Remote Data Integrity Checking with Ownership Transfer Based on Trusted Execution Environment

Peng Su; Feng Li; Yin Yiran

doi:10.11959/j.issn.1000-0801.033

您当前的位置：

首页 >

文章列表页 >

Remote Data Integrity Checking with Ownership Transfer Based on Trusted Execution Environment

更新时间：2026-04-14

- Remote Data Integrity Checking with Ownership Transfer Based on Trusted Execution Environment
- Telecommunications Science (2026)
- 作者机构：
  
  海南大学，海南海口 570228
- 作者简介：
- 基金信息：
  
  The National Natural Science Foundation of China(62362024);Scientific Research Foundation of Hainan University（No. KYQD(ZR)23060）(KYQD(ZR)23060)
- DOI：10.11959/j.issn.1000-0801.033
  CLC： TP393
- Received：26 November 2025，
  
  Revised：2026-01-22，
  
  Accepted：26 January 2026，
- 稿件说明：
移动端阅览
Peng Su, Feng Li, Yin Yiran. Remote Data Integrity Checking with Ownership Transfer Based on Trusted Execution Environment[J/OL]. Telecommunications Science, 2026.
DOI：

Peng Su, Feng Li, Yin Yiran. Remote Data Integrity Checking with Ownership Transfer Based on Trusted Execution Environment[J/OL]. Telecommunications Science, 2026. DOI： 10.11959/j.issn.1000-0801.033.

摘要

云存储的普及与数据所有权转移需求的增长，使得支持所有权转移的远程数据完整性验证成为保障云数据安全的关键技术。然而，现有方案普遍存在数据所有者计算负担重、依赖不可信第三方审计者、通信开销大以及缺乏有效的不可否认性机制等问题。为解决上述挑战，提出了一种基于可信执行环境的支持所有权转移的远程数据完整性验证方案。该方案将完整性验证与所有权转移过程中的所有关键计算任务安全地卸载至云服务提供商平台的TEE内执行。基于除TEE的隔离保护外所有实体均不可信的强威胁模型进行了形式化安全分析，并利用Intel SGX开发了原型系统，通过与多种代表性方案进行对比实验以评估其性能。实验结果表明，该方案在标签生成等阶段的计算效率优于对比的方案，计算开销降低幅度在10.1%至86.4%之间，同时实现了云服务提供商与验证者之间的零通信开销。

Abstract

The popularization of cloud storage and the growing demand for data ownership transfer have made remote data integrity verification with ownership transfer a key technology for safeguarding cloud data security. However

existing schemes were generally plagued by problems such as heavy computational burden on data owners

reliance on untrusted third-party auditors

high communication overhead

and lack of effective non-repudiation mechanisms. To address these challenges

a remote data integrity verification scheme with ownership transfer based on Trusted Execution Environment (TEE) is proposed in this paper. All critical computational tasks in the integrity verification and ownership transfer are securely offloaded to the TEE of the cloud service provider’s platform by our scheme. Formal security analysis is conducted based on a strong threat model where all entities except the isolation protection of TEE are untrusted

and a prototype system is developed using Intel SGX. Comparative experiments with various representative schemes are performed to evaluate its performance. The experimental results demonstrate that this scheme achieves superior computational efficiency in stages such as HVT (Homomorphic Verifiable Tag) generation compared to the benchmark schemes

with computational overhead reductions ranging from 10.1% to 86.4%. Additionally

it achieves zero communication overhead between cloud service providers and verifiers.

关键词

Keywords

references

Ateniese G , Burns R , Curtmola R , et al . Provable Data Possession at Untrusted Stores [C ] // Proceedings of the 14th ACM Conference on Computer and Communications Security . Alexandria, Virginia, USA : ACM , 2007 : 598 - 609 .

Juels A , Kaliski Jr B S . PORs: Proofs of Retrievability for Large Files [C ] // Proceedings of the 14th ACM Conference on Computer and Communications Security . Alexandria, Virginia, USA : ACM , 2007 : 584 - 597 .

Shacham H , Waters B . Compact Proofs of Retrievability [ C ] // Shacham H , Waters B . Compact Proofs of Retrievability[C ] // Advances in Cryptology - ASIACRYPT 2008 . Heidelberg, Germany : Springer , 2008 : 90 - 107 .

Wang Q , Wang C , Li J , et al . Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing [C ] // European Symposium on Research in Computer Security . Berlin, Heidelberg : Springer Berlin Heidelberg , 2009 : 355 - 370 .

Wang C , Chow S S M , Wang Q , et al . Privacy-preserving Public Auditing for Secure Cloud Storage [J ] . IEEE transactions on Computers , 2011 , 62 ( 2 ): 362 - 375 .

Erway C C , Küpçü A , Papamanthou C , et al . Dynamic Provable Data Possession [J ] . ACM Transactions on Information and System Security (TISSEC) , 2015 , 17 ( 4 ): 1 - 29 .

Yu Y , Au M H , Ateniese G , et al . Identity-based Remote Data Integrity Checking with Perfect Data Privacy Preserving for Cloud Storage [J ] . IEEE Transactions on Information Forensics and Security , 2016 , 12 ( 4 ): 767 - 778 .

杨帆 , 袁艺林 , 张邓凡 , 等 . 支持审计者更换和数据动态的云数据完整性审计方案 [J ] . 信息安全学报 , 2025 , 10 ( 03 ): 197 - 208 .

YANG Fan , YUAN Yilin , ZHANG Dengfan , et al . Cloud Data Integrity Audit Scheme that Supports Auditor Replacement and Data Dynamics [J ] . Journal of Cyber Security , 2025 , 10 ( 03 ): 197 - 208 .

Wang H , He D , Fu A , et al . Provable Data Possession with Outsourced Data Transfer [J ] . IEEE Transactions on Services Computing , 2019 , 14 ( 6 ): 1929 - 1939 .

Shen J , Guo F , Chen X , et al . Secure cloud auditing with efficient ownership transfer [C ] // European Symposium on Research in Computer Security . Guildford, UK : Springer International Publishing , 2020 : 611 - 631 .

Shen J , Chen X , Wei J , et al . Blockchain-based Accountable Auditing with Multi-ownership Transfer [J ] . IEEE Transactions on Cloud Computing , 2022 , 11 ( 3 ): 2711 - 2724 .

Huang Y , Shen W , Qin J . Certificateless Cloud Storage Auditing Supporting Data Ownership Transfer [J ] . Computers & Security , 2024 , 139 : 103738 .

殷新春 , 王经纬 , 宁建廷 . 支持高效数据所有权共享的动态云存储审计方案 [J ] . 软件学报 , 2025 , 36 ( 07 ): 3306 - 3320 .

YIN Xinchun , WANG Jingwei , NING Jianting . Dynamic Cloud Storage Auditing Scheme with Efficient Data Ownership Sharing [J ] . Journal of Software , 2025 , 36 ( 07 ): 3306 - 3320 .

McKeen F , Alexandrovich I , Anati I , et al . Intel® Software Guard Extensions (Intel® SGX) support for dynamic memory management inside an enclave [M ] // Proceedings of the Hardware and Architectural Support for Security and Privacy 2016 . 2016 : 1 - 9 .

Ngabonziza B , Martin D , Bailey A , et al . TrustZone Explained: Architectural Features and Use Cases [C ] // 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC) . IEEE , 2016 : 445 - 451 .

Gurevin D , Jin C , Nguyen PH , et al . Secure remote attestation with strong key isolation guarantees [J ] . IEEE Transactions on Computers , 2023 , 74 ( 3 ): 848 - 859 .

Jang J , Choi C , Lee J , et al . Privatezone: Providing a private execution environment using arm trustzone [J ] . IEEE Transactions on Dependable and Secure Computing , 2016 , 15 ( 5 ): 797 - 810 .

Zhao S , Li M , Zhangyz Y , et al . vsgx: Virtualizing sgx enclaves on amd sev [C ] // 2022 IEEE Symposium on Security and Privacy (SP) . IEEE , 2022 : 321 - 336 .

Views

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Tag's ownership transfer protocol based on quadratic residue

Related Author

Rui XIE

Zhifeng HAO

Related Institution

Guangdong University of Technology

Foshan University

⁰