期刊
ACM TRANSACTIONS ON INFORMATION AND SYSTEM SECURITY
卷 14, 期 1, 页码 -出版社
ASSOC COMPUTING MACHINERY
DOI: 10.1145/1952982.1952994
关键词
Security; Reliability; Performance; Remote data checking; provable data possession; PDP; homomorphic verifiable tags; archival storage; cloud storage security; robust auditing; erasure coding
资金
- Division Of Computer and Network Systems
- Direct For Computer & Info Scie & Enginr [1054754] Funding Source: National Science Foundation
We introduce a model for provable data possession (PDP) that can be used for remote data checking: A client that has stored data at an untrusted server can verify that the server possesses the original data without retrieving it. The model generates probabilistic proofs of possession by sampling random sets of blocks from the server, which drastically reduces I/O costs. The client maintains a constant amount of metadata to verify the proof. The challenge/response protocol transmits a small, constant amount of data, which minimizes network communication. Thus, the PDP model for remote data checking is lightweight and supports large data sets in distributed storage systems. The model is also robust in that it incorporates mechanisms for mitigating arbitrary amounts of data corruption. We present two provably-secure PDP schemes that are more efficient than previous solutions. In particular, the overhead at the server is low (or even constant), as opposed to linear in the size of the data. We then propose a generic transformation that adds robustness to any remote data checking scheme based on spot checking. Experiments using our implementation verify the practicality of PDP and reveal that the performance of PDP is bounded by disk I/O and not by cryptographic computation. Finally, we conduct an in-depth experimental evaluation to study the tradeoffs in performance, security, and space overheads when adding robustness to a remote data checking scheme.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据