Research On Key Techniques Of Secure Outsourcing Services In Cloud Computing

Cloud computing,which brings revolutionary changes to many fields,provides powerful data computation and storage services for users.One of the most attractive benefits of cloud computing is the so-called outsourcing service,where the resource-constrained clients can outsource their complicated tasks to cloud servers and enjoy the high quality services in a pay-per-use manner.As a result,the development and maintenance costs of local hardware and software are reduced.However,the ownership and management of data are separated when data is outsourced to cloud servers.Thus,while obtaining the convenience of outsourcing services,the new security threats and challenges come out.Firstly,because of some reasons,such as economic benefits,technical operating errors,system attacks and so on,the cloud servers may dishonestly implement the computation,and return wrong results to users.Therefore,how to ensure the validity of the returned results is an urgent problem to solve.Secondly,due to the dishonesty of cloud servers,in order to protect the confidentiality,the data should be encrypted before outsourcing.However,due to the avalanche effect of encryption operations,it is infeasible compare with the ciphertexts.Thus,it is practical to study the comparable encryption techniques.Finally,in cloud computing,the stored data is usually encrypted,which leads to the difficulties of data retrieving.Due to the lack of a fine-grained access control mechanism,the existing searchable encryption technology,with which the efficient ciphertext retrieval can be achieved,may lead to data leakage.Hence,it is significant to study the retrieval schemes supporting fine-grained access control.To solve the above challenges,we study the key techniques of securely outsourcing services in cloud computing,mainly including: how to achieve the secure outsourcing computation of modular exponentiations,how to realize secure comparison of outsourced encrypted data,and how to achieve the secure retrieval over encrypted database.The main contributions are as follows.(1)We propose an improved outsourcing algorithm for secure outsourcing of modular exponentiations under the computation model of two non-colluding malicious cloud servers,and the logical split skill is improved.In the proposed algorithms,the modular exponentiations are hidden to the untrusted servers.In the computation process,the server cannot get any information about the inputs and outputs while the client can verify the result efficiently with high checkability.(Chapter 3,the main contribution is published in International Journal of Ad Hoc and Ubiquitous Computing(SCI))(2)We propose a new secure outsourcing algorithm of modular exponentiation under the single untrusted cloud server model.A new logical split method about modular exponentiation is put forward.The modular exponentiation is divided into several parts and some random values are kept for verification.The sensitive inputs and outputs are keeping privacy in the process of outsourcing.The computational burden of users is small,and the users can check the correctness of the computation results with high checkability.(Chapter 3,the main contribution is published in the 18 th International Conference on Network-Based Information Systems(EI))(3)We propose the first multi-user comparable encryption scheme,and design a novel token transformation technique.In our scheme,different ciphertexts encrypted by different keys can be compared with each other by using our new algorithm and token transformation method.In addition,users can easily verify the comparison results,and the value of the data will not be revealed.(Chapter 4,the main contribution is accepted by International Journal of High Performance Computing and Networking(EI))(4)We propose a fine-grained and searchable public key encryption scheme.Attributebased encryption is introduced to achieve the fine-grained access control of encrypted files.In this scheme,the files cannot be retrieved if the user is not permit to access the files,even if the files contain the required keywords.We improve the system model of searchable encryption by using two non-colluding cloud servers.The removed users cannot obtain the required files even if they collude with one of the servers.And the user can easily verify whether the returned results are all the files he/she required.(Chapter 5,the main contribution is accepted by Soft Computing(SCI))...