Research On Secure Storage Mechanisms For Big Data Based On Cloud Computing

Recently, the rapid development of information technology has been bringing an unprecedented revolution to human life. Among all the new information technologies, cloud computing and big data are typical representatives, there is a close relationship between them: the framework of cloud computing provides the basic platform of information storage and data mining process for big data, big data technology promotes the rapid development and improvement of cloud computing. However, the security problem involved in each phase of the whole chain of big data based on cloud computing becomes more and more highlighted. In this thesis, we do the further researches on the secure storage mechanisms for big data based on cloud computing from three aspects, which are the integrity auditing of big data, the secure retrieve of big data, and the secure sharing of big data. The main contributions of this thesis are as following:First, in this thesis, we propose an integrity auditing scheme, which is named ASA. We extend the existing Merkle Hash Tree to the indexed Merkle Hash Tree (IMHT), and utilize the bilinear paring to construct the cryptography and authentication processes of big data information, thus protecting the privacy of big data, supporting the public auditing and dynamic big data update, resisting the forged and replay attack, ensuring the integrity and validity when the legal users are using the big data files. Compared with other schemes, our scheme has a better security and a fine performance through the performance analysis.Then, we propose a threshold retrieve scheme of big data based on multi-replicas, which is named TB-MPA. We extend the self-designed IMHT to Extended-IMHT, construct multiple-replicas of big data files with Lagrange interpolation polynomial, and store these multiple-replicas on the different cloud storage servers according to the Extended-IMHT structure. Our scheme can quantify the number of the big data file replicas which are correctly stored on the cloud storage servers, locate the position of the error data blocks, and then guide the user to conduct the threshold retrieve which is similar to Shamir private sharing. Compared with other schemes, our scheme has a better security and a fine performance through the performance analysis.Finally, we propose a secure sharing scheme of big data based on VLR group signature, which is named SDBD-PAA. We utilize the ideas of revocation list and VLR (Verifier-Local Revocation) group signature to support secure and efficient user revocation, resist the collusion attack between the revocatory user and cloud servers, and utilize the homomorphic tag to verify the integrity of shared big data of group. Our scheme can not only protect the identity privacy of group users and the information privacy of big data, but also support the data update by any legal users independently. In addition, our scheme can solve the key dependence problem and resist the illegal attack of group manager, thus strengthening the security of the scheme. Compared with other schemes, our scheme has a better security and a fine performance through the performance analysis.