具安全隱私的雲端資料去重複技術

Cloud Data Deduplication with Security and Privacy Preservation

謝谷松(Ku-Sung Hsieh)；游家牧(Chia-Mu Yu)

雲端儲存 ； 安全 ； 隱私 ； Cloud storage ； security ； privacy

資訊安全通訊

24卷1期（2018 / 01 / 01）

18 - 40

繁體中文

因為其易於實作的特性，雲端儲存(cloud storage) 大量使用資料去重複技術(data deduplication)來節省其營運成本，但是資料去重複技術本身帶來許多全新的安全與隱私威脅。本文將首先介紹伴隨資料去重複技術的諸多威脅，接著敘述具安全隱私的雲端資料去重複技術，希冀能喚起研究人員對此議題的注意。

Data deduplication has been widely adopted by cloud storage provides to reduce the operation cost, including the storage, bandwidth, and management. Unfortunately, data deduplication itself incurs new security and privacy threats. This article first describes the security and privacy threats, and then has an overview of the state-of-the-art cloud data deduplication techniques with security and privacy preservation.

1. Abadi, M.,Boneh, D.,Mironov, I.,Raghunathan, A.,Segev, G.(2013).Message-locked encryption for lock-dependent messages.International Cryptology Conference (CRYPTO)
2. Anderson, P.,Zhang, L.(2010).Fast and secure laptop backups with encrypted deduplication.USENIX Large Installation System Administration Conference (LISA)
3. Baracaldo, N.,Androulaki, E.,Glider, J.,Sorniotti, A.(2014).Reconciling end-to-end confidentiality and data reduction in cloud storage.ACM Workshop on Cloud Computing Security (CCSW)
4. Bellare, M.,Keelveedhi, S.,Ristenpart, T.(2013).DupLESS: server-aided encryption for deduplicated storage.USENIX Security Symposium
5. Bellare, M.,Keelveedhi, S.,Ristenpart, T.(2013).Message-locked encryption and secure deduplication.International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT)
6. Blasco, J.,Orfila, A.,Pietro, R. D. I.,Sorniotti, A.(2014).A Tunable Proof of Ownership Scheme for Deduplication Using Bloom Filters.IEEE Conference on Communications and Network Security (CNS)
7. Bloom, B. H.(1970).Space/time trade-offs in hash coding with allowable errors.Communications of the ACM,13(7),422-426.
8. Cormode, G.,Muthukrishnan, S.(2004).An Improved Data Stream Summary: The CountMin Sketch and its Applications.Journal of Algorithms,55,29-38.
9. Di Pietro, R.,Sorniotti, A.(2012).Boosting efficiency and security in proof of ownership for deduplication.ACM Symposium on Information, Computer and Communications Security (ASIACCS)
10. Douceur, J. R.,Adya, A.,Bolosky, W. J.,Simon, P.,Theimer, M.(2002).Reclaiming space from duplicate files in a serverless distributed file system.International Conference on Distributed Computing Systems (ICDCS)
11. Drago, I.,Mellia, M.,Munafo, M. M.,Sperotto, A,Sadre, R.,Pras, A.(2012).Inside dropbox: understanding personal cloud storage services.ACM conference on Internet Measurement Conference (IMC)
12. Duan, Y.(2014).Distributed key generation for encrypted deduplication: achieving the strongest privacy.ACM Workshop on Cloud Computing Security (CCSW)
13. M. Dutch and L. Freeman, “Understanding data de-duplication ratios,” SNIA, 2009. http://www.snia.org
14. Eshghi, K.,Tang, H. K.(2005).Hewlett-Packard (HP) Technical ReportHewlett-Packard (HP) Technical Report,未出版
15. Fan, L.,Cao, P.,Almeida, J.,Broder, A. Z.(2000).Summary Cache: A Scalable Wide-Area Web Cache Sharing Protocol.IEEE/ACM Transactions on Networking,8(3),281-293.
16. Fu, Y. J.,Xiao, N.,Liao, X. K.,Liu, F.(2013).Application-aware client-side data reduction and encryption of personal data in cloud backup services.Journal of Computer Science and Technology
17. Guo, D.,Wu, J.,Chen, H.,Yuan, Y.,Luo, X.(2010).The dynamic bloom filter.IEEE Transactions on Knowledge and Data Engineering,22(1),120-133.
18. Halevi, S.,Harnik, D.,Pinkas, B.,Shulman-Peleg, A.(2011).Proofs of ownership in remote storage systems.ACM Conference on Computer and Communications (CCS)
19. Harnik, D.,Pinkas, B.,Shulman-Peleg, A.(2010).Side channels in cloud services, the case of deduplication in cloud storage.IEEE Security & Privacy,8(6),40-47.
20. Jin, X,Wei, L,Yu, M,Yu, N,Sun, J(2013).Anonymous deduplication of encrypted data with proof of ownership in cloud storage.IEEE/CIC International Conference on Communications in China (ICCC)
21. Juels, A.,Kaliski, B., Jr(2007).PORS: proofs of retrievability for large files.ACM conference on Computer and Communications Security (CCS)
22. Kaaniche, N.,Laurent, M.(2014).A secure client side deduplication scheme in cloud storage environments.International Conference on New Technologies, Mobility and Security (NTMS)
23. Li, J.,Chen, X.,Li, M.,Lee, P.,Lou, W.(2014).Secure deduplication with efficient and reliable convergent key management.IEEE Transactions on Parallel and Distributed Systems,25(6),1615-1625.
24. Li, J.,Li, Y. K.,Chen, X.,Lee, P. P. C.,Lou, W.A hybrid cloud approach for secure authorized deduplication.IEEE Transactions on Parallel and Distributed Systems
25. Liu, C.,Liu, X.,Wan, L(2013).Policy-based de-duplication in secure cloud storage.Trustworthy Computing and Services,250-262.
26. Marques, L.,Costa, C. J.(2011).Secure deduplication on mobile devices.Workshop on Open Source and Design of Communication (OSDOC)
27. Meye, P.,Raipin, P.,Tronel, F.,Anceaume, E.(2014).A secure two-phase data deduplication scheme.International Symposium on Cyberspace Safety and Security (CSS)
28. Mulazzani, M.,Schrittwieser, S.,Leithner, M.,Huber, M.,Weippl, E.(2011).Dark clouds on the horizon: using cloud storage as attack vector and onlineslack space.USENIX Security Symposium
29. Naor, M.,Reingold, O.(1997).Number-Theoretic Constructions of Efficient Pseudo-Random Functions.IEEE Symposium on Foundations of Computer Science (FOCS)
30. Nisan, N.,Zuckerman, D.(1996).Randomness is Linear in Space.Journal of Computer and System Sciences,52,43-52.
31. Paulo, J.,Pereira, J.(2014).A survey and classification of storage deduplication systems.ACM Computing Surveys (CSUR),47(1)
32. Puzio, P.,Molva, R.,Önen, M.,Loureiro, S.(2014).Block-level de-duplication with encrypted data.Open Journal of Cloud Computing,1(1),10-18.
33. Rabin, M. O.(1981).Tech ReportTech Report,Center for Research in Computing Technology, Harvard University.
34. Rashid, F.,Miri, A.,Woungang, I.(2012).A Secure Data Deduplication Framework for Cloud Environments.International Conference on Privacy, Security and Trust
35. Rashid, F.,Miri, A.,Woungang, I.(2013).Proof of retrieval and ownership protocols for enterprise-level data deduplication.Conference of the Center for Advanced Studies on Collaborative Research (CASCON)
36. Shin, Y.,Kim, K..Differentially private client-side data deduplication protocol for cloud storage services.Security and Communication Networks
37. Stanek, J.,Sorniotti, A.,Androulaki, E.,Kencl, L.(2013).,IBM.
38. Storer, M.,Greenan, K.,Long, D.,Miller, E..Secure data deduplication.International Workshop on Storage Security and Survivability
39. W. V. der Laan, Dropship, https://github.com/driverdan/dropship
40. Vadhan, S.(2004).Constructing Locally Computable Extractors and Cryptosystems in the Bounded-Storage Model.Journal of Cryptology,17(1),43-77.
41. Xu, J.,Chang, E. C.,Zhou, J.(2013).Weak leakage-resilient client-side deduplication of encrypted data in cloud storage.ACM SIGSAC symposium on Information, computer and communications security (ASIACCS)
42. Xu, J.,Zhou, J.(2014).Leakage Resilient Proofs of Ownership in Cloud Storage, Revisited.International Conference on Applied Cryptography and Network Security (ACNS)
43. Yang, C.,Ren, J..Provable ownership of encrypted files in de-duplication cloud storage.Ad Hoc & Sensor Wireless Networks
44. Yang, C.,Ren, J.,Ma, J.(2013).Provable ownership of files in de-duplication cloud storage.IEEE Global Telecommunications Conference (GLOBECOM)
45. Youngjoo, S.,Kwangjo, K.(2014).Efficient and Secure File Deduplication in Cloud Storage.IEICE Transactions on Information and Systems,E97(2),184-197.
46. Yu, C.-M.(2014).HTTP Botnet Resilient to Takedown.IEEE Symposium on Security and Privacy (S&P),San Jose, California, USA:
47. Yu, C.-M.,Chen, C.-Y.,Chao, H.-C..Proof of Ownership in Deduplicated Cloud Storage with Mobile Device Efficiency.IEEE Network
48. Zheng, Q.,Xu, S.(2012).Secure and efficient proof of storage with deduplication.ACM conference on Data and Application Security and Privacy (CODASPY)