| Nowadays,cloud computing technology has been developed rapidly,making more and more people regard it as a resource.Cloud computing can provide people on-demand self-service,and pay-for-use.As the amount of users increases,the amount of data in the cloud increases.Therefore,it is of great significance to reduce the amount of data that is duplicated in the cloud.Deduplication technology can delete data redundancy in the cloud to reduce storage costs.However,when data is stored in the cloud in plaintext,it is inevitable to reveal the privacy of the data.Therefore,we mainly study data to be encrypted.However,in practical applications,data to be encrypted still faces some new security issues.Firstly,when we use convergent encryption to encrypt data and put them to the cloud,the user does not keep a copy and lost control.As the cloud server is not completely trusted,the data on the cloud server may be damaged or not complete.Therefore,the security of data in the cloud is particularly important to the user.Secondly,since convergence encryption cannot satisfy fine-grained access control,we will achieve deduplication based on attribute encryption in this thesis.At the same time,it is necessary to study deduplication that support revocation and attribute encryption due to the loss of user keys or the user leaving the system.Aiming to tackle these problems,the main contributions of this paper are given as follows:1.This thesis proposed a secure and efficient cloud data deduplication scheme supporting dynamic data public auditing.Secure data deduplication,which can reduce the amount of storage cost in the cloud by eliminating duplicate data copies,has been widely used in industry and academia.Nevertheless,as the outsourced cloud storage server is not completely credible,it will cause the data destruction when the user puts the encrypted data in the cloud.Therefore,we propose a secure and efficient cloud data deduplication supporting dynamic data public auditing.Compared with the previous scheme,the proposed scheme uses a decision tree with a high performance in data equality testing,which reduces the time complexity of deduplication from linear to logarithmic over the whole data items in the database.In the process of auditing,the time of searching data blocks can be reduced from linear to logarithmic,and the dynamic operation of data blocks can also be supported.The security analysis shows that the new scheme is Path-PRV-CDA2,soundness and completeness.2.This thesis proposed a secure deduplication scheme supporting the revocation.In the new scheme,the data to be stored in encrypted forms with access control policies such that no one except users with attributes(or credentials)of specific forms can decrypt the encrypted data.In addition,we use a private cloud to modify a ciphertext over one access policy into ciphertext of the same plaintext but under other access policies without revealing the underlying plaintext.The public cloud can detect whether the data stored in the cloud is the same through the detection of tag.We consider the revoke of users and attributes,and greatly reduce the cost of the user's decryption.The security analysis shows that the proposed scheme is secure in the random oracle. |
PDF Full Text Request