Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Cloud auditing method with lightweight user dynamic revocation and data dynamic update

A dynamic update and lightweight technology, applied in key distribution, can solve the problems that cloud storage data cannot be updated dynamically in real time, users and their public and private keys remain unchanged, etc.

Active Publication Date: 2018-01-09
趣橙(上海)信息技术有限公司
View PDF5 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] In order to solve the technical problems that the existing cloud audit method is limited to individuals and enterprises during the whole process of using the cloud storage system, users and their public and private keys remain unchanged, and cloud storage data cannot be dynamically updated in real time, the present invention provides a lightweight A public cloud audit method in which users can dynamically revoke and stored data can be dynamically updated

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cloud auditing method with lightweight user dynamic revocation and data dynamic update
  • Cloud auditing method with lightweight user dynamic revocation and data dynamic update
  • Cloud auditing method with lightweight user dynamic revocation and data dynamic update

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0085] Example 1: In a certain period of time, only one user manages the data. When the user's term of office ends, a new user is replaced to continue to manage the data (the dynamic revocation of an individual user can be regarded as the same user changing the public and private keys in different periods right). Record different users as U in chronological order 0 ,U 1 ,...,U s , and the corresponding term is denoted as T 0 , T 1 ,...,T s . Initially, the initial user U 0 Block the file F and use its own private key to calculate the authentication label of all data blocks (It represents the initial user U 0 For data block m i certification label). When U 0 After the term ends, U 1 will replace U 0 Continue to manage data, and so on, when U j-1 By U j After replacing, U j will compute the re-signature key k j-1→j , and send it to the CSP, which replaces the newly appointed user U j Implement proxy re-signature. During each user's tenure, he can perform real...

Embodiment 2

[0086] Embodiment 2: The present invention involves three parties: cloud service provider CSP, third-party audit TPA, user U (responsible for managing company data and uploading it to CSP), considering that the company's data manager U is unlikely to be in a certain position for a long time There may be personnel changes at any time due to reasons such as promotion or resignation, and the present invention uses U 0 ,U 1 ,...,U s to represent users who are dynamically replaced in chronological order, T 0 , T 1 ,...,T s Indicates the tenure of each user.

[0087] The open cloud auditing method provided by the present invention can be dynamically revoked by lightweight users and dynamically updated in several steps, and specifically includes the following steps:

[0088] 1) Initialization: Input the security parameter λ, assign a value to δ at the same time, and the system outputs the public parameter {G 1 ,G 2 ,p,g,e,h 1 ,H 2 ,h,u,ρ}, where G 1 , G 2 is the cyclic mul...

Embodiment 3

[0129] Embodiment 3: In the traditional method, the authentication tag of the data block contains the real index of the data block, and the dynamic update efficiency of cloud data is not high, such as image 3 As shown (the left (a) is inserting a data block, and the right (b) is deleting a data block), if a data block is inserted or deleted, the indexes of all data blocks after this data block will change, even if these data blocks The content has not changed, and users must still recompute their authentication tags for blocks whose index changes. In order to reduce the communication overhead, computing overhead and user burden of the system, the present invention introduces a virtual index, which can ensure that all data blocks are sorted in the correct order, for example: if η i j , then data block m j in data block m i behind. Define data block m i The initial virtual index is η i =i·ρ, ρ=2 δ (δ∈N + ), ρ represents the step size, and the selection of δ is related to...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a cloud auditing method with lightweight user dynamic revocation and data dynamic update. First of all, a user can implement efficient dynamic revocation (including replacementof public and private keys), and in a user revocation stage, multiple one-way proxy re-signature technologies are adopted, and a new user only needs to compute a re-signature key and does not need todownload a data re-signature from a cloud end and then upload to the cloud end; then, the data can be guaranteed to be updated (inserted, deleted and modified) dynamically in real time, and by introducing a virtual index to identity recognition codes of data blocks, when the data are updated dynamically, only the identity recognition codes of the updated data blocks change and the identity recognition codes of the rest data blocks remain unchanged; and at last, in a re-signature stage, a cloud server performs re-signature instead of a new appointed user, and in an auditing stage, a third party auditing center performs verification on integrity of the data stored at the cloud end instead of a current user; the computation overhead of a terminal user and the communication overhead of a system are greatly relieved; and the cloud auditing method is efficient and secure.

Description

technical field [0001] The invention belongs to the remote cloud storage data open audit technology, in particular to a public cloud audit method in which lightweight users can dynamically revoke and stored data can be dynamically updated. Background technique [0002] Cloud storage is a system composed of network devices, storage devices, servers, application software, public access interfaces, access networks, and clients. Highly concentrated computing resources make cloud storage face serious security challenges. In recent years, the security storage issues exposed by major cloud operators have aroused widespread concern and concern. For example, in March 2011, Google's Gmail mailbox failed, and this failure caused the data loss of about 150,000 users. In August 2013, Shanda Cloud, a domestic cloud provider, lost part of the customer data due to a physical server disk failure in the computer room. It can be seen that the research on data security issues in remote cloud...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/08H04L29/06H04L29/08
Inventor 韩静李艳平
Owner 趣橙(上海)信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products