| Cloud storage become popular due to its high efficiency?convenient and mass storage,but the unique environment of cloud storage let user lost absolute control power of data,security events emerging endlessly.We found data encryption is the mainstream way to solve the problem of data security.There are there locations to encrypt data: firstly,encrypt data in the client,this way can fully guarantee the security of data,but this way also causes huge burden to the client,and the powerful calculation ability of cloud service provider can't get use;secondly,encrypt data in the cloud,this way can use the great calculation ability of cloud service provider,but the user data may exposed to the cloud service provider;finally,some research programs proposed the idea of third party encryption,encrypt data through a third party server,just use the cloud service providers as mechanical hard disk.Aiming at the problem of encrypt data in the cloud is insecure,we present a scheme to protect the confidentiality of data for cloud storage users combine the characteristics of cloud environment virtualization.We constructed a enclosed computing environment by virtual machine isolation technique,improved RSA algorithm to change keys without having to produce large prime numbers,transfer data and keys through SSL and encrypted data in the enclosed computing environment before storing to the distributed file system.Encrypted data in enclosed computing environment,storage data in anywhere.Enclosed computing environment can prevent attacks from cloud administrators and malicious applications in the operating system.It also can guard against data leakage effectively.We deployed our scheme on OpenStack,an open source project,and testing performance.Compare and analysis with other related scheme.The result of experiment show that the data confidentiality get promoted through the change of storage structure and the performance loss is decreased consider to the other related scheme. |
PDF Full Text Request