Research On Data Privacy Protection And Integrity Audit Methods In Cloud Environment

The data outsourcing service mode in the cloud environment is being more and more widely used.When providing services for tenants,cloud storage technology also leads to a great threat to the privacy security of tenants' outsourcing data for the complexity of its own architecture,which brings a great challenge to the information security management in the cloud environment.Tenants store its data in the cloud server providers(CSPs),who are not completely trusted and hence cannot reliably protect the security of tenants' data.It is possible to tamper with and delete tenants' data for CSPs.In addition,third-party auditor(TPA)or malicious attack by unauthorized tenants may also plagiarize or disclose the privacy data of tenants,which results in incomplete or damaged data.In view of this,this paper mainly focuses on the information security management methods in the cloud environment,and the privacy protection as well as integrity auditing methods of outsourcing data,which will provide effective solutions for tenants' outsourcing data privacy protection and integrity auditing.The research results have obvious theoretical value and practical significance to ensure the information security management in the cloud environment.The main contents of this paper are as follows:(1)In view of the risk of tampering with or leaking data privacy in the process of managing outsourcing data through CSPs,this paper studies and proposes privacy protection methods based on data coloring,and data block obfuscation,respectively,and an access control technology for privacy data security.The proposed method of selecting the dyeing position based on chaotic sequence and the cloud similarity measurement algorithm based on arithmetic average as well as minimum paste progress can efficiently dye,detect the color and judge the similarity of data.By using the method of data block confusion,and then combining it with the constraints of tenants,data block can be vertically processed.The way of storing data after matrix confusion improves the security of data storage isolation.A multiple-tenant access control model for authorization management is also proposed,which is based on clustering idea and cipher-text policy attribute-based encryption(CP-ABE).As a result,it realizes fine-grained authorization access control management on roles,which further enhances the security of data storage and reduces the complexity of algorithm.(2)A muti-copy integrity auditing technique supporting the dynamic update of data is proposed based on the data possession verification model.This method uses signature algorithm to achieve muti-copy auditing and thus avoids the interaction between CSP and TPA.Using random mask technology to prevent collusion attack upon CSPs,it additionally supports efficient dynamic operation.Moreover,the security analysis on data block deletion and cloud server forgery responses is also performed.Finally,the experimental results show that this method has obvious advantages in terms of the costs on communication,storage,computing and some other aspects.The proposed method improves the efficiency of data storage and security verification.(3)This paper proposes an integrity auditing method supporting dynamic data update and privacy protection in cloud environment.In the initialization phase,the hierarchical muti-branch data structure is constructed to realize dynamic update of data with fine grained granularity.In the process of generating evidences,the random mask technology is used to hide tenants' information,which prevents TPA from stealing tenants' data privacy when verifying.The security analysis of data correct storage,data privacy protection,forgery attack and replaying attack as well as the experimental analysis shows that this method reduces the time cost of auditing and dynamic update and hence improves the efficiency compared with the existing methods.(4)In order to further reduce the verification and computing costs of TPA,this paper introduces hash-based message authentication code(HMAC)and indistinguishable obfuscation(IO)technologies in the auditing process.Tenants generate obfuscation auditing procedures based on the HMAC and IO technologies.CSPs execute obfuscation procedures to output HMAC tags.TPA checks the integrity of data by verifying HMAC tags.Security analysis and experimental verification show that this method can not only improve the efficiency of TPA but also resist external attacks.The research results of this paper have theoretical value and practical significance for the in-depth research on the privacy protection method of outsourcing data and the integrity audit method of data dynamic update in the cloud environment,and for the security control and effective use of data information in the cloud environment.In addition,it also has obvious academic value and realistic significations for the seamless combination of outsourcing storage service and security technology in the cloud environment,and for promoting information security exchange,knowledge sharing and effective information management.