以部分雜湊樹達成有效率的雲端儲存系統即時稽核
No Thumbnail Available
Date
2013
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
在現今,人們使用雲端的服務越來越普及,例如雲端儲存(Cloud Storage),但是用戶將自己比較重要的資料,放在不可相信的雲端上(untrusted server)會擔心所讀到的檔案是不正確或者不是最新的,或是遭受任何攻擊(例如roll-back attack 或是replay attack)。因此,很顯然用戶和服務提供商之間存在的許多問題。我們需要一個計劃來解決這些問題。
有一作法是將使用者資料備份,當有爭議時再去比較,但是此做法並不能保證哪一份是最新的以及其正確性,反而是增加更多的資源。在本篇論文中提出了一個機制,將用戶整個資料夾以及檔案以hash tree 方式儲存,稱為Merkle tree,以及利用hash tree產生之root hash來確保整個架構的唯一性,而雲端服務商保存著每次交換訊息所保留的證據,並交換root hash,確保雙方狀態是一致的,用戶讀到的檔案也為正確以及最新。
然而以上狀況在單一用戶是可行的,但是當有用戶有其他設備使用時,目前資料夾的狀態就必須更新至其他設備,以確保在做更新時,其他設備也是最新的。一般做法是對於還未更新的設備,將證據傳給他們(broadcasting),但是此舉會增加其他設備不停訪問而增加多餘的時間,並且也會產生許多問題。
我們解決方法不需要使用broadcasting,而是有一個同步伺服器的機制,讓其他設備先暫時無法向server溝通,必須等待設備A與server完成一整個完整的運作,才可以解開同步伺服器,避免造成broadcasting不完備的情形。雖然同步伺服器的機制會增加其他設備等待的時間,但是藉此讓許多設備透過同步伺服器之中交換證據,等到要做操作時才會更新設備所儲存之Merkle tree,可以降低了許多時間,以達到真正的即時稽核( true instant audit),也就是說,當用戶以及使用者有出錯時,馬上就可以偵測到。並再改善用戶驗證時需儲存的Merkle tree,每個設備只需存部份 Merkle tree(pMT),若存取時沒有另一部分的Merkle tree,才需要更新,這樣一樣可以達到true instant audit,減少用戶儲存負擔。相關的實驗數據結果可以呈現各種交換程序所需要的時間,來證明這個機制的可行性以及優點。
Nowadays cloud service is becoming more and more popular. One of the most important applications is the cloud storage. However, storing important data in cloud storage may suffer serious security risks. For example, the service provider can launch roll-back attack which is to restore lost files using a backup of an early version of them and their associated digital signatures. Then, the service provider can deny that the user’s latest version of files have been lost. Therefore, we need a scheme to have the client device be able to audit if a file obtained from the service provider is valid. In this paper, we first show that the intuitive solution of instant auditing by applying Merkle tree is inappropriate. Then, we propose an instant auditing communication protocol that can guarantee mutual nonrepudiation between the service provider and user and each client device only has to keep a partial Merkle tree of its account and its last attestation. All the client devices can audit if the obtained file is valid after every file writ operation without requiring broadcast their attestation to all other client devices. The experimental results demonstrate the feasibility of the proposed scheme. A service provider of cloud storage can use the proposed scheme to provide instant auditing guarantee in their service-level agreement.
Nowadays cloud service is becoming more and more popular. One of the most important applications is the cloud storage. However, storing important data in cloud storage may suffer serious security risks. For example, the service provider can launch roll-back attack which is to restore lost files using a backup of an early version of them and their associated digital signatures. Then, the service provider can deny that the user’s latest version of files have been lost. Therefore, we need a scheme to have the client device be able to audit if a file obtained from the service provider is valid. In this paper, we first show that the intuitive solution of instant auditing by applying Merkle tree is inappropriate. Then, we propose an instant auditing communication protocol that can guarantee mutual nonrepudiation between the service provider and user and each client device only has to keep a partial Merkle tree of its account and its last attestation. All the client devices can audit if the obtained file is valid after every file writ operation without requiring broadcast their attestation to all other client devices. The experimental results demonstrate the feasibility of the proposed scheme. A service provider of cloud storage can use the proposed scheme to provide instant auditing guarantee in their service-level agreement.
Description
Keywords
雲端儲存, 雲端安全, 雜湊樹, 即時稽核, cloud storage, cloud security, hash tree, Instant auditing