Security Technology Research In Object-based Storage System

With the development of network technology, storage systems need to achieve a high degree of concurrency by network. Network security risks are certainly a new threat to the storage systems, which require the constant development of new technologies to achieve the great demand for storage security. Key storage based on trusted platform, a third-party privacy protection based on fully homomorphic encryption, such as technologies provide a strong security guarantee to storage systems. Safety and efficiency is a contradiction, while ensuring the security of storage systems, how to increase efficiency is also considerable. Identity-based storage security architecture and object granularity encryption strategies have largely solved the problem of excessive resource overhead of the security module.As the traditional certificate-based security model has too much authority certificates as well as tremendous key system, which will cause overload on metadata server, an object-based storage security model is proposed. The model associates the user identity information with the controlled object. Users do not need to request authorization certificate from metadata server but issue access requests directly to the storage devices. Storage devices rely on user identity and the information associated with the object storage system are able to guarantee security. The identity-based security prototype is implemented on the object-based storage system, and its performance is tested by tools. Experiments show that security mechanisms of identity-based object-based storage systems are more efficient than certificates. It reduces the burden on the metadata server as well as protects the storage system security.Object-based storage system contains hundreds of storage devices with large amounts of data; a considerable part of sensitive data needs to be encrypted. Existing storage system security program can encrypt files to ensure safety, but types of file have a characteristic that not all areas is sensitive within the file. If you encrypt the entire file, a large number of non-sensitive areas will be encrypted simultaneously, which will greatly degrade the performance of storage system. A fine-grained object-based encrypted storage scheme is proposed that can protected user-specified any size objects within the file. It avoids the encrypt/decrypt operations on the non-sensitive data within the file. This will not only significantly improve the overall performance of storage systems, but also reduce the network bandwidth for storage security, thus a large number of low-end users can also use encryption to protect data security.Object-based storage system is a network-based distributed storage system, the storage devices are directly connected to the network. Existing encryption scheme protects data in the storage system through encryption, but only uses weak passwords to encrypt keys for security. This is a security risk to storage system, so the protection of key is an urgent problem need to be addressed. An object-based storage system based on trusted computing platform is proposed, which uses security mechanism combinated hardware and software to protect the encryption keys of file systems, the analysis shows that it can greatly enhance object-based storage system security. Intensive tests are performed on this system, results show that the object-based storage system key protection mechanisms based on trusted computing platform has little impact on the performance of encrypted storage system.Object-based storage system, one of thecloud storagearchitectures, has a greater demand on the security of the data for its particularity as an Internet application. Meanwhile, with continuous expansion of cloud storage applications, problems about third-party data security become increasingly prominent. Based on the analysis of cloud storage service architecture, a cloud storage security model based on fully homomorphic encryption is proposed. Fully homomorphic encryption is a new breakthrough of cryptographyas technology advances. It can use fully homomorphic transformation to process the encrypted data, so it is a good solution to third-party data privacy issues on cloud storage. Several fully homomorphic encryption algorithm applications on the cloud storage are proposed to further the exploration of this new cloud storage security technology.