Research On Secure Data Outsourcing In Cloud Computing

With the advancement of information technology revolution and the growing demand for big data processing,companies or individuals can save huge labor costs and hardware investment with the help of cloud service providers.Data outsourcing services,as an important service provided in the cloud computing environment,are mainly used to outsource large amounts of local data to cloud servers.Data users can then access cloud data anytime,anywhere.Since that cloud service providers,data owners,and data users are not in a same trust domain,thus it may face many security issues,such as data confidentiality,data availability,access control of the user,and data integrity.Therefore,in this thesis,we study the popular data outsourcing system in recent years and discuss the several security aspects mentioned above.1)For protecting the confidentiality of data,we propose a secure and efficient database outsourcing protocol.Based on the general framework DBaaS(x,y),we design a secure and effective outsourcing protocol SecureDBS using order-preserving encryption.Compared with previous work,the protocol is simpler in concept and technology,and does not require a lot of encryption.Our protocol supports various SQL statements on the encrypted database,such as match queries,range queries,aggregate queries,inserting,deleting,and update operations.Finally,the security and effectiveness of the protocol are verified by theoretical and experimental analysis.2)For maintaining the searchability of data,we propose an efficient outsourcing retrieval scheme that not only allows data users to retrieve the data they want,but also solves the key leakage problem.We construct a forward-secure KFF-CKS(FS-KFF-CKS)scheme to implement the conjuective keyword search(CKS).In addition,we formally prove that the proposed FS-KFF-CKS is IND-CKA and is forward-secure under the random oracle model.Finally,we provide theoretical and experimental performance evaluations of the proposed FS-KFF-CKS and demonstrate that it is superior to other existing work in practical applications.3)For managing users to access the data,we propose a biometric-based encryption scheme based on the Mahalanobis distance as a measurement tool to determine whether two biometric information belong to the same user.Using the symmetry of the covariance matrix,we construct a vector transformation between Mahalanobis distance and inner product.We then first construct an inner product encryption(IPE)with short ciphertext.Employing the transformation,a provable secure DBE with short ciphertext is constructed based on the IPE.Our theoretical analysis of time,space and communication complexity shows that the proposed IPE,DBE and ODBE have advantages over existing work,and our extensive experimental results validate the theoretical analysis and prove the validity and efficiency of our scheme.4)For ensuring the data integrity,we propose a verifiable and effective auditing scheme.The salient faeature of the proposal is that we do not need a third-party auditor.The scheme verifies the correctness and completeness of the query results.It also supports flexible data dynamics and partial attribute retrieval,which saves a lot of communication overhead.More specifically,bilinear mapping is used to achieve correctness verification and support partial attribute retrieval.Finally,the effectiveness and efficient of the scheme are verified theoretically and experimentally.