高级搜索

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

支持条件身份匿名的云存储医疗数据轻量级完整性验证方案

张晓均 王鑫 廖文才 赵芥 付兴兵

张晓均, 王鑫, 廖文才, 赵芥, 付兴兵. 支持条件身份匿名的云存储医疗数据轻量级完整性验证方案[J]. 电子与信息学报, 2022, 44(12): 4348-4356. doi: 10.11999/JEIT210971
引用本文: 张晓均, 王鑫, 廖文才, 赵芥, 付兴兵. 支持条件身份匿名的云存储医疗数据轻量级完整性验证方案[J]. 电子与信息学报, 2022, 44(12): 4348-4356. doi: 10.11999/JEIT210971
ZHANG Xiaojun, WANG Xin, LIAO Wencai, ZHAO Jie, FU Xingbing. Lightweight Integrity Verification Scheme for Outsourced Medical Data in Cloud Storage Supporting Conditional Identity Anonymity[J]. Journal of Electronics & Information Technology, 2022, 44(12): 4348-4356. doi: 10.11999/JEIT210971
Citation: ZHANG Xiaojun, WANG Xin, LIAO Wencai, ZHAO Jie, FU Xingbing. Lightweight Integrity Verification Scheme for Outsourced Medical Data in Cloud Storage Supporting Conditional Identity Anonymity[J]. Journal of Electronics & Information Technology, 2022, 44(12): 4348-4356. doi: 10.11999/JEIT210971

支持条件身份匿名的云存储医疗数据轻量级完整性验证方案

doi: 10.11999/JEIT210971
基金项目: 国家自然科学基金(61902327),中国博士后科学基金(2020M681316),浙江省自然科学基金(LY19F020045),成都市科技局项目(2021-YF05-00965-SN),西南石油大学研究生教研教改项目(JY20ZD06)
详细信息
    作者简介:

    张晓均:男,博士,副教授,研究方向为密码学和信息安全、云计算安全

    王鑫:男,硕士生,研究方向为密码学与信息安全、云计算安全

    廖文才:男,硕士生,研究方向为密码学与信息安全、云计算安全

    赵芥:男,硕士生,研究方向为密码学与信息安全、云计算安全

    付兴兵:男,博士,讲师,研究方向为密码学与信息安全、物联网安全

    通讯作者:

    张晓均 zhangxjdzkd2012@163.com

  • 中图分类号: TN918; TP309.2

Lightweight Integrity Verification Scheme for Outsourced Medical Data in Cloud Storage Supporting Conditional Identity Anonymity

Funds: The National Natural Science Foundation of China (61902327), China Postdoctoral Science Foundation (2020M681316), Zhejiang Provincial Natural Science Foundation of China (LY19F020045), Chengdu Key R & D Project (2021-YF05-00965-SN), Southwest Petroleum University Graduate Teaching Research and Reform Project (JY20ZD06)
  • 摘要: 医疗云存储服务是云计算技术的一个重要应用,同时外包医疗数据的完整性和用户的身份隐私保护已变得越来越重要。该文提出适用于无线医疗传感器网络的支持条件身份匿名的外包云存储医疗数据轻量级完整性验证方案。方案结合同态哈希函数设计了聚合签名,通过第三方审计者(TPA)对外包云存储医疗数据进行完整性验证,在TPA端存放审计辅助信息,利用同态哈希函数的同态性质将TPA端的计算优化为常量运算,大大降低了第三方审计者的计算开销,同时支持TPA对多个数据文件执行批量验证,其验证开销几乎是恒定的,与医疗数据文件的数量无关。方案有效防止了第三方审计者通过求解线性方程恢复原始医疗数据,并且设计了条件身份匿名算法,密钥生成中心(PKG)根据用户唯一标识的身份信息为用户生成匿名身份及对应的签名私钥。即使攻击者截获到用户传输的医疗数据,也无法获知拥有此数据的真实身份,有效避免了对公钥证书的复杂管理,同时使得密钥生成中心可以有效追踪医疗信息系统中具有恶意行为的用户。安全性分析与性能评估结果表明该方案能够安全高效地部署在云辅助无线医疗传感器网络。
  • 图  1  条件身份匿名的云存储医疗数据完整性验证模型

    图  2  条件身份匿名的云存储医疗数据完整性验证工作流程

    图  3  完整性验证计算开销实验仿真

    图  4  完整性验证证明通信开销实验仿真

    表  1  完整性验证计算开销比较

    方案完整性验证计算开销
    RDIC$ (2c + 6) \cdot {\text{Exp}} + (c + 1) \cdot {\text{Pair + }}c \cdot {\text{mult}} $
    IBPA$ \begin{aligned}& (2c + 4) \cdot {\text{Mult} } + 3{\text{Pair} } + (2c - 1) \cdot {\text{Add} } \\& \quad + (c{ { + 2} }) \cdot {\text{Ha} } + (c + 1) \cdot {\text{ha} } \end{aligned}$
    CIPPPA$ (c + 2) \cdot {\text{Mult}} + 3{\text{Pair}} + (c - 1) \cdot {\text{Add}} + c \cdot {\text{Ha}} + {\text{ha}} $
    本文$ 2{\text{Exp + }}2{\text{Pair}} + 2 \cdot {\text{mult}} + {\text{ha}} $
    下载: 导出CSV

    表  2  完整性验证通信开销比较

    方案挑战信息完整性验证证明信息
    RDIC$ c \cdot (|n| + |p|) + |{\text{pf}}| + 2|G| $$ 3\left| G \right| $
    IBPA$ c \cdot (|n| + |p|) $$ 3\left| G \right| + \left| p \right| $
    CIPPPA$ c \cdot (|n| + |p|) $$ 3\left| G \right| + \left| p \right| $
    本文$ c \cdot (|n| + |p|) $$ 2|G| + \left| p \right| $
    下载: 导出CSV
  • [1] BARATI M, AUJLA G S, LLANOS J T, et al. Privacy-aware cloud auditing for GDPR compliance verification in online healthcare[J]. IEEE Transactions on Industrial Informatics, 2022, 18(7): 4808–4819. doi: 10.1109/TII.2021.3100152
    [2] NAYAK S K and TRIPATHY S. SEPDP: Secure and efficient privacy preserving provable data possession in cloud storage[J]. IEEE Transactions on Services Computing, 2021, 14(3): 876–888. doi: 10.1109/TSC.2018.2820713
    [3] LI Hongzhi, HAN Dezhi, and TANG Mingdong. A privacy-preserving storage scheme for logistics data with assistance of blockchain[J]. IEEE Internet of Things Journal, 2022, 9(6): 4704–4720. doi: 10.1109/JIOT.2021.3107846
    [4] SUBRAMANI J, MARIA A, RAJASEKARAN A S, et al. Lightweight privacy and confidentiality preserving anonymous authentication scheme for WBANs[J]. IEEE Transactions on Industrial Informatics, 2022, 18(5): 3484–3491. doi: 10.1109/TII.2021.3097759
    [5] REN Kui, WANG Cong, and WANG Qian. Security challenges for the public cloud[J]. IEEE Internet Computing, 2012, 16(1): 69–73. doi: 10.1109/MIC.2012.14
    [6] SUN Jinyuan, FANG Yuguang, and ZHU Xiaoyan. Privacy and emergency response in e-healthcare leveraging wireless body sensor networks[J]. IEEE Wireless Communications, 2010, 17(1): 66–73. doi: 10.1109/MWC.2010.5416352
    [7] ATENIESE G, BURNS R, CURTMOLA R, et al. Provable data possession at untrusted stores[C]. The 14th ACM Conference on Computer and Communications Security, Alexandria, USA, 2007: 598–609.
    [8] JUELS A and KALISKI B S. PORs: Proofs of retrievability for large files[C]. The 14th ACM Conference on Computer and Communications Security, Alexandria, USA, 2007: 584–597.
    [9] WANG Cong, CHOW S S M, WANG Qian, et al. Privacy-preserving public auditing for secure cloud storage[J]. IEEE Transactions on Computers, 2013, 62(2): 362–375. doi: 10.1109/TC.2011.245
    [10] 马华, 党乾龙, 王剑锋, 等. 基于属性加密的高效密文去重和审计方案[J]. 电子与信息学报, 2019, 41(2): 355–361. doi: 10.11999/JEIT170935

    MA Hua, DANG Qianlong, WANG Jianfeng, et al. Efficient ciphertext deduplication and auditing scheme with attribute-based encryption[J]. Journal of Electronics &Information Technology, 2019, 41(2): 355–361. doi: 10.11999/JEIT170935
    [11] YEH L Y, CHIANG P Y, TSAI Y L, et al. Cloud-based fine-grained health information access control framework for LightweightIoT devices with dynamic auditing and attribute revocation[J]. IEEE Transactions on Cloud Computing, 2018, 6(2): 532–544. doi: 10.1109/TCC.2015.2485199
    [12] HAHN C, KWON H, KIM D, et al. Enabling fast public auditing and data dynamics in cloud services[J]. IEEE Transactions on Services Computing, 2022, 15(4): 2047–2059. doi: 10.1109/TSC.2020.3030947
    [13] 田俊峰, 井宣. 多方参与高效撤销组成员的共享数据审计方案[J]. 电子与信息学报, 2020, 42(6): 1534–1541. doi: 10.11999/JEIT190468

    TIAN Junfeng and JING Xuan. Shared data auditing scheme for efficient revocation of group members via multi-participation[J]. Journal of Electronics &Information Technology, 2020, 42(6): 1534–1541. doi: 10.11999/JEIT190468
    [14] SHAMIR A. Identity-based cryptosystems and signature schemes[C]. Workshop on the Theory and Application of Cryptographic Techniques, Santa Barbara, USA, 1984: 47–53.
    [15] NI Jianbing, ZHANG Kuan, YU Yong, et al. Identity-based provable data possession from RSA assumption for secure cloud storage[J]. IEEE Transactions on Dependable and Secure Computing, 2022, 19(3): 1753–1769. doi: 10.1109/TDSC.2020.3036641
    [16] ZHANG Xiaojun, ZHAO Jie, XU Chunxiang, et al. CIPPPA: Conditional identity privacy-preserving public auditing for cloud-based WBANs against malicious auditors[J]. IEEE Transactions on Cloud Computing, 2021, 9(4): 1362–1375. doi: 10.1109/TCC.2019.2927219
    [17] GAO Xiang, YU Jia, CHANG Yan, et al. Checking only when it is necessary: Enabling integrity auditing based on the keyword with sensitive information privacy for encrypted cloud data[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 19(6): 3774–3789.
    [18] XUE Jingting, XU Chunxiang, ZHAO Jining, et al. Identity-based public auditing for cloud storage systems against malicious auditors via blockchain[J]. Science China Information Sciences, 2019, 62(3): 32104. doi: 10.1007/s11432-018-9462-0
    [19] ALI S T, SIVARAMAN V, OSTRY D, et al. Securing first-hop data provenance for bodyworn devices using wireless link fingerprints[J]. IEEE Transactions on Information Forensics and Security, 2014, 9(12): 2193–2204. doi: 10.1109/TIFS.2014.2357998
    [20] ZHANG Yinghui, ZHANG Tiantian, GUO Rui, et al. Traceable dynamic public auditing with identity privacy preserving for cloud storage[J]. KSII Transactions on Internet and Information Systems, 2019, 13(11): 5653–5672. doi: 10.3837/tiis.2019.11.021
    [21] YU Yong, AU M H, ATENIESE G, et al. Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage[J]. IEEE Transactions on Information Forensics and Security, 2017, 12(4): 767–778. doi: 10.1109/TIFS.2016.2615853
  • 加载中
图(4) / 表(2)
计量
  • 文章访问数:  370
  • HTML全文浏览量:  197
  • PDF下载量:  86
  • 被引次数: 0
出版历程
  • 收稿日期:  2021-09-13
  • 修回日期:  2022-08-25
  • 录用日期:  2022-09-06
  • 网络出版日期:  2022-09-08
  • 刊出日期:  2022-12-16

目录

    /

    返回文章
    返回