TEEMRDA:利用可信执行环境对云存储中的多副本数据进行审计

IF 6.8 2区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Computers & Security Pub Date : 2025-03-01 Epub Date: 2024-12-06 DOI:10.1016/j.cose.2024.104250
Hui Tian , Mengcheng Wang , Hanyu Quan , Chin-Chen Chang , Athanasios V. Vasilakos
{"title":"TEEMRDA:利用可信执行环境对云存储中的多副本数据进行审计","authors":"Hui Tian ,&nbsp;Mengcheng Wang ,&nbsp;Hanyu Quan ,&nbsp;Chin-Chen Chang ,&nbsp;Athanasios V. Vasilakos","doi":"10.1016/j.cose.2024.104250","DOIUrl":null,"url":null,"abstract":"<div><div>Driven by the rising popularity of multi-replica backups for enhanced data reliability and availability in cloud storage, multi-replica data auditing, which guarantees that cloud service providers (CSPs) securely store all designated replicas, has become a prominent research area in cloud data security. However, existing multi-replica auditing schemes pose a notable challenge: users incur additional computation and communication overheads to generate and upload multiple replicas. This approach also diverges from the conventional multi-replica storage model, where users typically submit a single copy and the CSP handles replica creation. To address this issue, this paper presents a novel multi-replica data auditing scheme based on Trusted execution environments (TEEs), named TEEMRDA. TEEMRDA is designed to align with real-world practices where users upload a single copy, significantly reducing user burden. To guarantee reliable multi-replica storage, we propose a random mask-based strategy implemented by TEEs to securely generate a predetermined number of data copies. For auditability, we introduce an impartial dual authentication mechanism using replica and data block index-independent signatures, employing both online and offline procedures. This approach substantially reduces the TEE’s computation overhead in generating tags for multiple-replica blocks and enhances efficiency for third-party auditors conducting data audits. Finally, we conduct comprehensive security validation and performance comparison of TEEMRDA with state-of-the-art schemes. The results demonstrate that TEEMRDA achieves secure and efficient auditing for multi-replica data, outperforming existing schemes in terms of computation and communication overheads.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"150 ","pages":"Article 104250"},"PeriodicalIF":6.8000,"publicationDate":"2025-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"TEEMRDA: Leveraging trusted execution environments for multi-replica data auditing in cloud storage\",\"authors\":\"Hui Tian ,&nbsp;Mengcheng Wang ,&nbsp;Hanyu Quan ,&nbsp;Chin-Chen Chang ,&nbsp;Athanasios V. Vasilakos\",\"doi\":\"10.1016/j.cose.2024.104250\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>Driven by the rising popularity of multi-replica backups for enhanced data reliability and availability in cloud storage, multi-replica data auditing, which guarantees that cloud service providers (CSPs) securely store all designated replicas, has become a prominent research area in cloud data security. However, existing multi-replica auditing schemes pose a notable challenge: users incur additional computation and communication overheads to generate and upload multiple replicas. This approach also diverges from the conventional multi-replica storage model, where users typically submit a single copy and the CSP handles replica creation. To address this issue, this paper presents a novel multi-replica data auditing scheme based on Trusted execution environments (TEEs), named TEEMRDA. TEEMRDA is designed to align with real-world practices where users upload a single copy, significantly reducing user burden. To guarantee reliable multi-replica storage, we propose a random mask-based strategy implemented by TEEs to securely generate a predetermined number of data copies. For auditability, we introduce an impartial dual authentication mechanism using replica and data block index-independent signatures, employing both online and offline procedures. This approach substantially reduces the TEE’s computation overhead in generating tags for multiple-replica blocks and enhances efficiency for third-party auditors conducting data audits. Finally, we conduct comprehensive security validation and performance comparison of TEEMRDA with state-of-the-art schemes. The results demonstrate that TEEMRDA achieves secure and efficient auditing for multi-replica data, outperforming existing schemes in terms of computation and communication overheads.</div></div>\",\"PeriodicalId\":51004,\"journal\":{\"name\":\"Computers & Security\",\"volume\":\"150 \",\"pages\":\"Article 104250\"},\"PeriodicalIF\":6.8000,\"publicationDate\":\"2025-03-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers & Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S016740482400556X\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"2024/12/6 0:00:00\",\"PubModel\":\"Epub\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S016740482400556X","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2024/12/6 0:00:00","PubModel":"Epub","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

为了提高云存储中数据的可靠性和可用性,越来越多的人开始使用多副本备份技术,因此,多副本数据审计技术可以保证云服务提供商(csp)安全地存储所有指定的副本,这已经成为云数据安全领域的一个重要研究领域。然而,现有的多副本审计方案带来了一个显著的挑战:用户需要额外的计算和通信开销来生成和上传多个副本。这种方法也与传统的多副本存储模型不同,在传统的多副本存储模型中,用户通常提交一个副本,然后由CSP处理副本的创建。为了解决这个问题,本文提出了一种新的基于可信执行环境(tee)的多副本数据审计方案,称为TEEMRDA。TEEMRDA旨在与用户上传单个副本的现实世界实践保持一致,从而显着减少用户负担。为了保证可靠的多副本存储,我们提出了一种由tee实现的基于随机掩码的策略,以安全地生成预定数量的数据副本。对于可审计性,我们引入了一种公正的双重身份验证机制,使用副本和数据块索引无关的签名,采用在线和离线过程。这种方法大大减少了TEE在为多个副本块生成标记时的计算开销,并提高了第三方审计员进行数据审计的效率。最后,我们对TEEMRDA与最先进的方案进行了全面的安全性验证和性能比较。结果表明,TEEMRDA实现了对多副本数据的安全高效审计,在计算和通信开销方面优于现有方案。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
TEEMRDA: Leveraging trusted execution environments for multi-replica data auditing in cloud storage
Driven by the rising popularity of multi-replica backups for enhanced data reliability and availability in cloud storage, multi-replica data auditing, which guarantees that cloud service providers (CSPs) securely store all designated replicas, has become a prominent research area in cloud data security. However, existing multi-replica auditing schemes pose a notable challenge: users incur additional computation and communication overheads to generate and upload multiple replicas. This approach also diverges from the conventional multi-replica storage model, where users typically submit a single copy and the CSP handles replica creation. To address this issue, this paper presents a novel multi-replica data auditing scheme based on Trusted execution environments (TEEs), named TEEMRDA. TEEMRDA is designed to align with real-world practices where users upload a single copy, significantly reducing user burden. To guarantee reliable multi-replica storage, we propose a random mask-based strategy implemented by TEEs to securely generate a predetermined number of data copies. For auditability, we introduce an impartial dual authentication mechanism using replica and data block index-independent signatures, employing both online and offline procedures. This approach substantially reduces the TEE’s computation overhead in generating tags for multiple-replica blocks and enhances efficiency for third-party auditors conducting data audits. Finally, we conduct comprehensive security validation and performance comparison of TEEMRDA with state-of-the-art schemes. The results demonstrate that TEEMRDA achieves secure and efficient auditing for multi-replica data, outperforming existing schemes in terms of computation and communication overheads.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Computers & Security
Computers & Security 工程技术-计算机:信息系统
CiteScore
12.40
自引率
7.10%
发文量
365
审稿时长
10.7 months
期刊介绍: Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.
期刊最新文献
A Multi-Frequency Temporal Spatio-Transformer for adversarially robust IoT intrusion detection Debapt: Ontology-driven multi-agent debate for APT adversary profile construction from cyber threat intelligence CoolTest: Randomness test suited for small data volumes ODHD: On-Demand Helper Data generation for reliable NVM-free key derivation from SRAM PUF From Systematic Threat Search to pentesting: Industrial Control Systems threat models
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1