| Cloud computing technology is the development and evolution of the concepts of distributed computing,parallel computing and grid computing,which enables users to achieve fast,convenient and flexible access to endless computing and storage resources on the cloud platform in a pay-as-you-go manner.Since the users' data is outsourced to cloud servers,users can avoid the excessive overhead of hardware and software deployment and management.This brings great convenience to people's life.However,with the explosion in the number of users and the explosive growth of data,this data puts heavy pressures on cloud servers.Data deduplication technology can reduce the burden of storage and management of cloud servers by deleting redundant data and keeping only one copy of them.However,cloud servers are often assumed to be not fully trusted.They may try to analyze users' outsourced data and obtain sensitive information.To protect the privacy of their sensitive data,users generally encrypt their data by using an encryption algorithm before outsourcing them to cloud servers.Users encrypt the same data with their private keys and the keys are chosen randomly such that the same data is encrypted into different ciphertexts.Therefore,cloud servers cannot check whether two ciphertexts are encrypted by the same data,and the deduplication of encrypted data cannot be achieved.Although some deduplication schemes based on convergence encryption and message-locked encryption can support deduplication of encrypted data,the existing data deduplication technology still faces some security challenges.Firstly,users are frequently added and revoked in the cloud computing environment.How to achieve secure dynamic user management has become one of the challenges that need to be solved.Secondly,the existing data deduplication schemes inevitably spend a large number of computing resources in re-encryption.How to achieve efficient re-encryption has become one of the problems that need to be faced.Thirdly,to obtain additional financial benefits,cloud servers may delete data that users rarely access after the data is deduplicated.How to verify the integrity of outsourced data and achieve fair arbitration of audit results has become one of the challenges that need to be considered.Finally,users may outsource multiple replications of a file to ensure data recoverability.How to achieve efficient verification and fault localization of auditing results has become one of the problems that need to be addressed.In this dissertation,we mainly focus on the key issues of secure data deduplication in the cloud environment.The main study contents include:(1)how to design a secure data dedu-plication scheme that supports dynamic user updates;(2)how to realize secure data deduplication storage that supports efficient re-encryption;(3)how to design a data auditing and secure deduplication scheme with fair arbitration;(4)how to realize a proof of replication scheme with batch verification and fault localization.Specifically,the main contribution of this dissertation includes the following four aspects:1.We study the problem of dynamic user update of data deduplication in cloud computing and propose a secure data deduplication scheme with dynamic user management to support dynamic user joining and secure user revocation.Compared with the existing schemes,our scheme does not need to find a trusted third party,which will help the deployment and implementation of the data deduplication.To further mitigate the communication overhead,we propose an access control method by verifying whether the user owns decryption capability before downloading the data.This method ensures that the ciphertext can only be downloaded by the user who owns decryption capability.This makes the cloud server to avoid consuming unnecessary communication overhead.(Chapter 3)2.We study the problem of re-encryption of data deduplication in cloud computing.Based on the Bloom filter and convergent all-or-nothing transform(CAONT),we propose a secure data deduplication scheme with efficient re-encryption.Due to the intrinsic property of CAONT,users no longer need to re-encrypt the entire data but only a small part of it.Compared with the traditional re-encryption schemes,our scheme dramatically improves the efficiency of re-encryption and effectively ensures the security of users' sensitive data.(Chapter 4)3.We study the problem of combining data deduplication and data auditing in outsourced storage.By using the blockchain and smart contract,we propose a data auditing and secure deduplication scheme with fair arbitration.This scheme can simultaneously support data deduplication and integrity auditing,which allows users to verify the integrity of their outsourced data probabilistically without downloading entire data.By using a smart contract,our scheme also supports data auditing without any third parties.In addition,when the cloud server destroys the users' data integrity,our scheme supports automatic penalization to the malicious cloud server and compensates users whose data integrity is damaged.(Chapter 5)4.We study the problem of batch verification and fast fault localization in proof of replication.By using incompressible encoding and public data auditing,we propose a verifiable proof of replication scheme with fast fault localization and high efficiency.To quickly locate the fault replication when the batch verification fails,we propose a reversed signature aggregation tree(Rev-tree).By using the Rev-tree,our scheme can quickly find the fault replication and achieve efficient verification for correct replications.Compared with the traditional proof of replication schemes,our scheme can greatly improve the efficiency of verification of proofs of replicated storage.(Chapter 6)... |
PDF Full Text Request