Research And Implementation Of Cloud Disk System Based On Attribute Encryption

Cloud computing which is a new service model has caused the common concern of various areas, such as the industry area and academic area since it has been raised. Cloud computing aims to put the existing large amount of storage, computation and software resources together to be a large-scale virtual resource center. Cloud computing has brought great benefits, however, there are also lots of problems, the most prominent problem is the cloud data security. Once users store their data in the storage resource which is provided by cloud service provider, they can’t ensure the security of the data which stores in the cloud. Because cloud computing is a relatively open platform, the users can’t control the behavior of other cloud computer users and cloud service providers.The security problem of cloud computing is directly or indirectly related to data security problems. Data encryption which is a main Information Security Technology is an effective measure to protect the data security in the environment of cloud computing. The traditional encryption technology can solve the problem of data confidentiality very well, but it can’t solve the problem of data sharing. It will be useless if the data can’t be shared with others. Whether symmetric encryption or non-symmetric encryption the receiver must be confirmed during the communication. However, it is hard to be confirmed in the environment of cloud computing. Hence, the traditional encryption technology is not suitable for the environment of cloud computing. Attribute-Based Encryption which is a new encryption algorithm and has the characteristics of flexible and fine-grained access control, is very suitable for the situation of uncertain decipher. In the CP-ABE scheme, the cipher is associated with an access policy, and the key is related to an attribute set, the users can decrypt the encrypted message only if their attributes can meet the access policy. Therefore, the CP-ABE scheme is very suitable for cloud computing. The main work of this thesis includes the following aspects:(1) This thesis has a study on the attribute based encryption, and designs a sharing scheme of file in cloud disk with CP-ABE. In the scheme, the data is encrypted with the symmetric encryption, and the key which used to encrypt data is encrypted with the CP_ABE. Only the private key of the user can match the access structure of the cipher text, the decryption key of the cipher text can be obtained. In the process, the cloud service provider will not know any information about the decryption key and the access structure, which ensures the confidentiality of the data in the non-trusted domain.(2) In the sharing scheme of cloud disk, the user global identity is introduced when designs the access structure. It makes the sharing can not only for the user groups, but also can include the specific users, and realizes flexible and fine-grained sharing of files.(3) This thesis designs and realizes a cloud disk system, which simplifies the real cloud environment and aims at realizing some basic functions like file upload、download、share and so on. The file sharing takes advantage of the cloud disk sharing scheme proposed in the previous paper to achieve the fine-grained sharing of files. This thesis also analyzes the performance, data consistency and security of the cloud disk.