u | | SSig sk C S P ( h ( o i d | | f i l e n a m e | | n | | u ) ) Generate, wherein, OSPFOutsourcing evidence, sk is stored for described cloud fileCSPPrivate key for cloud service provider.
7. cloud file integrality public audit evidence according to claim 6 generates method, it is characterised in that evidence when also including rewriting blocks of files updates operation, and evidence during described rewriting blocks of files updates operation and includes:
Sending evidence to Cloud Server, more newly requested (M, filename, j), wherein, M represents rewriting operation, and j is the blocks of files sequence number in out of order file before rewriting;
Receive described evidence more newly requested after, Cloud Server by retrieve described public audit Hash binary tree generate H (m'j) adjoint manifold Δ j, and by undated parameter { H (m'j),Δj,Sigα(H(R)),NPATF'Return to cloud file owners, wherein, m 'jFor the blocks of files before rewriting, NPATF'For the cryptographic Hash of all nodes storage in described public audit Hash binary tree is all set to the null value Hash binary tree of sky;
Cloud file owners is by h (H (m'j)) substitute into corresponding node in described null value Hash binary tree with Δ j and with cryptographic Hash corresponding to the root node obtaining described public audit Hash binary tree and update certification tree;
Judge Sigα(H (R'))=SigαWhether (H (R)) sets up, and wherein, R' is the cryptographic Hash that the root node of described public audit Hash binary tree is corresponding;
At Sigα(H (R'))=SigαWhen (H (R)) sets up, the cryptographic Hash stored by the leaf node that sequence number in described renewal certification tree is j is by h (H (m'j)) replace with h (H (m "j)) to form the renewal certification tree after updating, and the cryptographic Hash that the root node that obtains described renewal certification tree is corresponding, wherein, m "jFor revised blocks of files;
The cryptographic Hash that root node according to described renewal certification tree is corresponding calculates the integrity signature evidence Sig after updatingα(H(R”)),
Wherein, R is " for the cryptographic Hash that the root node of described renewal certification tree is corresponding;
According toCalculate the signature evidence of revised blocks of files;
Integrity signature evidence after renewal, the signature evidence updating certification tree and revised blocks of files after renewal are uploaded to Cloud Server and carry out corresponding data replacement.
8. cloud file integrality public audit evidence according to claim 6 generates method, it is characterised in that evidence when also including deleting blocks of files updates operation, and evidence during described deletion blocks of files updates operation and includes:
Sending evidence to Cloud Server, more newly requested (D, filename, j), wherein, D represents deletion action, and j is deleted file block sequence number in out of order file;
Receive described evidence more newly requested after, Cloud Server by retrieve described public audit Hash binary tree generate H (m'j) adjoint manifold Δ j, and by undated parameter { H (m'j),Δj,Sigα(H(R)),NPATF',PALFReturn to cloud file owners, wherein, m 'jFor deleted file block, NPATF'For the cryptographic Hash of all nodes storage in described public audit Hash binary tree is all set to the null value Hash binary tree of sky;
Whether public audit label described in cloud file owners's certification is effective;
When described public audit label is effective, cloud file owners is by h (H (m'j)) substitute into corresponding node in described null value Hash binary tree with Δ j and with cryptographic Hash corresponding to the root node obtaining described public audit Hash binary tree and update certification tree;
Judge Sigα(H (R'))=SigαWhether (H (R)) sets up, and wherein, R' is the cryptographic Hash that the root node of described public audit Hash binary tree is corresponding;
At Sigα(H (R'))=SigαWhen (H (R)) sets up, make described renewal certification tree is pointed to the brotgher of node of leaf node that sequence number described in the pointed of the father node of the leaf node that sequence number is j is j and delete leaf node that sequence number in described renewal certification tree is j to form the renewal certification tree after renewal, calculating the cryptographic Hash that the root node of described renewal certification tree is corresponding;
The cryptographic Hash that root node according to described renewal certification tree is corresponding calculates the integrity signature evidence Sig after updatingα(H (R ")), wherein, R " for cryptographic Hash corresponding to the root node of described renewal certification tree;
According to PAL'F=oid | | filename | | n-1 | | u | | SSigssk(h (oid | | filename | | n-1 | | u)) calculates the public audit label after updating, wherein, and PAL'FFor the public audit label after updating;
According toCalculate the signature evidence after the All Files block after deleted file block updates, wherein, σ 'q-1Signature evidence after updating for the q-1 blocks of files in out of order file, j+1≤q≤n and q is positive integer;
By update after public audit label, update after integrity signature evidence, deleted file block after All Files block update after signature evidence and update after renewal certification tree be uploaded to Cloud Server;
Whether the signature evidence after the renewal of All Files block after the public audit label after Cloud Server checking renewal, integrity signature evidence, deleted file block after renewal and the renewal certification tree after renewal be all effective;
Public audit label in the updated, update after integrity signature evidence, deleted file block after All Files block update after signature evidence and renewal certification tree after updating all effectively time, carry out corresponding data and replace also basis OSP F ′ = o i d | | f i l e n a m e | | n - 1 | | u | | SSig sk C S P ( h ( o i d | | f i l e n a m e | | n - 1 | | u ) ) Obtain the cloud file storage outsourcing evidence after updating, and the cloud file storage outsourcing evidence after updating is returned to cloud file owners preserves, wherein, OSPF' store outsourcing evidence for the cloud file after updating.
9. cloud file integrality public audit evidence according to claim 6 generates method, it is characterised in that evidence when also including inserting blocks of files updates operation, and evidence during described insertion blocks of files updates operation and includes:
Evidence more newly requested (I, filename, j, m is sent to Cloud Serverc), wherein, I represents update, and j is the blocks of files of on position sequence number in out of order file, mcFor the blocks of files being inserted into;
Receive described evidence more newly requested after, Cloud Server by retrieve described public audit Hash binary tree generate H (m'j) adjoint manifold Δ j, and by undated parameter { H (m'j),Δj,Sigα(H(R)),NPATF',PALFReturn to cloud file owners, wherein, m'jFor the blocks of files of on position, NPATF'For the cryptographic Hash of all nodes storage in described public audit Hash binary tree is all set to the null value Hash binary tree of sky;
Whether public audit label described in cloud file owners's certification is effective;
When described public audit label is effective, cloud file owners is by h (H (m'j)) substitute into corresponding node in described null value Hash binary tree with Δ j and with cryptographic Hash corresponding to the root node obtaining described public audit Hash binary tree and update certification tree;
Judge Sigα(H (R'))=SigαWhether (H (R)) sets up, and wherein, R' is the cryptographic Hash that the root node of described public audit Hash binary tree is corresponding;
At Sigα(H (R'))=SigαWhen (H (R)) sets up, it is updated described renewal certification tree operating to obtain the renewal certification tree after updating: in described renewal certification tree, generate primary nodal point and secondary nodal point, the cryptographic Hash of group's cryptographic Hash of the blocks of files that described secondary nodal point storage is inserted into and the left and right child pointers of described secondary nodal point are all empty, making to update sequence number in certification tree described in the left pointed of described primary nodal point is the leaf node of j, make secondary nodal point described in the right pointed of described primary nodal point, make originally to point to the pointer that sequence number in described renewal certification tree is the leaf node of j to transfer to point to described primary nodal point, obtain the cryptographic Hash that the root node of described renewal certification tree is corresponding;
The cryptographic Hash that root node according to described renewal certification tree is corresponding calculates the integrity signature evidence Sig after updatingα(H (R ")), wherein, R " for cryptographic Hash corresponding to the root node of described renewal certification tree;
According to PAL'F=oid | | filename | | n+1 | | u | | SSigssk(h (oid | | filename | | n+1 | | u)) obtains the public audit label after updating, wherein, and PAL'FFor the public audit label after updating;
According toCalculate the signature evidence after the All Files block after the blocks of files of on position updates, wherein, σ "qSignature evidence after updating for q-th blocks of files in out of order file, j+1≤q≤n+1 and q is positive integer, m "j+1=mc, m "p+1=m "p, j+1≤p≤n;
By update after public audit label, update after integrity signature evidence, on position blocks of files after All Files block update after signature evidence and update after renewal certification tree be uploaded to Cloud Server;
Cloud Server checking update after public audit label, update after integrity signature evidence, on position blocks of files after All Files block update after signature evidence and update after renewal certification tree whether all effective;
Public audit label in the updated, update after integrity signature evidence, on position blocks of files after All Files block update after signature evidence and renewal certification tree after updating all effectively time, carry out corresponding data and replace also basis OSP F ′ = o i d | | f i l e n a m e | | n + 1 | | u | | SSig sk C S P ( h ( o i d | | f i l e n a m e | | n + 1 | | u ) ) Obtain the cloud file storage outsourcing evidence after updating, and the cloud file storage outsourcing evidence after updating is returned to cloud file owners preserves, wherein, OSPF' store outsourcing evidence for the cloud file after updating.
10. a cloud file integrality public audit method, it is characterised in that adopting the cloud file integrality public audit evidence according to any one of claim 1 to 9 to generate the public audit evidence that method generates, described public audit method includes:
The public audit label of audit document is asked to Cloud Server;
Whether the public audit label of checking audit document is effective;
When the public audit label of audit document is effective, from the blocks of files sequence number of audit document, randomly choose r sequence number configuration file block sequence number set { k1,…,kr, and be that one random number of each element corresponding selection in blocks of files sequence number set is to form challenge requestSending to Cloud Server, wherein, 1≤r≤n, n is the blocks of files quantity of audit document, kiFor i-th element in blocks of files sequence number set,For the random number that i-th element in blocks of files sequence number set is corresponding, i is positive integer;
Receive described challenge request after, Cloud Server according to Proof c h a l = { μ , σ , { H ( m k i ′ ) , Δk i } 1 ≤ i ≤ r , Sig α ( H ( R ) ) , NPAT F ′ } Generate data integrity evidence, wherein, ProofchalFor described data integrity evidence, μ = Σ i = 1 r v k i h ′ ( m k i ′ | | k i ) ∈ Z p , σ = Π i = 1 r σ k i v k i ∈ G , H () is by the character string maps hash function to multiplication loop group G, and G is rank is the multiplication loop group of Big prime p,It is k for sequence number in the out of order file of audit documentiBlocks of files, Δ kiForAdjoint manifold, SigαThe integrity signature evidence that (H (R)) is audit document, NPATF'For the cryptographic Hash of all nodes storage in the public audit Hash binary tree of audit document is all set to the null value Hash binary tree of sky, h'() it is by character string maps to addition cyclic group ZpHash function,It is k for sequence number in the out of order file of audit documentiThe signature evidence of blocks of files;
WillSubstituting into corresponding node in described null value Hash binary tree with cryptographic Hash corresponding to the root node of the public audit Hash binary tree of the file that is audited, wherein, h () is for being the hash function of CHAR by random length character string maps;
Judge e (H (R'), v)=e (SigαWhether (H (R)), g) set up, wherein, e is bilinear map, R' is the cryptographic Hash that the root node of the public audit Hash binary tree of audit document is corresponding, and g is the generation unit of multiplication loop group G, and v is the bilinearity public signature key of cloud file owners;
At e (H (R'), v)=e (Sigα(H (R)), when g) setting up, it is judged thatWhether set up, wherein, u is random number and u ∈ G;
?During establishment, it is judged that audit document passes through integrity checking, otherwise judges that audit document does not pass through integrity checking.
CN201610118988.0A 2016-03-02 2016-03-02 Cloud file integrality public audit evidence generation method and public audit method Active CN105787389B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610118988.0A CN105787389B (en) 2016-03-02 2016-03-02 Cloud file integrality public audit evidence generation method and public audit method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610118988.0A CN105787389B (en) 2016-03-02 2016-03-02 Cloud file integrality public audit evidence generation method and public audit method

Publications (2)

Publication Number Publication Date
CN105787389A true CN105787389A (en) 2016-07-20
CN105787389B CN105787389B (en) 2018-07-27

Family

ID=56386846

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610118988.0A Active CN105787389B (en) 2016-03-02 2016-03-02 Cloud file integrality public audit evidence generation method and public audit method

Country Status (1)

Country Link
CN (1) CN105787389B (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107231370A (en) * 2017-06-23 2017-10-03 成都鼎智汇科技有限公司 A kind of data monitoring method based on cloud computing
CN107343008A (en) * 2017-07-17 2017-11-10 山东超越数控电子有限公司 A kind of data safety isolation of anti-access module leakage is with sharing implementation method
CN107612969A (en) * 2017-08-16 2018-01-19 中国民航大学 Cloud storage data integrity auditing method based on B Tree Bloom filters
CN108229208A (en) * 2018-01-08 2018-06-29 华侨大学 A kind of public audit method of more copy datas in cloud storage service
CN108418796A (en) * 2018-01-30 2018-08-17 西安电子科技大学 Method, the cloud storage system of the more copy integrity verifications of cloud data and associated deletion
CN109583229A (en) * 2018-10-30 2019-04-05 中国科学院信息工程研究所 A kind of privacy information is traced to the source evidence collecting method, apparatus and system
CN109586896A (en) * 2018-11-14 2019-04-05 陕西师范大学 A kind of data integrity verification method based on Hash prefix trees
CN109688103A (en) * 2018-11-09 2019-04-26 杭州安恒信息技术股份有限公司 The auditable encryption storage method of one kind and system
CN110912706A (en) * 2019-11-15 2020-03-24 东北大学 Identity-based dynamic data integrity auditing method
CN110958116A (en) * 2019-12-06 2020-04-03 中山大学 Multi-copy cloud data integrity auditing method based on lattice signature
CN111898164A (en) * 2020-07-02 2020-11-06 武汉纺织大学 Data integrity auditing method supporting tag block chain storage and query
CN115037507A (en) * 2022-04-22 2022-09-09 京东科技控股股份有限公司 Method, device and system for user access management

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103067363A (en) * 2012-12-20 2013-04-24 华中科技大学 Index conversion method for public data integrity checking
CN103218574A (en) * 2013-04-09 2013-07-24 电子科技大学 Hash tree-based data dynamic operation verifiability method
CN105072086A (en) * 2015-07-06 2015-11-18 武汉科技大学 Cloud-storage batch auditing method based on MapReduce
CN105095794A (en) * 2015-07-20 2015-11-25 武汉科技大学 Verification method for dynamic cloud data integrity based on balanced Merkle Hash tree

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103067363A (en) * 2012-12-20 2013-04-24 华中科技大学 Index conversion method for public data integrity checking
CN103218574A (en) * 2013-04-09 2013-07-24 电子科技大学 Hash tree-based data dynamic operation verifiability method
CN105072086A (en) * 2015-07-06 2015-11-18 武汉科技大学 Cloud-storage batch auditing method based on MapReduce
CN105095794A (en) * 2015-07-20 2015-11-25 武汉科技大学 Verification method for dynamic cloud data integrity based on balanced Merkle Hash tree

Cited By (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107231370A (en) * 2017-06-23 2017-10-03 成都鼎智汇科技有限公司 A kind of data monitoring method based on cloud computing
CN107343008A (en) * 2017-07-17 2017-11-10 山东超越数控电子有限公司 A kind of data safety isolation of anti-access module leakage is with sharing implementation method
CN107612969A (en) * 2017-08-16 2018-01-19 中国民航大学 Cloud storage data integrity auditing method based on B Tree Bloom filters
CN107612969B (en) * 2017-08-16 2020-01-14 中国民航大学 B-Tree bloom filter-based cloud storage data integrity auditing method
CN108229208B (en) * 2018-01-08 2021-03-23 华侨大学 Public auditing method for multi-copy data in cloud storage service
CN108229208A (en) * 2018-01-08 2018-06-29 华侨大学 A kind of public audit method of more copy datas in cloud storage service
CN108418796A (en) * 2018-01-30 2018-08-17 西安电子科技大学 Method, the cloud storage system of the more copy integrity verifications of cloud data and associated deletion
CN109583229A (en) * 2018-10-30 2019-04-05 中国科学院信息工程研究所 A kind of privacy information is traced to the source evidence collecting method, apparatus and system
CN109583229B (en) * 2018-10-30 2021-05-11 中国科学院信息工程研究所 Privacy information tracing and evidence obtaining method, device and system
CN109688103B (en) * 2018-11-09 2021-07-16 杭州安恒信息技术股份有限公司 Auditable encryption storage method
CN109688103A (en) * 2018-11-09 2019-04-26 杭州安恒信息技术股份有限公司 The auditable encryption storage method of one kind and system
CN109586896A (en) * 2018-11-14 2019-04-05 陕西师范大学 A kind of data integrity verification method based on Hash prefix trees
CN109586896B (en) * 2018-11-14 2021-09-03 陕西师范大学 Data integrity verification method based on Hash prefix tree
CN110912706A (en) * 2019-11-15 2020-03-24 东北大学 Identity-based dynamic data integrity auditing method
CN110912706B (en) * 2019-11-15 2021-08-03 东北大学 Identity-based dynamic data integrity auditing method
CN110958116A (en) * 2019-12-06 2020-04-03 中山大学 Multi-copy cloud data integrity auditing method based on lattice signature
CN110958116B (en) * 2019-12-06 2021-02-26 中山大学 Multi-copy cloud data integrity auditing method based on lattice signature
CN111898164A (en) * 2020-07-02 2020-11-06 武汉纺织大学 Data integrity auditing method supporting tag block chain storage and query
CN111898164B (en) * 2020-07-02 2024-03-29 武汉纺织大学 Data integrity auditing method supporting label block chain storage and query
CN115037507A (en) * 2022-04-22 2022-09-09 京东科技控股股份有限公司 Method, device and system for user access management
CN115037507B (en) * 2022-04-22 2024-04-05 京东科技控股股份有限公司 User access management method, device and system

Also Published As

Publication number Publication date
CN105787389B (en) 2018-07-27

Similar Documents

Publication Publication Date Title
CN105787389A (en) Cloud file integrity public audit evidence generating method and public auditing method
CN108039943B (en) Verifiable encryption searching method
CN106301789A (en) Apply the dynamic verification method of the cloud storage data that linear homomorphism based on lattice signs
CN106254374B (en) A kind of cloud data public audit method having duplicate removal function
CN103268460B (en) A kind of cloud integrity of data stored verification method
CN104978239B (en) A kind of method, apparatus and system realizing more Backup Data dynamics and updating
CN110300112A (en) Block chain key tiered management approach
CN105760781B (en) The storage method, restoration methods and operating method of large data files can be deduced in order
CN111130757A (en) Multi-cloud CP-ABE access control method based on block chain
Pulls et al. Balloon: A forward-secure append-only persistent authenticated data structure
CN105007284B (en) With the public audit method of secret protection in multi-manager group shared data
CN109088719B (en) Outsourced database multi-key word can verify that cipher text searching method, data processing system
CN109586896A (en) A kind of data integrity verification method based on Hash prefix trees
CN104392185B (en) The method that data integrity validation is realized in cloud environment daily record evidence obtaining
CN106612174A (en) Data security verification and updating method supporting third-party administrator (TPA) in mobile cloud computing
CN109903450B (en) Electronic voting method and system
CN106027240A (en) Key isolation signing method based on attribute
CN108123934A (en) A kind of data integrity verifying method towards mobile terminal
CN107707354A (en) A kind of cloud storage data verification method and system based on elliptic curve cryptography
CN110908959A (en) Dynamic searchable encryption method supporting multi-keyword and result sorting
CN106611136A (en) Data tampering verification method in cloud storage
CN106790311A (en) Cloud Server stores integrality detection method and system
CN113344222A (en) Safe and credible federal learning mechanism based on block chain
CN107094075A (en) A kind of data block dynamic operation method based on convergent encryption
CN107612969A (en) Cloud storage data integrity auditing method based on B Tree Bloom filters

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant