Title

雲端儲存與計算服務的稽核研究

Translated Titles

Auditing Study for Cloud Storages and Cloud Computations

Authors

李宗霖

Key Words

個人隱私保護 ; 公開稽核 ; 行動裝置上的雲端儲存 ; 雲端儲存 ; Merkle雜湊樹 ; 雲端計算 ; 數位簽章 ; Identity privacy-preserving ; public auditing ; mobile cloud storage ; cloud storage ; Merkle hash trees ; cloud computing ; digital signature schemes

PublicationName

淡江大學資訊工程學系資訊網路與多媒體碩士班學位論文

Volume or Term/Year and Month of Publication

2016年

Academic Degree Category

碩士

Advisor

黃心嘉

Content Language

英文

Chinese Abstract

對於雲端計算服務以及雲端儲存服務而言,稽核是相當重要的。其中,行動裝置上對於雲端儲存服務的稽核方法必須支持動態群組以及個人隱私保護。為了達到個人身分隱私保護,Yu 等學者提出他們支援動態群組的方法。然而,我們針對動態群體的攻擊明確指出他們的方法,當群體成員與群體金鑰變動時、無法滿足前向與後向的安全性要求。為了改正這個安全缺失,提出我們的第一個方法,除了前向與後向的安全性要求外,還提供最大化的個人身分隱私保護。 對於雲端計算稽核方面,Wei等學者提出他們的雲端計算稽核方法。然而,他們針對攻擊者的行為假設是不實際的。移除不實際的假設後,將導致稽核所需的數量大增,稽核者的計算需求將變得龐大,導致可能無法在合理的時間內回應稽核結果。同時,發現不正確的計算結果的稽核機率也無法達到使用者的要求。針對改善線上稽核的效能或是稽核機率,我們提出一些策略有效地增加稽核驗證子的數量,透過稽核驗證子數量增加,可以改善效能或是稽核的機率。我們的策略利用了離線計算或是利用雲端計算伺服器計算能力,藉以提升線上稽核效能和稽核機率。根據我們的效能分析與探討,我們的策略不只是提升線上效能,也能用來提升線上稽核機率。

English Abstract

Auditing is important both for cloud computing services and cloud storage services. The audit scheme of cloud storage services for mobile devices should support dynamic groups and identity privacy protection. To audit uploading files for the dynamic mobile groups, Yu et al. proposed their scheme to protect identity-privacy. However, our dynamic group attacks shows that their scheme does not satisfy the forward and backward privacy for the group secret key change after some members leave. To provide forward and backward privacy for the group secret keys, our first protocol is proposed. Besides, our protocol provides the maximal identify-privacy protection. For cloud computation, Wei et al. proposed their cloud computation auditing scheme. However, their assumption about the adversary’s behaviors is impractical. After removing this impractical assumption, auditors’ computation load becomes so heavy that auditors may not return the auditing results in reasonable time. The probability of finding out incorrect computed results cannot reach the users’ requirement. To improve the on-line audit performance or probability, some improving strategies are proposed to increase the number of auditors efficiently. Then the increase of the number of auditors will improve either audit performance or audit probability. Our strategies utilize the off-line computation and cloud computation server help to improve the online audit performance and the audit probability. According to our performance analysis and the discussion, our strategies improve not only the online audit performance but also the audit probability for cloud computation.

Topic Category 基礎與應用科學 > 資訊科學
工學院 > 資訊工程學系資訊網路與多媒體碩士班
Reference
  1. [6] H.T. Dinh, C. Lee, D. Niyato, and P. Wang, “A Survey of Mobile Cloud Computing: Architecture, Applications, and Approaches,” Wireless Communication and Mobile Computing, Vol. 13, No. 8, pp. 1587-1611, 2013.
    連結:
  2. [7] N. Fernando, S.W. Loke, and W. Rahayu, “Mobile Cloud Computing: A Survey,” Future Generation Computer Systems , Vol. 29, pp. 84-106, 2013.
    連結:
  3. [10] D. Huang, T. Xing, and H. Wu, “Mobile Cloud Computing Service Models: A User-centric Approach,” IEEE Network, Vol. 27, No. 5, pp. 6–11, 2013.
    連結:
  4. [11] K. Kumar and Y.H. Lu, “Cloud Computing for Mobile Users: Can Offloading Computation Save Energy? ” IEEE Journal Computer, Vol. 43, No. 4, pp. 51-56, 2010.
    連結:
  5. [13] P. Mell and T. Grance, “Draft NIST Working Definition of Cloud Computing (2009),” http://csrc.nist.gov/groups/SNS/cloud-computing/index.html.
    連結:
  6. [14] F. Monrose, P. Wycko, and A. Rubin, “Distributed Execution with Remote Audit,” Proceedings of the Network and Distributed Systems Security Symposium (NDSS), San Diego, California, USA, 1999, pp.103-113.
    連結:
  7. [17] C.P. Schnorr, “Efficient Signature Generation by Smart Cards,” ACMJournal of Cryptology, Vol.4, Issue 3, pp.161-174, 1991.
    連結:
  8. [19] B. Wang, B. Li, and H. Li, “Knox: Privacy-Preserving Auditing for Shared Data with Large Groups in the Cloud,” Applied Cryptography and Network Security (ACNS 2012), LNCS 7341, Heidelberg: Springer, 2012, pp. 507–525.
    連結:
  9. [21] B. Wang, B. Li, and H. Li, “Privacy-Preserving Public Auditing for Shared Cloud Data Supporting Group Dynamics,” Proceeding of IEEE International Conference on Communications(ICC 2013), Budapest, Hungary, June 9-13, 2013, pp. 1946-1950.
    連結:
  10. [22] C. Wang, S. S. M. Chow, Q. Wang, K. Ren, and W. Lou, “Privacy-Preserving Public Auditing for Secure Cloud Storage,” IEEE Transactions on Computers, Vol. 62, No. 2, pp. 362–375, 2013.
    連結:
  11. [23] C. Wang, K. Ren, W. Lou, and J. Li, “Toward Public Auditable Secure Cloud Data Storage Services,” IEEE Network, Vol. 24, No. 4, pp. 19-24, 2010.
    連結:
  12. [24] Q. Wang, C. Wang, K. Ren, W. Lou, and J. Li, “Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing,” Proceeding of ESORICS 2009, Saint Malo, France, Sep. 21-25, 2009, pp. 355-370.
    連結:
  13. [25] Q. Wang, C. Wang, K. Ren, W. Lou, and J. Li, “Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing,” IEEE Transactions on Parallel Distributed Systems, Vol. 22, No. 5, pp. 847-859, 2012.
    連結:
  14. [27] L. Wei, H. Zhu, Z. Cao, W. Jia, X. Dong, W. Jia, Y. Chen, and A. Vasilakos, “Security and Privacy for Storage and Computation in Cloud Computing,” Information Sciences,Vol.258, pp.371-386 , Feb. 2014.
    連結:
  15. [28] K. Yang and X. Jia, “An Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud Computing,” IEEE Transactions on Parallel Distributed Systems, Vol. 24, No. 9, pp. 1717–1726, 2013.
    連結:
  16. [29] Y. Yu, Y. Mu, J. Ni, J. Deng, and K. Huang, “Identity Privacy-Preserving Public Auditing with Dynamic Group for Secure Mobile Cloud Storage,” International Conference, NSS, Springer International Publishing, 2014, pp.28-40
    連結:
  17. [30] Y. Zhu, H. Hu, G.J. Ahn, and S. Stephen, “Yau: Efficient Audit Service Outsourcing for Data Integrity in Clouds,” Journal of Systems and Software, Vol. 85, No. 5, pp.1083-1095, 2012.
    連結:
  18. [31] Y. Zhu, H. Hu, G.J. Ahn, and M. Yu, “Cooperative Provable Data Possession for Integrity Verification in Multicloud storage,” IEEE Transactions on Parallel Distributed Systems, Vol. 23, No. 12, pp. 2231-2244, 2012.
    連結:
  19. [32] Y. Zhu, S.B. Wang, G.J. Ahn, and D. Ma, “Secure Collaborative Integrity Verification for Hybrid Cloud Environments,” International Journal of Cooperative Information Systems, Vol. 21, No. 3, pp. 165-198, 2012.
    連結:
  20. [1] M. Arrington, “Gmail Disaster: Reports of Mass Email Deletions (2006)”, https://techcrunch.com/2006/12/28/gmail-disaster-reports-of-mass-email-deletions/.
  21. [2] M. Belenkiy, M. Chase, C. Erway, J. Jannotti, A. Küpçü, and A. Lysyanskaya, “Incentivizing Outsourced Computation,” Proceedings of the 3rd International Workshop on Economics of Networked Systems, Seattle, WA, USA, August 17-22, 2008, pp.85-90.
  22. [3] H. Canepa and D. Lee, “A Virtual Cloud Computing Provider for Mobile Devices,” Proceeding of 1st ACM Workshop on Mobile Cloud Computing and Services Social Networks and Beyond (MCS 2010), Vol. 6. ACM Digital Library, San Francisco, 2010.
  23. [4] R. Canetti, B. Riva, and G. Rothblum, “Verifiable Computation with Two or More Clouds,” Workshop on Cryptography and Security in Clouds, Zurich, Switzerland, March 15-16, 2011.
  24. [5] W. Diffie, and M.E. Hellman, “New directions in cryptography,” IEEE Transactions on Information Theory, Vol. 22, Issue 6, pp. 644-654, Nov. 1976.
  25. [8] R. Gennaro, C. Gentry and B. Parno, “Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers,” 30th International Cryptology Conference (CYPTO 2010), Santa Barbara, California, USA, August 15-19, 2010, pp.465.482.
  26. [9] P. Golle and I. Mironov, “Uncheatable Distributed Computations,” The Cryptographers’ Track at RSA Conference 2001, San Francisco, CA, USA, April 8-12,2001, pp.425-440.
  27. [12] M. Krigsman, “Apples MobileMe Experiences Post-launch Pain (2008),” http://www.zdnet.com/article/apples-mobileme-experiences-post-launch-pain/.
  28. [15] B.P. Rimal, E. Choi, and I. Lumb, “A Taxonomy and Survey of Cloud Computing Systems,” Proceeding of 5th International Joint Conference of INC, IMS and IDC, NCM 2009, Seoul, Korea, IEEE Press, 2009, pp. 44-51.
  29. [16] A. Sadeghi, T. Schneider, and M. Winandy, “Token-based Cloud Computing: Secure Outsourcing of Data and Arbitrary Computations with Lower Latency,” Trust and Trustworthy Computing, Berlin, Germany, June 21-23, 2010, pp.417-429.
  30. [18] M. Shiels. “Phone Sales Hit by Sidekick Loss (2009),” http://news.bbc.co.uk/2/hi/technology/8303952.stm.
  31. [20] B. Wang, B. Li, and H. Li, “Oruta: Privacy-Preserving Auditing for Shared Data in the Cloud,” Proceeding of IEEE 5th International Conference on Cloud Computing (IEEE Cloud 2012), Honolulu, HI, USA, June 24-29, 2012, pp. 295–302.
  32. [26] L. Wei, H. Zhu, Z. Cao, W. Jia, and A. Vasilakos, “Seccloud: Bridging Secure Storage and Computation in Cloud,” 30th International Conference on Distributed Computing Systems Workshops (IEEE ICDCSW 2010), Genova, Italy, June 21-25, 2010.