SIV:A Structural Integrity Verification Approach of Cloud Components with Enhanced Privacy
SIV:A Structural Integrity Verification Approach of Cloud Components with Enhanced Privacy作者机构:School of Cyber Scienee and Engineering. Wuhan University Wuhan 430072 China. School of Computer Science Shaanxi Normal University Xi'an 710062 China
出 版 物:《Tsinghua Science and Technology》 (清华大学学报(自然科学版(英文版))
年 卷 期:2019年第24卷第5期
页 面:557-574页
核心收录:
基 金:supported by the National Key Basic Research and Development(973) Program of China(No.2014CB340600) Wuhan FRONTIER Program of Application Foundation(No.2018010401011295) the National Natural Science Foundation of China(No.61802239) the Fundamental Research Funds for the Central Universities(No.GK201803061) China Postdoctoral Science Foundation(No.2018M631121)
主 题:integrity verification cloud components structural feature privacy
摘 要:Private data leakage is a threat to current integrity verification schemes of cloud components. To address this issue, this work proposes a privacy-enhancing Structural Integrity Verification (SIV) approach. It is made up of three processes: proof organization, proof transformation, and integrity judgement. By introducing a Merkle tree technique, the integrity of a constituent part of a cloud component on a node is represented by a root value. The value is then masked to cipher texts in proof transformation. With the masked proofs, a structural feature is extracted and validated in an integrity judgement by a third-party verification provider. The integrity of the cloud component is visually displayed in the output result matrix. If there are abnormities, the corrupted constituent parts can be located. Integrity is verified through the encrypted masked proofs. All raw proofs containing sensitive information stay on their original nodes, thus minimizing the attack surface of the proof data, and eliminating the risk of leaking private data at the source. Although some computations are added, the experimental results show that the time overhead is within acceptable bounds.