跳到主要內容

臺灣博碩士論文加值系統

(44.192.95.161) 您好!臺灣時間:2024/10/10 13:12
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:陳雅琳
研究生(外文):Chen, Ya-Lin
論文名稱:自動化雲端加密儲存稽核系統
論文名稱(外文):A Practical Third-Party Auditor for Encrypted Cloud Storage Service
指導教授:黃俊龍黃俊龍引用關係葉羅堯
指導教授(外文):Huang, Jiun-LongYeh, Lo-Yao
口試委員:黃世昆吳育松黃俊龍葉羅堯
口試委員(外文):Huang, Shih-KunWu, Yu-SungHuang, Jiun-LongYeh, Lo-Yao
口試日期:2017-07-07
學位類別:碩士
校院名稱:國立交通大學
系所名稱:資訊科學與工程研究所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2017
畢業學年度:106
語文別:英文
論文頁數:30
中文關鍵詞:雲端儲存第三方驗證批次驗證
外文關鍵詞:Cloud storage servicethird-party auditorbatch verification
相關次數:
  • 被引用被引用:0
  • 點閱點閱:243
  • 評分評分:
  • 下載下載:9
  • 收藏至我的研究室書目清單書目收藏:0
雲端儲存近年來相當普及,從企業到個人皆可能使用雲端儲存服務,將大量的資料存入雲端服務提供者 (Cloud Service Provider)提供的雲端空間中。然而『資訊安全』議題如資料的機密性與完整性是使用者是否願意將資料儲存於雲端的重要考量。本篇論文利用『自動化雲端稽核系統』,使用公正的第三方(trusted third-party auditor)進行加密資料的驗證,如此一來可保障使用者資料的機密性、完整性,以及雲端系統的可用性。考量到多人驗證的效率問題,本篇論文亦設計批次驗證功能來一次驗證多使用者的多個檔案。同時,系統設計也提供錯誤檔案搜尋功能,協助使用者發覺雲端儲存上未經授權的檔案修改,達到更完善的檔案稽核。
Cloud storage service is one of the most popular applications due to its convenience, easy manipulation, and some free cloud storage volume. However, security issues such as data pri- vacy,data integrity and the system availability has been vital challenges on cloud storage service. In this paper, we propose a scheme with a trusted third-party auditor (TPA) doing both single user auditing and batch auditing for multiple users. Both auditing algorithms are designed un- der the structure with all files encrypted. Thus TPA cannot catch any confidential information during the process of verification. Moreover, our system can extract corrupted files if the veri- fication fails, which help user realize which file has been modified.
摘要 ..................................i
Abstract ..................................i
致謝 ..................................iii
Contents ..................................iv
List of Figure ..................................v
List of Table ..................................vii
1 INTRODUCTION ..................................1
2 RELATED WORK ..................................4
3 PROBLEM STATEMENT ..................................7
3.1 ThreatModel ................................... 7 3.2 SystemGoal.................................... 8
4 SYSTEM ARCHITECTURE ..................................9
4.1 Preliminaries ................................... 9
4.1.1 SystemInitialization ........................... 9
4.1.2 Merkle HashTree............................. 10
4.1.3 Two-layer Merkle HashTree....................... 11
4.2 SingleUserAuditing ............................... 11
4.3 BatchAuditing .................................. 13
4.4 CorruptedFileExtraction............................. 14
5 IMPLEMENTATION ..................................16
5.1 UserInterface................................... 16
5.2 SingleUserAuditing ............................... 17
5.3 BatchAuditing .................................. 19
5.4 CorruptedFileExtraction............................. 19
5.5 AvailabilityDetection............................... 21
6 EVALUATION ..................................22
6.1 SecurityDiscussion................................ 22
6.2 PerformanceEfficiency.............................. 23
6.2.1 TheInfluenceofDifferentUserNumber. . . . . . . . . . . . . . . . . 23 6.2.2 TheInfluenceofDifferentFileNumber ................. 24
7 CONCLUSION ..................................26
Reference ..................................27
Appendix ..................................30
[1] M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H. Katz, A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia, “Above the clouds: A berkeley view of cloud computing,” Tech. Rep. UCB/EECS-2009-28, EECS Department, University of California, Berkeley, Feb 2009.
[2] S. Gallagher, “Doxed by microsoft’s docs.com: Users unwittingly shared sensitive docs publicly.” https://arstechnica.com/security/2017/03/doxed-by-microsofts-docs-com-use rs-unwittingly-shared-sensitive-docs-publicly/, 2017.
[3] J. Kincaid, “Dropbox security bug made passwords optional for four hours.” https://techcr unch.com/2011/06/20/dropbox-security-bug-made-passwords-optional-for-four-hours/, 2011.
[4] G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, “Provable data possession at untrusted stores,” in Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS ’07, (New York, NY, USA), pp. 598– 609, ACM, 2007.
[5] A.JuelsandB.S.Kaliski,Jr.,“Pors:Proofsofretrievabilityforlargefiles,”inProceedings of the 14th ACM Conference on Computer and Communications Security, CCS ’07, (New York, NY, USA), pp. 584–597, ACM, 2007.
[6] Q. W. K. R. C. Wang, S. S. M. Chow and W. Lou, “Privacy-preserving public auditing for secure cloud storage,” in IEEE Transactions on Computers, pp. 362–375, 2013.
[7] C. Wang, Q. Wang, K. Ren, and W. Lou, “Privacy-preserving public auditing for data storage security in cloud computing,” in 2010 Proceedings IEEE INFOCOM, pp. 1–9, March 2010.
[8] R. A. Popa, C. M. S. Redfield, N. Zeldovich, and H. Balakrishnan, “Cryptdb: Protecting confidentiality with encrypted query processing,” in Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, SOSP ’11, (New York, NY, USA), pp. 85– 100, ACM, 2011.
[9] R. C. Merkle, “Protocols for public key cryptosystems,” in IEEE Symposium on Security and Privacy, pp. 122–122, 1980.
[10] L. Y. Y. J. L. Huang and H. Y. Chien, “Abaka: An anonymous batch authenticated and key agreement scheme for value-added services in vehicular ad hoc networks,” in IEEE Transactions on Vehicular Technology, pp. 248–262, 2011.
[11] W. Junxiang and L. Shengli, “Dynamic provable data possession with batch-update verifi- ability,” in 2012 IEEE International Conference on Intelligent Control, Automatic Detec- tion and High-End Equipment, pp. 108–113, July 2012.
[12] H. Shacham and B. Waters, Compact Proofs of Retrievability, pp. 90–107. Berlin, Heidel- berg: Springer Berlin Heidelberg, 2008.
[13] Q. Wang, C. Wang, K. Ren, W. Lou, and J. Li, “Enabling public auditability and data dynamics for storage security in cloud computing,” IEEE Transactions on Parallel and Distributed Systems, vol. 22, pp. 847–859, May 2011.
[14] D. Boneh, C. Gentry, B. Lynn, and H. Shacham, “Aggregate and verifiably encrypted signatures from bilinear maps,” in Proceedings of the 22Nd International Conference on Theory and Applications of Cryptographic Techniques, EUROCRYPT’03, (Berlin, Hei- delberg), pp. 416–432, Springer-Verlag, 2003.
[15] L.Y.Yeh,“Apracticalthird-partyauditorprototypeforcloudstorageservice,”in20167th IEEE International Conference on Software Engineering and Service Science (ICSESS), pp. 796–799, Aug 2016.
[16] C. Erway, A. Küpçü, C. Papamanthou, and R. Tamassia, “Dynamic provable data pos- session,” in Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS ’09, (New York, NY, USA), pp. 213–222, ACM, 2009.
[17] Q. Zheng and S. Xu, “Fair and dynamic proofs of retrievability,” in Proceedings of the First ACM Conference on Data and Application Security and Privacy, CODASPY ’11, (New York, NY, USA), pp. 237–248, ACM, 2011.
[18] J. Daemen and V. Rijmen, The Design of Rijndael: AES - The Advanced Encryption Stan- dard. 2002.
[19] E. R. T. Dierks, “The transport layer security (tls) protocol version 1.1,” April, 2006.
[20] D. Kelley, “How data-centric protection increases security in cloud computing and virtu- alization,” tech. rep., Cloud Security Alliance white paper, 2011.
[21] T. ElGamal, “A public key cryptosystem and a signature scheme based on discrete loga- rithms,” in IEEE Trans Inform Theor, 1985.
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top