CN103279718B - Based on the data integrity verification method of SBT during a kind of cloud stores - Google Patents

Abstract

The invention discloses the data integrity verification method based on SBT in the storage of a kind of cloud, for a kind of based on the data integrity validation scheme of node size balanced tree.The well balanced property that node size balanced tree has, better can control the height of tree, makes it level off to complete binary tree.Because on binary tree, Data Update is all relevant to the height of tree with the time complexity of inquiry, node size balanced tree has very large advantage in the efficiency of data manipulation, and the time dimension of data manipulation can be held in O (logn) by it.Node size balanced tree has good dirigibility in Data Dynamic renewal process, and when storing data in node size balanced tree, is not limited to only be stored in its leaf node, and this can reduce the storage overhead of server to a certain extent.The program, by being combined with hash function by node size balanced tree, designs the efficient verify data structure being suitable for large-scale data and dynamically updating, thus improves the efficiency of data integrity validation.

Description

Based on the data integrity verification method of SBT during a kind of cloud stores

Technical field

The invention belongs to the technical field of data security in cloud storage, more specifically say, relate to the data integrity verification method based on SBT in the storage of a kind of cloud.

Background technology

Cloud storage is extended by cloud computing concept and develops, and as a kind of Service Operation pattern having practical value and marketable value concurrently, it has caused stakeholder more and more to pay close attention to.The thinking of cloud stores service and theory for enterprise customer or personal user all attractive, but safety problem wherein also result in the worry of user.

Data integrity validation technology during cloud stores is one of gordian technique ensureing data security in cloud storage.During cloud stores, data integrity validation mechanism is based on three-party model.So-called tripartite refers to that cloud stores user, insincere server and trust data source.In three-party model, data are outsourced on external server by user, comprise a trust data source and a lot of insincere server.Wherein trust data source is complete and data that are correctly in store user, it again by data publication to each insincere server.User, when needing the data using outsourcing, only needs to access one of them or several insincere server.Because the server of accessing when user fetches data is incredible, at this moment just data integrity validation mechanism is needed to guarantee that the data that user fetches are the raw data not being tampered and forging.

The core concept of data integrity validation mechanism is the strategy adopting a kind of member's inquiry.This strategy is combined with a data structure with confirmability by the Hash table storing data, and authentication authorization and accounting data structure, makes the answer of member's inquiry have verifiability, and user can verify and show that whether accessed outsourcing data are complete whereby.Member's inquiry can abstractly be following mathematical procedure: the data abstraction of outsourcing is become a data set S=(e ₁, e ₂..., e _n), wherein e _ithe data block of a fixed size in the data of representative.So verify that the process whether a certain data block is complete can regard whether proof element x belongs to the process of data set S abstractively as, wherein x just represents the data block wanting to verify.This process is described in detail as follows on the basis of three-party model:

1), user sends an inquiry request to insincere server, and whether inquiry data element x is among data set S;

2), insincere server performs corresponding query manipulation in this locality, and answer Yes or No drawn is returned to user.Also to return " evidence " that generate in query script simultaneously;

3), user's " evidence " of being returned by insincere server, carry out a series of calculating, again draw the eigenwert of data;

4), user is by the 3rd) (this eigenwert is drawn by trust data source calculated in advance and is passed to user for the eigenwert and the data feature values in this locality that obtain in step, user is pre-stored in this locality) contrast, if the same user accepts insincere server and returns the answer come, otherwise, then refuse.

For the design of verify data structure, researchist has had some valuable investigations.Merkle proposes and adopts Merkle Hash tree to set up verify data structure.During with Merkle storage of data structure data set S, the element in S is all stored in the leaf of Hash tree T, and each node stores a label value in tree.If node is leaf node, its label value is identical with the data of its storage; Otherwise its label value is calculated by impact resistant hash function by the label value of its child nodes.The people such as Goodrich propose and adopt jumping list structure and commutative hash function to realize verify data organization plan.Jumping table is a kind of data structure with randomness, and it adopts all data of storage of linked list in lowermost layer, and in last layer chained list, element is the probability subset of its lower one deck.Tree combines with RSA one-way accumulators technology and constructs RSA and set by the people such as Tomassia, it makes point number of the height of tree and tree be all constant by introducing parameter ε, so its evidence size, to search and the time complexity verified is O (1).

By finding existing methods research, although the time complexity of data manipulation controls in O (1) on RSA tree, but need to apply complicated power-modular operation in the one-way accumulators technology that it adopts, its actual run time is also pessimistic, and RSA tree is dumb when data are inserted, may to cause the reconstruct of the structure of complexity.And based on all have employed simple and hash function efficiently in the verify data structural design of Merkle Hash tree and jumping table, but the time complexity of the data manipulation on them is all O (logn), and Merkle sets the update of not supported data.

In verify data structure in the past, Data Dynamic is upgraded to support it is not very flexible always, and improve one's methods for the major part of data structure, its structure is all confined to the model of initial Merkle Hash tree, namely in leaf node, data are stored and an intermediate node authentication storage information, this structural design makes the work improving data manipulation efficiency run into bottleneck, although equally introduce parameter just like the design of RSA tree can make it have constant height, but this design is in the storage environment of large-scale data, be easy to the reconstruct causing structure, and inapplicable therefore.

Summary of the invention

The object of the invention is to overcome the deficiencies in the prior art, based on the data integrity verification method of SBT in providing a kind of cloud to store, to improve the dirigibility that Data Dynamic upgrades, the storage overhead reducing server, improve the efficiency of data integrity validation.

For achieving the above object, based on the data integrity verification method of SBT during cloud of the present invention stores, it is characterized in that, comprise the following steps:

(1) piecemeal of, outsourcing data

The outsourcing data received from user are carried out piecemeal by trust data source, are divided into n the data block with fixed size by outsourcing data;

(2), SBT (Size Balanced Tree) structure can certification, obtain authentication structures

The full node that structure is set up based on SBT stores tree T, and full node stores tree T and has individual n node, a data block wherein in the corresponding step (1) of each node;

Each node v in tree T is stored for full node, all stores three contents:

1) the data block D of this node, is stored in _v;

2), the digest value H of this node data _v=h (D _v), wherein h is the hash function calculating digest value;

3), digest value H is combined _sum(v):

If a) node v is leaf node, then combine digest value H _sum(v)=H _v;

If b) node v is not leaf node, and only have left child nodes, then combine digest value H _sum(v)=h (H _v, H _sum(left [v])), the wherein left child nodes of left [v] representation node v, H _sumthe associating digest value of the left child nodes left [v] of (left [v]) representation node v;

If c) node v is not leaf node, and only have right child nodes, then combine digest value H _sum(v)=h (H _v, H _sum(right [v])), the wherein right child nodes of right [v] representation node v, H _sumthe associating digest value of the right child nodes right [v] of (right [v]) representation node v;

If d) node v is not leaf node, and have left and right child nodes concurrently, then combine digest value H _sum(v)=h (H _v, H _sum(left [v]), H _sum(right [v]));

Namely the digest value Digest (T) of whole outsourcing data is the associating digest value that full node stores tree T root node;

(3), data integrity validation

First outsourcing data are stored into trust data source by user, trust data source calculates the digest value Digest (T) of outsourcing data according to step (1), (2), and digest value Digest (T) value of these outsourcing data is supplied to user is stored in locality;

Then, outsourcing data and authentication structures transfer to cloud storage service provider to store by trust data source, the insincere server namely in three-party model;

When user send the inquiry of member's data arrive insincere server time, if insincere server stores in tree T at full node do not find the respective objects node v that store target data block ₀, then return the user do not found and answer No, terminate checking;

If insincere server stores in tree T at full node and finds the respective objects node v that store target data block ₀, then have recorded from destination node v ₀to head node v _laccessed path path={v ₀→ v ₁→...→ v _l-1→ v _l, wherein v ₁..., v _l-1for the node on the path of path; Now, insincere server is answered Yes to user and is returned corresponding evident information Proof={ η, π ₁, π ₂..., π _l, wherein, η is defined as:

1) if destination node v ₀leaf node, then

2) if destination node v ₀not leaf node, then:

If a) destination node v ₀only has left child nodes, then wherein left [v ₀] represent destination node v ₀left child nodes, H _sum(left [v ₀]) represent destination node v ₀left child nodes left [v ₀] associating digest value;

If b) destination node v ₀only has right child nodes, then wherein right [v ₀] represent destination node v ₀right child nodes, H _sum(right [v ₀]) represent destination node v ₀right child nodes right [v ₀] associating digest value;

If c) destination node v ₀have left and right child nodes concurrently, then for 1≤i≤l, π _ibe defined as follows:

1) if node v _i-1for left child nodes, then: its interior joint v _i-1for node v _ileft child nodes, with node v _iright child nodes right [v _i] be the brotgher of node;

2) if node v _i-1for right child nodes, then: its interior joint _vi-1for node v _iright child nodes, with node v _ileft child nodes left [v _i] be the brotgher of node;

When user receives the evident information Proof={ η that insincere server returns, π ₁, π ₂..., π _lafter, carry out following proof procedure:

1), first calculate wherein in the element η of evident information Proof;

If node v ₀be leaf node, then verify a=H _sum(v ₀) whether set up, H _sum(v ₀) at the element π of evident information Proof ₁in;

If node v ₀leaf node:

If a) node v ₀only have left child nodes, then verify h (a, H _sum(left [v ₀]))=H _sum(v ₀) whether set up

If b) node v ₀only have right child nodes, then verify h (a, H _sum(right [v ₀]))=H _sum(v ₀) whether set up

If c) node v ₀have left and right child nodes concurrently, then verify h (a, H _sum(left [v ₀]), H _sum(right [v ₀]))=H _sum(v ₀) whether set up;

2), for π _i(1≤i<l), if node v _i-1for left child nodes then calculates and verify this value and node v _iassociating digest value H _sum(v _i) whether equal, if node v _i-1for right child nodes, then calculate and verify this value and node v _iassociating digest value H _sum(v _i) whether equal, wherein H _sum(v _i) at π _i+1in;

3), for π _lif, node v _l-1for left child nodes then calculates if node v _l-1for right child nodes then calculates and the digest value Digest (T) of the outsourcing data stored before this value and user is compared;

If above all checkings are all set up, then prove that the answer that insincere server returns is correct, namely think that the data block data of institute's inquiry is complete, otherwise user then thinks that this data block data has been tampered or has forged.

Goal of the invention of the present invention is achieved in that

Data integrity verification method based on SBT during cloud of the present invention stores is a kind of data integrity validation scheme based on node size balanced tree.The well balanced property that node size balanced tree has, better can control the height of tree, makes it level off to complete binary tree.And unbalanced tree is when constantly inserting new data, probably degenerate, the height of tree cannot well control, and causes from root node to the path of a certain leafy node very long.Because on binary tree, Data Update is all relevant to the height of tree with the time complexity of inquiry, therefore compared on unbalanced tree, node size balanced tree has very large advantage in the efficiency of data manipulation, and the time dimension of data manipulation can be held in O (log n) by it.Node size balanced tree has good dirigibility in Data Dynamic renewal process, and when storing data in node size balanced tree, is not limited to only be stored in its leaf node, and this can reduce the storage overhead of server to a certain extent.The program, by being combined with hash function by node size balanced tree, designs the efficient verify data structure being suitable for large-scale data and dynamically updating, thus improves the efficiency of data integrity validation.

Accompanying drawing explanation

Fig. 1 is the schematic diagram of the three-party model that cloud stores;

Fig. 2 is the process flow diagram based on the data integrity verification method of SBT during cloud of the present invention stores;

Fig. 3 is that the full node that the present invention's structure based on SBT is set up stores a kind of instantiation schematic diagram of tree;

Fig. 4 is evidence Proof generative process figure;

Fig. 5 is that evidence Proof mono-generates example schematic;

Fig. 6 is data integrity validation process instance schematic diagram.

Embodiment

Below in conjunction with accompanying drawing, the specific embodiment of the present invention is described, so that those skilled in the art understands the present invention better.Requiring particular attention is that, in the following description, when perhaps the detailed description of known function and design can desalinate main contents of the present invention, these are described in and will be left in the basket here.

Fig. 2 is the process flow diagram based on the data integrity verification method of SBT during cloud of the present invention stores.

In the present embodiment, as shown in Figure 2, the data integrity verification method based on SBT during cloud of the present invention stores comprises step S1 ~ S3, and step (1) ~ (3) of corresponding summary of the invention, particular content is identical, does not repeat them here.

Fig. 3 is that the full node that the present invention's structure based on SBT is set up stores a kind of instantiation schematic diagram of tree.

In the present embodiment, the outsourcing data received from user are carried out piecemeal by trust data source, are divided into 6 data blocks with fixed size by outsourcing data; Then, the full node that structure is set up based on SBT stores tree T, and full node stores tree T and has 6 node, wherein each node corresponding a data block, i.e. node v _n0~ v _n5corresponding data block node v _n0for root node.

Store three contents according to each node of method v of step (2), obtain the authentication structures based on SBT as shown in Figure 3, wherein, the associating digest value H of root node _sum(v _n0) be the digest value Digest (T) of whole outsourcing data.

Fig. 4 is evident information Proof generative process figure.

As shown in Figure 4, first the generation of evident information Proof generates η, then generates π _i, until π _ltill generation, namely i≤l is false, and terminates.Generative process in its content synchronization rapid (3), does not repeat them here.

In the present embodiment, as shown in Figure 5, wherein, the data block of needs checking is the generation result of evident information Proof path={v _n4→ v _n1→ v _n0, i.e. v _n4=v ₀, v _n1=v ₁, v _n0=v ₂, substitute into step (3) and generate, obtain evident information Proof={ η, π ₁, π ₂, respective value is:

$\mathrm{\&eta;}=\left\{D_{v_{n4}}\right\};$

${\mathrm{\&pi;}}_1=\{H_{v_{n1}},H_{\mathrm{sum}}\left(v_{n3}\right),H_{\mathrm{sum}}\left(v_{n4}\right)\}$

${\mathrm{\&pi;}}_2=\{H_{v_{n0}},H_{\mathrm{sum}}\left(v_{n1}\right),H_{\mathrm{sum}}\left(v_{n2}\right)\}$

Fig. 6 is data integrity validation process instance schematic diagram.

In the present embodiment, as shown in Figure 6, first checking is calculated namely whether set up, then to π ₁verify, node v _i-1i.e. v ₀for v _n4, be right child nodes, then according to computing formula $h(H_{v_i},H_{\mathrm{sum}}\left(\mathrm{left}\right[v_i\left]\right),H_{\mathrm{sum}}\left(v_{i-1}\right))$ ? $h(H_{v_{n1}},H_{\mathrm{sum}}\left(v_{n3}\right),H_{\mathrm{sum}}\left(v_{n4}\right)),$ Right $H_{\mathrm{sum}}\left(v_{n1}\right)=h(H_{v_{n1}},H_{\mathrm{sum}}\left(v_{n3}\right),H_{\mathrm{sum}}\left(v_{n4}\right))$ Verify; Finally to π _lchecking, node v _l-1i.e. v ₁for v _n1, left child nodes, then according to computing formula $h(H_{v_l},H_{\mathrm{sum}}\left(v_{l-1}\right),H_{\mathrm{sum}}\left(\mathrm{right}\right[v_l\left]\right))$ ? $h(H_{v_{n0}},H_{\mathrm{sum}}\left(v_{n1}\right),H_{\mathrm{sum}}\left(v_{n2}\right)),$ Right $\mathrm{Digest}\left(T\right)=h(H_{v_{n0}},H_{\mathrm{sum}}\left(v_{n1}\right),H_{\mathrm{sum}}\left(v_{n2}\right))$ Verify, if all set up, then prove data integrity, otherwise authentication failed, prove that data are imperfect, be tampered or forge.

Although be described the illustrative embodiment of the present invention above; so that those skilled in the art understand the present invention; but should be clear; the invention is not restricted to the scope of embodiment; to those skilled in the art; as long as various change to limit and in the spirit and scope of the present invention determined, these changes are apparent, and all innovation and creation utilizing the present invention to conceive are all at the row of protection in appended claim.

Claims (1)

1. cloud store in based on a data integrity verification method of SBT, it is characterized in that, comprise the following steps:

(1) piecemeal of, outsourcing data

The outsourcing data received from user are carried out piecemeal by trust data source, are divided into n the data block with fixed size by outsourcing data;

(2), SBT structure can certification, obtain authentication structures

The full node that structure is set up based on SBT stores tree T, and full node stores tree T and has individual n node, a data block wherein in the corresponding step (1) of each node;

Each node v in tree T is stored for full node, all stores three contents:

1) the data block D of this node, is stored in _v;

2), the digest value H of this node data _v=h (D _v), wherein h is the hash function calculating digest value;

3), digest value H is combined _sum(v):

If a) node v is leaf node, then combine digest value H _sum(v)=H _v;

If b) node v is not leaf node, and only have left child nodes, then combine digest value H _sum(v)=h (H _v, H _sum(left [v])), the wherein left child nodes of left [v] representation node v, H _sumthe associating digest value of the left child nodes left [v] of (left [v]) representation node v;

If c) node v is not leaf node, and only have right child nodes, then combine digest value H _sum(v)=h (H _v, H _sum(right [v])), the wherein right child nodes of right [v] representation node v, H _sumthe associating digest value of the right child nodes right [v] of (right [v]) representation node v;

If d) node v is not leaf node, and have left and right child nodes concurrently, then combine digest value H _sum(v)=h (H _v, H _sum(left [v]), H _sum(right [v]));

Namely the digest value Digest (T) of whole outsourcing data is the associating digest value that full node stores tree T root node;

(3), data integrity validation

First outsourcing data are stored into trust data source by user, trust data source calculates the digest value Digest (T) of outsourcing data according to step (1), (2), and digest value Digest (T) value of these outsourcing data is supplied to user is stored in locality;

Then, outsourcing data and authentication structures transfer to cloud storage service provider to store by trust data source, the insincere server namely in three-party model;

When user send the inquiry of member's data arrive insincere server time, if insincere server stores in tree T at full node do not find the respective objects node v that store target data block ₀, then return the user do not found and answer No, terminate checking;

If insincere server stores in tree T at full node and finds the respective objects node v that store target data block ₀, then have recorded from destination node v ₀to head node v _laccessed path path={v ₀→ v ₁→...→ v _l-1→ v _l, wherein v ₁..., v _l-1for the node on the path of path; Now, insincere server is answered Yes to user and is returned corresponding evident information Proof={ η, π ₁, π ₂..., π _l, wherein, η is defined as:

1) if destination node v ₀leaf node, then

2) if destination node v ₀not leaf node, then:

If a) destination node v ₀only has left child nodes, then wherein left [v ₀] represent destination node v ₀left child nodes, H _sum(left [v ₀]) represent destination node v ₀left child nodes left [v ₀] associating digest value;

If b) destination node v ₀only has right child nodes, then wherein right [v ₀] represent destination node v ₀right child nodes, H _sum(right [v ₀]) represent destination node v ₀right child nodes right [v ₀] associating digest value;

If c) destination node v ₀have left and right child nodes concurrently, then for 1≤i≤l, π _ibe defined as follows:

1) if node v _i-1for left sibling, then: its interior joint v _i-1for node v _ileft child nodes, with node v _iright child nodes right [v _i] be the brotgher of node;

2) if node v _i-1for right node, then: its interior joint _vi-1for node v _iright child nodes, with node v _ileft child nodes left [v _i] be the brotgher of node;

When user receives the evident information Proof={ η that insincere server returns, π ₁, π ₂..., π _lafter, carry out following proof procedure:

1), first calculate wherein in the element η of evident information Proof;

If node v ₀be leaf node, then verify a=H _sum(v ₀) whether set up, H _sum(v ₀) at the element π of evident information Proof ₁in;

If node v ₀leaf node:

If a) node v ₀only have left child nodes, then verify h (a, H _sum(left [v ₀]))=H _sum(v ₀) whether set up

If b) node v ₀only have right child nodes, then verify h (a, H _sum(right [v ₀]))=H _sum(v ₀) whether set up

If c) node v ₀have left and right child nodes concurrently, then verify h (a, H _sum(left [v ₀]), H _sum(right [v ₀]))=H _sum(v ₀) whether set up;

2), for π _i(1≤i<l), if node v _i-1for left sibling then calculates and verify this value and node v _iassociating digest value H _sum(v _i) whether equal, if node v _i-1for right node then calculates and verify this value and node v _iassociating digest value H _sum(v _i) whether equal, wherein H _sum(v _i) at π _i+1in;

3), for π _lif, node v _l-1for left sibling then calculates if node v _l-1for right node then calculates and the digest value Digest (T) of the outsourcing data stored before this value and user is compared;

If above all checkings are all set up, then prove that the answer that insincere server returns is correct, namely think that the data block data of institute's inquiry is complete, otherwise user then thinks that this data block data has been tampered or has forged.