Research On Key Issues Of Secure Data Storage In Cloud Environment

Outsourcing storage is a convenient data management service provided by cloud platforms for network users,which has the advantages of flexible data access and space configuration.To relieve data maintenance pressure on local storage,users outsource personal data to cloud platforms for storage.However,outsourcing means that users lose physical control over their private data.In this case,audit protocols for data integrity are employed to determine whether the outsourced data are stored intact on untrustworthy cloud servers.To verify the integrity of data,a user or third-party auditor periodically sends a challenge message to the cloud server and then verifies the proof information contained in the feedback.Besides,users need to ensure the availability of data when outsourcing storage.That is,through interactions with the cloud server,users can complete operations such as secure access,keyword retrieval,and real-time updates.In the context of the abovementioned cloud storage,we investigated the integrity audit,multi-keyword retrieval,remote update and secure access of outsourced data in the cloud environment.The specifics of this dissertation include the following:?.Research on public audits and update of outsourced data in cloud storage(i)We proposed a lightweight public auditing scheme.First,we analyzed the problem of high computational overhead in the existing public auditing schemes and discussed the status quo that integrity audits cannot provide trusted remote computing.Then,the software guard extension(SGX)and smart contract technique were used to construct a public auditing scheme,named LPASS.LPASS enhances the reliability of audits and the fair payment of cloud storage.The enclave in SGX,as a third party,provides a trusted hardware environment for an audit procedure so that the user is no longer required to rely on a third-party auditor to perform public audits.The audit method based on a Merkle hash tree reduces the computational overhead and storage space of public auditing.Finally,we implemented the audit procedure and the smart contract in LPASS and showed the security and efficiency of the audit.(ii)We proposed a possession checking and updating scheme for distributed cloud storage based on a consortium blockchain.The scheme first identified the lack of an accountability mechanism in existing data outsourcing systems and then analyzed the current situation in which the data outsourcing market cannot be managed in a unified and effective manner.Then,a data outsourcing application system,named POT,was constructed by combining data possession checking technology and a consortium blockchain.The data possession checking and updating scheme,named DPCU,provides a data integrity guarantee and update function for the system.In POT,participants generate transactions in real time to record operations on outsourced data and build a consortium blockchain to uniformly manage transactions in the market.POT lays the foundation for establishing an accountability mechanism for the system and helps to improve the transparency and credibility of the market.(iii)We proposed a public auditing scheme that resists malicious auditors.First,the scheme lists various attacks common to malicious auditors in existing public auditing schemes.We then constructed a public auditing scheme based on blockchain technology,called IBPA.IBPA supports the accuracy and traceability of the audit.In IBPA,the auditor selected challenged data blocks based on a random number from the Bitcoin system and broadcasts the audit results in the blockchain network.Finally,the scheme was shown to be efficient in execution and secure under the random oracle model.?.Research on private audits and the retrieval of outsourced data in distributed cloud storageWe proposed a private auditing and multi-keyword retrieval scheme for distributed cloud storage based on smart contracts.First,we discussed the single point failure problem in the outsourced storage service provided by a single cloud server and discussed the current issue in which the encryption process of outsourced data increases the difficulty of retrieval.Then,based on a peer-to-peer network architecture,a private auditing scheme in a distributed cloud environment,called DStore~*,was built.DStore~* provides data owners with a flexible and low-cost outsourcing storage mode.DStore~* adopts the salted-challenge audit method to reduce the computational cost from the level of the public key cryptographic protocol to the level of the hash operation(calculation of root value).Finally,the scheme was to be resistant to malicious behavior,such as the data storage side only storing hash values of the data blocks to deceive the data owner.?.Research on secure access to private data in the cloud environmentWe proposed a secure access scheme for private data based on a private blockchain.Taking the smart home environment as the background,the scheme first analyzed the many security issues in a smart home system,such as illegal access,tampering of access records,and lack of time sensitivity in the access records.Then,through combining access control and blockchain technology,a secure access scheme PBAC was constructed.PBAC provides access control and access to records regarding content and time for external visitors.In PBAC,signcryption messages related to access during the interaction process are generated for a home administrator and visitors and are written into the private blockchain,which can enhance the supervisability of access behavior while providing evidence of accountability to visitors in the smart home system.