Research And Implement Of No Plug-in Secure File Storage System Based On Web

With the rapid development of communication technology and cloud storage technology,more and more documents are stored in the cloud,people can easily access and update the cloud file.But files leak cases are continue to happen,especially the classified files leak of enterprises and organizations will cause serious property and credit damage.In the meantime there is great need for file sharing in enterprises and organization,work efficiency will be greatly improved if file security storage and efficient sharing can be implemented and hidden danger of files leak can be avoided in enterprises and organizations.The huge demand for files secure storage and efficient sharing in the enterprises and organizations is focused on in this thesis,which designed and implemented a files secure storage system based on Web browser but need no browser plug-ins.This system can improve the safety of files storage and the efficiency of files sharing.This system consist of Web-based Files Client,Web-based Files Server,Key Exchange Server and Identity Service System.Users can log in the Web-based Files Client with a browser and connect the Web-based Files Server and Files Decryption Server to upload,download,update and delete the files under the control of encryption algorithm and access strategies.Private Files belong to users and Shared Files belong to the departments are both stored in the system.Access strategies of this system consist of client strategy and server strategy,which both based on the a variety of access control model,joint controlling the using permission of files.AES and IBE algorithm are combined used in this thesis,which simplifying the work of key management and through key Automatic updates features of IBE the system security is improved.The main research work of this thesis:(1)Local API calls technology and safe file sharing technology are studied and relevant technology schemes are developed in this thesis.(2)Web-based file client is developed.(3)Web-based file server is developed.(4)key exchange server is developed.(5)Function test,perform test and security analysis are complete in this thesis.Innovation of this thesis:(1)A new method suitable for different browsers to call native API is designed in this thesis to call crypto module.Compared to the methods using browsers plug-ins to call native API like NPAPI for browsers based on Webkit and ActiveX for IE browser,this method avoid the short of general usability,safety and limited functions.Several functions that can not be implemented on the browsers in other system like files download by drag,open files by double click are implemented in this system with this method,which improved the user experience.(2)A program based on users identity information and combined access control model,data encryption technology and permission division mechanism is designed in this thesis,which can prevent both illegal outer access and inner decryption from administrator by making users and system administrator formulating strategies together.