Research And Implementation Of Secure Data Management System Based On Cloud

With the development of cloud storage, people change the original way of data storage. There are more and more private data stored in the cloud system. However, in most cases, software systems, network equipments or hardware devices that the cloud service providers rely on are beyond the scope of users’trust. How to ensure the confidentiality of users1data becomes a problem to be solved. In order to meet the needs of users1secure data storage, the cloud service providers not only provide basic ciphertext storage service and indexing techniques, but also need fine-grained access control to restrict users’access to the data. Therefore, the service providers need to provide comprehensive data storage and management service.In this paper, we first research the present security technology in cloud computing and put the main emphasis on access control strategy of the cloud system and ciphertext storage technology in the database. We propose a cloud-based security model of dada management system from the aspects of data storage and access control policy to effectively guarantee the confidentiality and integrity of the cloud data.The concrete research work in this paper includes the following parts:To solve the problem of access control in DAS model, we first propose a attribute-based access control policy to provide fine-grained control for flexible data. Second, by creating access control matrix we establish a attribute-based data access policy. The system determines the users’ access rights to the resource through the access control matrix and takes advantage of attribute-based encryption to ensure that legitimate users can obtain the legitimate resources. Finally, we use XACML to describe the access control policy and make the policy effectively interact with the security protocols in the cloud system. In order to make effective ciphertext index in the database, this paper presents a basic set of metadata model for generating the index code of the ciphertext. On this basis, we propose a ciphertext storage model in the database and ciphertext index code generation algorithm according to the structure of relational database. The algorithm encodes the sensitive data on the basic set of metadata and the system stores the corresponding ciphertext index code.For the database ciphertext query in DAS model, we propose a ciphertext query algorithm based on filtering. In the data query process, the algorithm first generates the ciphertext index code according to users’input and transforms the plaintext of query statement into ciphertext for filtering to help the database server complete ciphertext-only queries tasks. After initial ciphertext filtering, the algorithm decrypts the corresponding ciphertext and makes a second query according to the plaintext query to obtain accurate plaintext.Finally, we use the ciphertext storage model and attribute-based access control policy to design and implement a database management system based on DAS model to meet the practical application needs of a national testing agency. We verify the feasibility and reliability of the access control policy. Besides, we calculate the filtration rate, detection rate and execution time of the ciphertext query algorithm to prove the efficiency of the storage and query algorithms.