Research And Design Of Cloud Storage System For User Data Security

With the rapid development of the information age,more and more users tend to store massive amounts of data in the cloud anytime and anywhere on demand.However,the survey shows that individuals or businesses have concerns in the use of cloud storage products,and more than 75% of users believe that "data security and privacy" is the biggest concern when using cloud storage products.Facing such contradiction,this paper studies and designs a cloud storage system for user data security,aiming to provide users with an massive,secure,highly reliable,user-friendly cloud storage center,which supports dynamic storage and processing capacity expansion.Firstly,this paper analyzes the development prospect and current situation of cloud storage,discusses the shortcomings of existing cloud storage products,and leads to the research significance of our work.Secondly,it introduces some core technologies used in the design of the system,points out some key problems that need to be solved by the demand analysis,and then describes the architecture and modules of the system by outline.The core of this article is the key management strategy and back-end storage extension.The key management adopts a hierarchical strategy: the first layer is the password key;the second layer is the master key and the public/private key pair;the third layer is the file key.Each user has a unique set of keys,and adopts the strategy in which upper layer encrypts the lower layer to protect user data security and privacy.Specifically,file key encrypts file,master key encrypts file key,password key encrypts master key,and public/private key pair is used for secret sharing.The master key,private key,and file key are stored in the cloud in the form of cipher texts,the key is generated and stored when the user perform registration,and is utilized when the file is uploaded,downloaded,and shared.With regard to back-end storage,the goal is to provide massive,secure,highly reliable storage service while meeting the flexibility of storage capacity and processing capabilities.Our system has studied and designed two schemes: one follows mainstream cloud storage products,such as Baidu cloud,invisible cloud,which use HDFS cluster to build storage server,and the other uses Fuse technology to develop the user state file system,in which the actual file operations will be transferred to Ali cloud OSS server,making the mainstream cloud storage service as a third party storage.At the end of the paper is the system deployment and testing part.The deployment includes a Web server,a back-end storage server,and a backup server,and the tests include module functional testing and performance testing with existing cloud storage products.Test results show that the module function is normal and the back-end storage supports single-node expansion and cluster node expansion.We can verify that,the user data is indeed stored in the server as cipher text.As far as the performance is concerned,compared with Baidu cloud and invisible cloud,the speed of upload and download is a little slower,but acceptable when taking the encryption and decryption time-consuming for data security into account.