云端多管理者群组共享数据中具有隐私保护的公开审计方案  被引量：14

作　　者：付安民[1,2,3] 秦宁元 宋建业[1] 苏铓[1] 

机构地区：[1]南京理工大学计算机科学与工程学院,南京210094 [2]信息安全国家重点实验室(中国科学院信息工程研究所),北京100093 [3]中国科学院信息工程研究所,北京100093

出　　处：《计算机研究与发展》2015年第10期2353-2362,共10页Journal of Computer Research and Development

基　　金：国家自然科学基金项目(61202352;61572255);江苏省自然科学基金项目(BK20141404);中央高校基本科研业务费专项资金项目(30915011322)

摘　　要：随着云存储服务的广泛使用,用户数据不仅能存储在云中,并且能够由多个用户共享.为了保证云端群组共享数据的完整性,研究者提出了多项针对云端群组共享数据公开审计方案.但是,现有方案只考虑了群组用户中仅有单个群管理者的情形,并且没有考虑群组用户身份追踪过程中的陷害性问题.提出的方案中首次给出了面向多管理者群组共享数据的公开审计安全模型,并通过构造基于可撤销的群签名和(t,s)门限方案的多群管理者同态可验证群签名,设计了首个适用于多管理者群组共享数据的公开审计方案.提出的公开审计方案不仅能够实现身份隐私、可追踪性和不可陷害性等多层次的隐私保护能力,并且能很好地支持群组用户的撤销和续约.此外,方案的审计开销与群组用户数量大小无关,保证了方案的可行性和高效性.With the wide use of the cloud storage service,user data is not only stored in the cloud,but also shared among multiple users.To ensure the integrity of the shared data in the cloud,the researchers have proposed many public auditing schemes for group shared cloud data.However,the existing schemes just consider that the group users only include a single group manager without considering that multiple group managers may exist in a group simultaneously and the problem of frameability when tracing the real identity of the group user is also not taken into account.The proposed scheme gives the first public auditing security model for a group shared data with multiple managers,and constructs homomorphic authenticable group signature with multiple group managers based on revocable group signature and（t,s）secret sharing scheme,and designs the first public auditing scheme for a group shared data with multiple managers.The proposed scheme not only can achieve multi-levels privacy-preserving abilities like identity privacy, traceability and nonframeability,but also can well support group user revocation and resuming.Moreover,the overhead of the auditing does not grow with the number of the group uses,which ensures the feasibility and the efficiency of the scheme.

关 键 词：数据完整性 公开审计 隐私保护 不可陷害性 同态认证 

分 类 号：TP311[自动化与计算机技术—计算机软件与理论]