Research On The Cloud And Client Fusion Based User's Data Security Technology In Cloud Storage

Storing data in the cloud is a trend of cloud computing,and we can get many advantages in centralizing data in the cloud and managing it in a professional way,such as security,cost-reduced,good extensibility and so on.But it also brings in some problems,for example,the data may be lost for the mismanagement of the cloud,and the administrator may peep user data.The cloud storage is transparent,so it is difficult for user to know the security technologies used to protect the data and whether they are correct or not.Protecting the data only based on the cloud is not convincing enough,achieving the protection of the user data based on the client is particularly important.This paper aims at the user data protection in the cloud storage,describing how to protect the data in the cloud based on client,devoting to solve the problems of data integrity,the security of searchable encryption and the correctness of the result of the searchable encryption.(1)Security Framework based on the integration of cloud and clientProtecting the user data of the cloud entirely based on the cloud or client has some problems that give the client a heavy burden and increase the cost of some security protection technology.To solve these problems,the security framework based on the integration of cloud and client is proposed.That is,the cloud cooperate with the client each other to achieve the protection for user data in the cloud.The cloud will be responsible for protecting the security of the user data in the cloud,meanwhile the client will be responsible for verifying and proving the data safety.By this way,it can not only reduce the burden on the client,but also can make the client have some control on the security of the cloud data.(2)Non-reputation based data integrity protection technologyThe current research about the protection of user data in cloud storage mainly concentrated in the remote data integrity verification and error correction coding based on multi-cloud.Relying on the client completely,these technologies make the client a heavy burden.The cloud has a responsibility to protect the user data.So,the non-reputation of storing procedure is important to protect user data.Designing a complete non-reputation protocol for data uploading,downloading,updating and deleting can ensure that user and cloud cannot repudiate the operation on data.The protocol has a defect that cloud must assure the file is deleted forever.To solve this problem,this paper proposes a proof merging algorithm based on directory deleting proof.It can keep the number of file delete proof within limits.In the last,it proposes a block and increment based proof update technology to reduce the computing complex and communication overhead when the file update frequently.(3)AONE and secret sharing based full text searchable encryption technologyThe existing searchable encryption technologies seldom focus on the security of the encryption.Searchable encryption against the full text has some security problems because of its searchable characteristics.This paper researches on the security of the searchable encryption.First,it proposes an AONE based searchable encryption.Through dividing each ciphertext word into searchable part and unsearchable part,and encrypting the unsearchable parts sequence with the AONE algorithm,it can improve the security of the encryption.At the same time,it analyzes the error probability of the search result caused by this method and finds the threshold of the unsearchable part length in the specified conditions.It can make the error probability low enough.Second,it proposes a secret sharing based on searchable encryption.It solves some security problems of the AONE based on some method such as the frequency characteristic of the cipher text words.In the last,it proposes an AONE and secret sharing based searchable encryption to solve the security problem when degenerating to the normal searchable encryption.Through dividing each ciphertext word into searchable part and unsearchable part and encrypting the search part with the AONE algorithm,the attacker will face an AONE based method even if it has got the full data.(4)Function redundant decomposition based on searching result-proved technologyWhen user uses the searchable encryption,he concerns on whether the search result is correct.The current verifiable computing is difficult to distinguish it for the huge cost.There is only one paper focusing on the index searchable encryption not the full text searchable encryption in the search result verification of searchable encryption field.This paper researches on the result-proved technology of searchable encryption.First,it proposes a verifiable computing model which based on the computation redundant decomposition.Through dividing the computation into some subfunctions with redundancy,there will be some constraint condition among these subfunctions which can be used to verify the correctness of the result.Based on this model,it finds the verifiable searchable encryption technology based on secret sharing.It can verify the correctness of the result and locate the errors.Against the problem of privacy leaking in the third party verification,it designs a secret sharing algorithm that encryption and redundant are separation.In the last,it uses the AONE to solve the problem when all pieces of secret are interceptedby the attacker.