| With the coming of information age, the amount of the Internet data increases exponentially. Traditional storage system can’t meet the present data storage needs, but the emergence of cloud storage gradually changes the situation.Cloud storage is a cloud computing system focused on data storage and management. Different from general storage systems, cloud storage data is stored in large server cluster distributively. Many Internet companies have provided cloud storage service to meet users’demands of large capacity storage and access to data anywhere. At the same time, cloud storage data security problem is also increasingly outstanding. With the continuous development of cloud storage technology, users put forward higher request for cloud storage security,of which data confidentiality protection has become increasingly important in the complex cloud environment.In this paper, a research is launched to the key technology of cloud storage security protection and existing security scheme for cloud storage,the result of which shows that encryption technology is the most important way to protect data confidentiality. A transparent encryption scheme is proposed in this paper based on the existing cloud storage system.In this scheme,the process of data encryption and key distribution is transferred to the local area, enabling the cloud to focus on the storage service, it reduces the burden of the server. After cloud storage system provides encryption service,data in a ciphertext form appears in the synchronization process and in the cloud, making data zero knowledge leaked to the cloud. In the cloud storage system of synchronization by increment,the cipher increments produced by encryption algorithm will affect the system performance of data synchronization. So in this scheme, different encryption strategies are formulated according to the document type, and incremental encryption algorithm is designed.Incremental encryption algorithm uses the principle of Content Defined Chunking(CDC), controlling the avalanche effect of AES algorithm in file block.When users modify plaintext,incremental encryption algorithm enables the ciphertext increment and plaintext increment positively correlated,thus improving the efficiency of cipher synchronization, which is especially important for synchronization in low bandwidth network environment.This scheme protects data confidentiality,and its advantage is the process of encryption, decryption and key management is transparent to users.A kind of hierarchy system is designed in this scheme,which enables the automation of key management. Hierarchy key management can accomplish key generation, key storage and key destruction without a third party, and the process is invisible to users, thus improving the usability of cloud storage system.This paper implements a transparent encryption scheme which can protect data confidentiality under the premise of the current cloud storage system without changing the architecture,and details the implementation of the core modules.At the end of the paper, a performance test is taken on the cloud storage system of transparent-based encryption. This paper analyze the performance of incremental encryption algorithm, the overhead of transparent encryption scheme, and the advantages of transparent encryption scheme in cloud storage system. The test results verify that the transparent encryption scheme used to protect cloud storage data confidentiality is feasible and efficient. |
PDF Full Text Request