| The rapid development of Internet technology promotes the rise and popularity of cloud computing,which enables centralized configuration and management of resources via providing dynamic allocation of computing and resources as a service.This result in a significant decrease cost of operation,and improves system's reliability,expansibility and stability.NoSQL database is such designed as high availability and high scalability for huge amounts of data that is widely used in the field of cloud computing.Data stored in cloud will be more compromised due to system vulnerabilities or other human factors.Furthermore,access control is no longer credible because of data owners not in full control of their outsource data stored by cloud service providers.Therefore,data confidentiality protection and efficient access control on ciphertexts in cloud computing is the key issues to be addressed at present during the development of cloud storage and database security technology.This paper presents two aspects of security protection technology on cloud-oriented database.First,preserving data confidentiality by encrypting the data at rest and,meanwhile,allowing databases and other applications to process queries over encrypted data efficiently;second,providing flexible access control on encrypted data so that data can be shared among multi-user that is authorized.The main work and innovations of this paper are as follows:Analyzing the key technologies of cloud-oriented NoSQL database.Research into the features and design models NoSQL database,focusing on security mechanisms and deficiency in MongoDB.Proposing technology of processing queries over encrypted data.Designing order-preserving encryption scheme where the sort order of ciphertexts matches the sort order of the corresponding plaintexts,so that databases and applications can process range queries over encrypted data efficiently.Besides,this paper proposes and design a scenario of quick keyword search on ciphertexts using Lucene,a full-text search library,building inverted index of keywords and documents.Studying and proposing access control technology based on attribute-based encryption,data owner can generate and distribute private key associated with user's attributes for different users.In turn,by authorizing users to different keys that encrypt data,applications can efficiently process access control on ciphertexts.Finally,this paper designs and implements an encryption database using MongoDB as the prototype database.The system is then comprehensively evaluated.It shows that the system effectively meets the desire of preserving the confidentiality of data and effective query performance. |
PDF Full Text Request