Research Of Data Integrity Verification Technology In Cloud Storage Environment

With the rapid development of cloud computing technology,the advent of cloud storage model makes it convenient for user to store and access data.More and more users are storing their data to Cloud Service Provider(CSP),while the integrity and usability of the data in cloud cannot be ensured.These outsourced data may be queried or modified by CSP or malicious users,and the security of data storage has been severely challenged.In order to deal with this problem,this paper mainly studies the data integrity verification technology in cloud storage environment from the perspective of client and cloud server.On the one hand,according to the problems of how to protect the integrity,availability and privacy of the user data in cloud server-side,a data integrity verification scheme based on multiple replica and a data integrity verification scheme based on geolocation location attribute are proposed in this paper.On the other hand,aiming at the problems of how to access and store data securely in client-side,a integrity verification scheme based on user shared data and a integrity verification scheme based on cross-user duplication are presented in this paper.Specifically,the main work and innovation of this paper are as follows:(1)Based on the properties of signature scheme of bilinear maps and multi-branch authentication tree,a data integrity verification scheme based on multiple-replica is presented.In this scheme,the cipher-text are processed by the random mask technology to guarantee data privacy,and the block tag authentication efficiency has been improved and the data can be updated dynamically by manipulating the multi-branch authentication tree.Moreover,in order to reduce the computational overhead effectively we introduce the batch auditing tasks for the data of multiple-replica simultaneously under the help of the third party auditor.Finally,analysis shows that this scheme is more efficient,and it can support data privacy and resist forgery attack,any adversary cannot pass through the integrity verification by forging user's valid signature.(2)Based on BLS signature technology and distance boundary protocol,a data integrity verification scheme based on geographical location attributes is proposed.This scheme adopts random mask technology to process replica data to enhance data privacy,and the distance boundary protocol is used to detect whether the user's data is stored in the geographic location which is declared by CSP.By utilizing BLS signature technology,the aggregation operation of signature information can be realized,which can support the batch audit of multi-replica data.The analysis shows that the scheme can resist the replay attack and forgery attack of adversary,and ensure the security of the user's privacy data.(3)A data integrity verification scheme for shared data of dynamic group user based on the attribute-based alterable threshold signature is proposed,the identity information parameters is introduced into the attribute private key for preventing collusion attacker who wants to forge signature through the combination of these keys.The proposed scheme supports authority revocation of group user and data dynamic operation with attribute-based authorization strategy.Analysis shows that the proposed scheme has better efficiency and the characteristics of unforgeability and resistance collusion attack based on the random oracle model.(4)A data integrity verification scheme for across-user deduplication on encrypted data based on the message-locked encryption mechanism is proposed.The proposed scheme has the characteristics of supporting privacy preserving,resisting forgery attack,public verifiability and cipher-text deduplication.To improve the verification efficiency and security,we implement secure deduplication to eliminate duplicated encrypted data by tag consistency estimate.This scheme promoted the method of the proof of ownership by utilizing the oblivious pseudorandom function protocol,and achieved cross-user deduplication of ciphertext.The analysis results show that the proposed scheme has better performance,which compared with state-of-the-art schemes.