Research On And Implementation Of The Data Creation Mechanism With Self-destruction In Cloud

With the rapid development of cloud computing, the majority of people put their attention on the cloud services. Users can easily and quickly obtain the required resources from cloud resources shared pool at any time or anywhere, also can easily store their own data in the cloud. Using the cloud computing services can not only reduce the cost savings, but also can increase the storage capacity.But the storage format, location and other information of the cloud data is unknown for users, cloud service providers in order to maintain the availability of data and service to make a data backup redundancy mechanism, which brings convenience to users, but at the same time, a trusted deleting problem emerges. After user deleted the cloud data, the residual data in the cloud may be used by illegal users, which is a serious threat to the security of sensitive data of users. Therefore we must have a comprehensive and effective solution to locate and destruct the data, ensure that cannot be restored and have a thorough destruction. How to ensure the security of user data has become a new challenge of this new era. In this paper, the main research content includes the following four aspects:1. Having a further study to the existing self-destruction mechanism of cloud data. The working principle of each mechanism is analyzed in detail, and we points out the advantages and disadvantages in it. In addition, combined with the existing mainstream self-destruction mechanism, we put forward a cloud data creation mechanism with supporting self-destruction. The mechanism includes a system model of the cloud data creating and a communication agreement.2. According to the security requirements of cloud data, we give a system model of the cloud data creation mechanism with supporting self-destruction. The system model involves the sender, recipient, cloud service providers and Certificate Authentication center CA. In the model, we put forward a series of processing, such as encryption,coupling and extraction, then the rest of the data and mix key data component(extracted cipher and key component) are stored to the cloud and DHT in the network. After extracting, the cloud storage data is incomplete. Within the time stamp, the receiver obtained the data form cloud and the DHT network to decrypt the data. After a time stamp, all documents copies are expired, the information in the DHT network is automatically destroyed. Even the sender cannot decrypt the data. This system model realizes that users can control the cloud data.3. The integrity verification of cloud data is studied. We design the cloud data creation agreement. In the agreement, the digital certificate authentication center CA is introduced. Before creating the cloud data, both communication sides authenticate each other. After that, the sender sends the data to the cloud platform. In the process of communication, making a signature and encryption operations can ensure the integrity,confidentiality, and non-repudiation of the cloud data. And the random is added in the data to resistant the replay attack.4. Building a test cloud platform which is based on the Hadoop and prototype system to realize the client and cloud platform to communicate with each other, and this paper gives a simulation test. Finally, the security of the cloud data creation mechanism with supporting self-destruction is analyzed in detail.