Research On Cloud Storage Data Access Pattern Hiding Based On Oram

With the rapid development of the Internet of Things,various intelligent terminal devices that connect everything and people are generating massive data.If they are stored locally,storage and calculation will often bring unbearable costs to users.Users adopt cloud storage technology to access data remotely,not only can save a lot of money,but also can remotely operate their data at any time and any place,and enjoy the great convenience brought by cloud storage technology.However,doing so will lead to the user’s private data out of local control,so it will bring a series of data security and privacy protection problems.In order to protect the confidentiality of private data,users choose to encrypt their private data locally before uploading it to the cloud server.However,even if the user does this,the access pattern of the private data in the remote access process will still be leaked,and the sensitive information of the private data may be inferred by the attacker.Therefore,it is very necessary to hide the access pattern of cloud storage data in the process of remote access,which is an urgent problem to be solved in the development of cloud storage data security and privacy protection.This thesis is a study of cloud storage data access pattern hiding based on Oblivious Random Access Machine(ORAM),the main results obtained are as follows:1.We propose a range Oblivious Random Access Machine(rORAM)scheme with logarithmic bandwidth overhead.In order to batch process multiple logical contiguous target data blocks at once,rORAM has been proposed.There is an open question in this field:Is it possible to construct a rORAM scheme that has the same order of magnitude(i.e.,logarithmic)bandwidth overhead as the regular ORAM scheme?In order to solve this open question,our new constructed rORAM scheme is named L2-rORAM,and a universal superblock algorithm and an eviction algorithm for multiple logically consecutive blocks are designed.The combination of the two algorithms makes our scheme not only avoid the duplication of multiple blocks,but also avoid the unnecessary overhead caused by additional virtual access.Security analysis proves that L2-rORAM scheme achieves the security goal of rORAM,and performance analysis shows that L2-rORAM scheme has logarithmic bandwidth overhead.Experimental results show that L2-rORAM scheme is efficient.2.We propose a perfectly secure single-server ORAM scheme with logarithmic worst-case bandwidth overhead.To remove the negative effect of failure probability in ORAM,perfectly secure ORAM has been proposed.There is a question in this area:Is it possible to construct a perfectly secure single-server ORAM scheme with logarithmic worst-case bandwidth overhead?In order to solve this question,we design a dynamic remapping algorithm associated with variable scope and a dynamic balanced eviction algorithm in our constructed perfectly secure singleserver ORAM,LPS-ORAM.The combination of the two algorithms can not only ensure the statistical security of the ORAM scheme,but also avoid the root bucket of the binary tree storage structure from being full.Security analysis proves that LPS-ORAM scheme is perfectly secure,and performance analysis shows that LPS-ORAM scheme has logarithmic worst-case bandwidth overhead.Experimental results show that LPSORAM scheme is efficient.3.We propose a single-server WoORAM(Write-only ORAM,WoORAM)scheme with constant bandwidth overhead.In application scenarios such as data synchronization or backup in cloud storage,users only need to hide the access pattern of data write operations,so WoORAM has been proposed.There is a question in this area:Is it possible to construct a single-server WoORAM scheme with constant banddwidth overhead?In order to solve this question,in our constructed WoORAM scheme,CB-WoORAM,A special position map technique containing two layers of storage structure is designed,which are an array to store data blocks and a full binary tree to store the physical positions of data blocks.This technique can avoid the O(log N)multiplication factor in bandwidth overhead of the previous WoORAM schemes,where N is the total number of real data blocks outsourced by the user to the cloud storage server.Security analysis proves that CB-WoORAM scheme can hide the access pattern of data write operation,and performance analysis shows that CBWoORAM scheme has constant bandwidth overhead.Experimental results show that CB-WoORAM scheme is efficient.