Research On Key Techniques Of Environment And Architecture Reliability Provison Mechanism For The Cloud Storage

Cloud Storage is a new concept that was extended and developed on the basic of the Cloud Computing. It could be considered as Cloud Computing system centering on the storage and management of data. To most people, the merits of Cloud Storage is its availability (access data at any place), reliability (no worry about the data backup problem), and mass storage capacity with low usage cost. It suffices to say that Cloud Storage represents the development trend of the storage service in future.Nevertheless, cloud storage cloud bring obvious unsafe factors when it can offer great advantage on data storing. The key problem that hinder the Acceptance of cloud storage lies in the lack of protection of the security and reliability of the user’s data that stored in the cloud. It’s apparent that data owner is not willing to have their private data spied or thieved by in any situation. Despite that lots of individuals are willing to post the open data (web mail, calendar and pictures) on to the cloud, enterprise, government and ordinary person would rather protect their information safe than convenient service provision and low infrastructure cost when it comes to informational safety. Additionally, besides the privacy issue, user data may face tremendous risk when some unexpected problem occurs on the cloud environment (The worst situation is data lost and unrecoverable), i.e. the reliability of the cloud storage services should not be ignored, either. As one of the most important resources in the informational time, the safe of data has received more and more attention from all related domain. The Key issues such as data security and storage service reliability must be solved before public cloud storage service can get further development.Therefore, concentrated on the abovementioned question, this thesis construct an Reliability Provision Mechanism for Cloud Storage(RPMCS) that is constituted with two parts:Environment Reliability Provision Mechanism (ERPM) and Architecture Reliability Provision Mechanism (ARPM). Environment Reliability Provision Mechanism ensures the security and privacy of the data saved in the cloud by means of a self-built trusted cloud environment; Architecture Reliability Provision Mechanism can achieve the reliability of cloud storage service by a series of data disaster recovery policies based on the trusted cloud environment.The research content of this thesis mainly includes the environment reliability provision mechanism focus on data security and privacy and the architecture reliability provision mechanism aiming at the cloud storage service reliability. First of all, we introduce searchable encryption algorithm and inverted index technology to organize the secure cloud storage system which make the end user’s off-premise data stored in the public cloud become controllable and enable the cloud provider search the cipher text directly and update the cipher text index dynamically without the knowledge of plaintext of user’s data; then we make further improvement on the cloud services of data backup and recovery by related data disaster recovery policies to meet the requirement of the more reliable storage and lower recovery cost of the architecture reliability provision mechanism.With help of the combined mechanism of environment and architecture reliability, the Reliability Provision Mechanism for Cloud Storage in the thesis integrate the security benefit of the private cloud and the cheapness benefit of public cloud to ensure the user data:●Security and privacy:public cloud provider can offer cloud services without the knowledge of the plain content of user’s data●Reliability:User data is stored redundantly in the cloud based on related policies to ensure that user data won’t be lost in any situation.The main advantage of this cloud storage system can be summarized as follows: ●Availability:user can access their data in the cloud at any time by any devices;●Reliability:all the data has been redundant backup so that it won’t be lost in any situation;●Searchable and safe:user’s encrypted data can be retrieved in the cloud without the need of getting back and encryption and Cloud provider have no idea of the user’s plain content;●Dynamic:ciphertext index can be updated dynamically in the cloud;●Data sharing:Data owner can authorize different authority to different visitor by means of Probabilistic encryption algorithm based trapdoor function.In this thesis, we proposed the new Dynamic Searchable Encryption and "rich cloud" based data disaster recovery polices to implement the Reliability Provision Mechanism for Cloud Storage.The detailed work and main innovation of the thesis can be summarized as follows(1) In the research of the key issues in secure cloud storage system, we put the key point on introducing the classic ciphertext search technology to the cloud storage environment. Integrated the main feature of cloud storage system, the ciphertext search technology is classified to "with index" and "without index" then further sub classified to "non-structural data" and "structural data" in order to reveal how the ciphertext search technology can be used to solve the security and privacy problem in cloud storage system and compare its functionality, innovation and existing limitation, then finally point out the improvement direction of these mainstream ciphertext search technology to support secure cloud storage system.(2) An Environment Reliability Provision Mechanism is designed to protect the security and privacy of the user data stored in the cloud and fix the critical confidence problem between data owner and cloud provider. This new mechanism can ensure the storage safety, and at the same time, have the powerful function of cloud computing. The cloud environment won’t be degraded to a data storage pool because of the impracticability of the encrypted data. This initiative designed cloud storage mechanism was implemented by Dynamic Searchable Encryption (DSE) based on Homomorphic Encryption and Convergent Encryption and Inverted Index. With the supporting of this two technology, encrypted data can be queried or updated when it keep stored in the Cloud, and the index of encrypted data can resist adaptive chosen-keyword attack and the safe level is CKA2, finally, the index of encrypted data can be updated dynamically base on the modification of user files.(3) On the key technology research of the architecture reliability Provision mechanism, this thesis introduce a new mode of disaster recovery named as "rich cloud" which render the resources of other cloud provider to replace self-built disaster recovery center. to fix the limitation of the convention disaster recovery policy by deploying special disaster recovery devices which means mass cost and maintains but low efficiency The new concept named "rich cloud" which in brief means "cloud serve each other and clouds share with each other" is proposed to describe the mutual pattern between cloud systems.(4) We proposed an architecture reliability provision mechanism (ARPM) to ensure the reliability of the user data stored in the cloud. To achieve this goal, a Rich Cloud Based Data Disaster Recovery Strategy (RCDDRS) is designed at the storage-intensive tasks to ensure reliability of stored data, lower the recovery time after failure and the cost of data disaster recovery. In this thesis, we construct a multi-objective optimization model then set the cost and RTO as band constraint of object, and solve it using a new dynamic multi-objective particle swarm optimization.As above-mentioned, this thesis set the service reliability of cloud storage system as mainly research object, and propose the Reliability Provision Mechanism for Cloud Storage to solve the data privacy and storage reliability problem of cloud storage system. Under the scope of the environment reliability provision mechanism, the dynamic searchable encryption designed in the thesis solve the uncontrollable problem of the data stored in the cloud and at the same time avoid the cloud storage degrade to a simple data storage pool. This algorithm not only grantee the security and the privacy of the user data, but also ensure that user can take full advantage of the powerful computing and process capability of cloud computing system. In addition, under the scope of the architecture reliability provision mechanism, we raise a new data disaster recovery strategy based on the concept of "rich cloud" and implement it using multi-objective particle swarm optimization to ensure the reliability of the user data in the cloud as well as lower failure cost and recovery time.