Research Of Integrity Verification Of Data And Access Control Problem On Cloud Storage

As a promising technology on the security of data, cloud storage has developed quickly. Cloud storage provides a comparably low cost, scala-ble and position-independent storaging platform for data owners. For re-ducing cost of storing massive data, a growing number of owners begin to use the cloud server to store their data without any copy in local comput-ers. With the development of cloud storage technology, data dependabil-ity and availability are improved substantially, which can meet the de-mands of data security protection for the majority of users. Although the cloud storage technology is well developed, it is still powerless to fully protect the data from leaking. Accordingly, research on new cloud storage for ensuring the security of cloud data is of great important not only to personal privacy and property security of the data users, but also the na-tional information security, social stability and economic development.Further, how to protecting cloud data security at the technical level has become a developing tendency.The research focus on the data security of the cloud storage, and it can be roughly divided into two aspects. The first is identity-based stor-age management and integrity verification protocol on untrusted cloud,the second is the data access control with efficient revocation in untrusted cloud. Both of them concern with data encryption algorithm, identity au-thentication, privacy protection and integrity checking algorithm. The main contributions of this paper are as follows:1?An identity-based storage management and integrity verification protocol on untrusted cloud is proposed with the technology of PKG and homomorphic encryption. The fairness can be guaranteed by the PKG authentication instead of any third verifying organizer. Meanwhile, the data privacy can be protected by homomorphism encryption against both untrusted server and any third party. Furthermore, the protocols can resist replay attacks, man-in-the-middle attacks and masquerading attacks. Fur-thermore, the proposed protocol also supports data automatic updates as well as public verification. The last but not the least, the security proof and performance analysis shows the security and efficiency of the pre-sented protocol.2?A new identity-based storage management and integrity verify protocol for secure outsourcing in multi-cloud, is proposed. It mainly solve the following two problems in multi-cloud storage, (1) How to dis-tribute the verification work and insure the accuracy of the proposal with untrusted multi-cloud. (2) How to effectively reduce communication cost and meet the safety requirement as well. Specially, protocol provided that no third verifying organizer and trusted distribution agency should meet both requirment in security and low cost. Meanwhile, it should re-sist replay attacks and masquerading attacks. The proposed protocol is proved to be secure and effective by theoretical analysis and experimental simulation. Also, the data can get effective protection even with untrusted verifier and cloud server.3?An integrity verification protocol with security and efficiency for data storage in mobile multi-cloud is proposed based on bilinear pairing,It meets the privacy both in users' identity and data. The self-certified public keys is used. We conclude the merits as follows: (1) Realizing the privacy in users' identity and data of verification protocol firstly; (2) Re-duceing the computational cost and communication cost of the mobile terminal; (3) The verification protocol avoids the synchronization prob-lem by using no timestamp end. Comparisons are provided between the proposed protocol and previous ones arounding security, performance and computational cost. Analysis shows that our protocol is secure and better performance. These properties make our protocol more suitable for mobile devices with low consumption and limited computing resources as well as global mobile network with increasing complexity.4?A fine-grained data access control scheme supporting property revocation in untrusted cloud is proposed based on ciphertext-policy at-tribute-based encryption (CP-ABE), linear secret sharing schemes (LSSS),and counter (CTR) Mode Encryption. Our scheme firstly realizes fi-ne-grained access control and the function of separate revocation certain property of a user. Moreover, the data owner defines and performs data access control strategy rather than cloud server. This scheme avoids col-lusion attack and insures the security of data in untrusted cloud.