Research On Security Protection Technology In Cloud Computing Data Life Cycle

With the gradual and deep development of cloud computing,more and more enterprises and individual users choose cloud platforms to store and manage a series of their own data.Meanwhile,the doubled growth of users who upload data and the continuous emergence of cloud service providers at all levels,the situation of data leakage has frequently occurred.In the process of data storage and data transmission,it is easy for data to be accessed and illegally stolen by unauthorized users.In the process of data destruction,data cannot be deterministically deleted after reaching the end of its useful life.Therefore,this article analyzes the security issues in the process of data storage,transmission and deletion of the cloud data life cycle,and then put forward corresponding measures to ensure the security of data in the entire life cycle of cloud computing.This article concludes the following areas directing data security research:Firstly,for the question that data is faced with malicious attacks in data transmission process,this paper proposes a scheme to apply the improved Kerberos authentication protocol between the client and the cloud server.On the one hand,aiming at the problem of low security of the symmetric encryption algorithm used in the Kerberos authentication process,this paper proposes a method of using RSA encryption technology instead of the symmetric encryption technology and combining with the RSA one-time encryption technology used in the storage process.On the other hand,the Kerberos authentication protocol is used between cloud users and cloud service providers to establish a secure connection and ensure the security of data during transmission.Secondly,in recent years,in response to the phenomenon that the data is frequently accessed illegally due to the key being cracked during storage,this paper proposes a trusted third party platform data security solution based on RSA encryption technology one-time encryption scheme.Use RSA one-time encryption technology to achieve dynamic changes of the key.The key is managed by the trusted third-party platform,it reduces the burden on the user to manage the key.Then,the simulation experiment was conducted to test the data security.According to the experimental data,this scheme can realize double protection for the key,and increase the workload of the user who wants to access the data illegally by cracking the key.It greatly reduces the possibility of decrypting the key and illegally accessing the data.Thirdly,in the cloud data life cycle process,the existing solution only deletes the key or the original data ciphertext of the data.The backup of the data ciphertext still remains in the cloud server.In this regard,this paper proposes a data deterministic deletion scheme based on the dynamic deletion of both fragmented ciphertext and fragmentation key.The essence of the scheme is to use the dynamic characteristics unique to the DHT network to delete fragmentation in a specific period of time.Theoretical analysis and experimental verification show that the proposed scheme can effectively delete partially fragmented ciphertext and keys,and has lower system overhead in performance,and invalid data and files that expire in cloud data storage systems.As well as the requirements for the deterministic deletion of backup data and files,this solution can be more effectively satisfied.