Research On Key Technologies On Data Cloud Storage Protection

By outsourcing data to cloud storage,individual and enterprises as data owners,are able to enjoy powerful and flexible cloud computing services with Internet access.While it comes with convenience,cloud storage also brings about secure challenges,especially integrity of data storage.Cloud data integrity auditing schemes as critical technologies,could address this security concern by performing remote data integrity checking efficiently.In this dissertation,we focus on secure cloud storage data integrity auditing technologies.The contributions are summarized in the following.Firstly,for dynamic data replica integrity auditing,we figure out that Yu et al.'s scheme is vulnerable to recovering data owner's private key by malicious cloud and thus forging data tags.The security risk is presented with a brief attack experiment.Therefore,we propose a secure identity-based dynamic data replica cloud storage integrity auditing scheme,without complicated managing certificates of public keys.We design formalized defined security model,and prove that our scheme is secure under random oracle model.It could resist private key recovering,tag forging and incomplete data replica to pass auditing attacks.Compared with a public key certificate-based scheme,the analysis and simulation demonstrate better performance of our scheme with respect to data replica updating and auditing.Secondly,for data integrity auditing of multiple data owners on multiple clouds,theoretical analysis and experiment demonstrate that an integrity auditing scheme designed by Zhou et al.suffers from security flaws of passing auditing with modified data,recovering data owners' private keys and forging tags.In order to improve security,we propose a secure identity-based multiple data owners and multiple clouds data integrity auditing scheme,eliminating management of public key certificates.By defining formalized security model,we could prove security of our scheme is under random oracle model with computational hard problem assumption.Not only immune to attacks mentioned above,our scheme also performs with better efficiency in theoretical analysis and simulation,compared with a secure identity-based auditing scheme for multiple clouds storage on a single owner's effort.Thirdly,for cloud data integrity auditing with proxy processing,we show in the analysis and experiment that Yu et al.'s scheme might have proxy's private key recovered by malicious cloud and leave incorrect data pass through auditing.So wedesign a secure identity-based multiple data owners and multiple clouds data integrity auditing scheme with proxy processing.Our scheme is free of complicated public key certificates management issue and those attacks above.The security could be proved under random oracle model with formal security model.Within theoretical analysis and simulation,our scheme has advantages in efficiency over a secure auditing scheme with proxy processing for single owner on single cloud.Fourthly,we propose the first identity-based accountable storage scheme.When it comes to rejection in integrity auditing,accountable storage allows data owner to provably retrieve accurate data loss,in order to claim compensation.By defining formal security model,we could prove that our scheme is secure under random oracle model.Compared with certificate-based accountable storage scheme,the complexity of tag verification in our scheme is decreased,as well as the local storage,computation and communication overheads for recovering data loss.Not only efficiently achieving accurate and provable accountable storage,our scheme is also free of managing certificate of public key.Fifthly,we propose an outsourcing location-based service data integrity auditing protocol for securely finding group meeting place.Compared with existing solutions,our protocol allows integrity auditing for outsourcing location-based database,and self-organized group authentic communication.Not only protecting individual privacy for location and preference against other entities inside and outside group,our scheme also enables independently authenticating integrity of outsourcing query answers,and efficiently assures reliable group meeting place finding.