Study On Self-destruction Mechanism For Multi-Security-Level Document In Cloud Environment

As the most important technology innovation in recent IT industry, cloud computing is of many advantages, such as convenience, low price, powerful computing capability and unlimited extensible space, etc., which completely free enterprises from burdensome infrastructure pursuit, management and maintenance. As a new business model, cloud computing has great development prospects, but it also faces many challenges like interaction between services and user terminals, combination and collaboration among various services, which data medium should be used in information dissemination and sharing and which mechanism could ensure the safety of cloud data. These have become huge obstacles in the development and popularization of cloud computing. Structured document and composite document, as emerging cloud data forms, just meet various requirements for data carrier in cloud environment; therefore, they are of wide application value. However, effective and unified structured document and composite document model lack in cloud environment, so does classified safety protection mechanism for sensitive document data and safety protection mechanism for private information of full document life cycle. Therefore, it’s significant to study structured and composite document model and safe access and destruction mechanisms in cloud environment. About the establishment of hierarchical safety access mechanism for multilevel safety document:the paper starts from analyzing defects and shortcomings of traditional electronic medical record documentation system, then present an improved scheme based on cloud computing services. It also analyzes the "dynamic" characteristics of structured document, presents a standard document model to meet them and combines a multilevel safety idea and a mandatory access control mechanism model to achieve hierarchical safety access to structured document elements. In the end, based on the model, combining with structured document elements relationship and multilevel safety idea, a composite document model is constructed. Because composite document interacts among multiple users in different safety domains, the paper proposes an access mechanism based on Identity-Based Encryption (IBE). About the establishment of self-destruct mechanism after multilevel safety document expires:to solve the problem that sensitive information of composite document stored in cloud could easily be under malicious attacks, a self-destruct scheme of multilevel safety protection for composite document based on IBE is designed. First, using hierarchical key derivation tree model to manage encryption keys, this greatly reduces the number of symmetric encryption key that should be managed and maintained by administrators and users. Without increasing system management and storage burden, it greatly improves the fine grain of document access. Second, using symmetric encryption to plaintext encrypts multilevel safety document elements to acquire cipher text and using extraction algorithm to decompose it into extraction cipher text and encapsulation cipher text. Then, using IBE encryption algorithm to encrypt the corresponding minimum key tree set according to user’s ID to acquire key cipher text; converting extraction cipher text and key cipher text into hybrid key component via Shamir before distributing it to DHT net; and encapsulation cipher text is encapsulated via encapsulation function as the object of composite document self-destruction. In the end, when it exceeds the life cycle of composite document, DHT net will automatically discard the hybrid key components stored in its node, stopping the original document from restoring itself and make it self-destructed.Comprehensive analysis shows that CDSS scheme not only meets safety requirement of composite document and fine-grained access control requirement in document life cycle, but also safely destructs itself after the cycle expires. During the full life cycle of composite document, the scheme could resist cryptanalysis and brute-force attack targeting at the encapsulation object as well as sniffing and hopping attack targeting at DHT net.