基于区块链的可审计数据分享方案  被引量：6

作　　者：王涵 王绪安[1,2] 周能[1,2] 柳玉东 WANG Han;WANG Xu’an;ZHOU Neng;LIU Yudong(College of Cryptography Engineering,Engineering University of PAP,Xi’an Shaanxi 710086,China;Key Laboratory of Network and Information Security under the PAP(Engineering University of PAP),Xi’an Shaanxi 710086,China)

机构地区：[1]武警工程大学密码工程学院,陕西西安710086 [2]网络与信息安全武警部队重点实验室(武警工程大学),陕西西安710086

出　　处：《广西师范大学学报（自然科学版）》2020年第2期1-7,共7页Journal of Guangxi Normal University:Natural Science Edition

基　　金：国家重点研发计划(2017YFB0802000);陕西省自然科学基础研究计划项目(2018JM6028);国家自然科学基金(61772550,U1636114,61572521);国家密码发展基金(MMJJ20170112)。

摘　　要：为避免存储在云端的用户数据可能被恶意损坏或者篡改,需要对云端的数据进行完整性审查。针对此问题,本文提出了一种基于区块链和默克尔哈希树的公共审计的数据共享方案,以达到对管理员权限的控制和数据的动态修改;在实现隐私保护、批量审计和降低系统资源消耗的同时,保证方案的安全性;允许用户通过第三方机构向云服务器发起数据完整性审查,然后向用户返回结果,过程中不向第三方机构泄露任何有关用户和文件的信息。安全性证明和实验结果表明,该方案在保证安全性的基础上具备较好的性能。With the rapid development of cloud computing, an increasing number of organizations and individuals store and share their data on clouds. While cloud storage brings people convenience, it also brings a series of problems at the same time. For example, the data uploaded to the cloud may be tampered and damaged. Therefore, shared data auditing has become an important issue in the field of cloud storage, attracting the attention of researchers. However, the state-of-the-art schemes cannot fully meet the performance and security requirements. Therefore, this paper proposes a public audit shared data protocol for cloud storage by using blockchain and Rank-based Merkle AVL tree(RB-MHT) to achieve privacy preserving and batch auditing to reduce system overhead as well as keeping the security of modification record in this blockchain-based scheme. For privacy preserving, the auditing signature is only related to group management during the audit process and data is blind by a random value. Furthermore, the security of the scheme is verified and its performance is evaluated through implementation. The results demonstrate that the proposed scheme is secure and efficient.

关 键 词：云计算 云存储 数据分享 隐私保护 区块链 

分 类 号：TP309.7[自动化与计算机技术—计算机系统结构]