| As a new type of network computing model, cloud computing has obvious characteristics of large scale, high reliability, high scalability and on-demand services, can provide users high quality, low cost and on-demand services, which is called Cloud Storage. Apparently, cloud storage can meet the requirements for storage spaces of mass data. However, a series of security incidents indicates that cloud storage also brings some new risks and challenges for the realization of information security while brings great convenience to users. It is urgent to study how to ensure the data security in such a complex cloud environment. We expand our research concentrated on the following three aspects of data confidentiality, integrity and dynamic operation. The main innovations are as follows:Firstly, we compared the system architecture of cloud computing and cloud storage, and then analyzed the security challenges in data security protection. We focused on the analysis of the key technologies of data storage in cloud computing of encrypted access control and data integrity verification, which provides a theoretical and technical basis for the research work of the whole paper.Secondly, a secure framework of data storage based on multi-cloud architecture was proposed where the application interface layer, the management layer and the data storage layer are isolated in two different clouds. We introduced multi-cloud architecture strategy based on the general system structure of cloud storage. And then, we adopted the mixed encryption to encrypt the user's data and utilize the Shamir secret sharing algorithm to encrypt the secret key to ensure its security, so as further to guarantee the security of user's data and the framework.Thirdly, a multi-tenant data integrity verification scheme based on B+ tree was proposed.We took the advantages of B+ tree and H-MHT authentication structure and constructed the new Double-Tree verification structure, which include the indexing layer and the tenant layer. The indexing layer is a new node structure based on the B+ tree, which is conducive to fast search of multi-tenant data. The tenant layer is a collection of H-MHT trees where root nodes are the storage nodes, which can better support the dynamic operation of multi-tenant data.Fourthly, we focus on the problem of dynamic operation of integrity verification and convert the problem of dynamic operation into the problem of adjustment of H-MHT by introducing the theory of B+ tree and the Huffman tree and described the dynamic operation process in detail. We also added the frequency of the data into the scheme as a reference factor to shorten the average access time of data files and improve the efficiency of integrity verification.Finally, we utilized a simulation tool called CloudSim to simulate a real cloud environment by writing Java code. We achieved related simulation experiments which included the data file processing, the construction and accessing of MHT tree and H-MHT tree and the dynamic of data operations, so as to verify the feasibility and efficiency of the proposed scheme. |
PDF Full Text Request