Research On Data Secure Deduplication And Integrity Auditing In Cloud Storage

With the rapid development of cloud computing,more and more enterprises and individuals trend to store their massive data in the cloud,thus eliminating the heavy burden of data maintenance management and achieving more convenient access.As the cloud service provider is not fully trusted,the accidents involving software or hardware in cloud servers may cause damage of the users' data,which might be concealed by the cloud servers deliberately for its reputation.What's worse,the cloud servers may maliciously delete the rarely accessed data for saving storage space.Data auditing can timely detect and restrict the malicious behaviors of the cloud servers,therefore it can improve the quality of cloud services.Meanwhile the redundant storage of large amount of data causes the huge waste of cloud storage resources,the data deduplication technique can make the same data keep only one physical copy,which can effectively eliminate data redundancy and realize efficient storage.This paper researches on data secure deduplication and integrity auditing in cloud storage,our main work could summarized as follows:1.We propose a data-ownership based secure deduplication scheme in cloud storage.For data deduplication,convergent encryption has been widely used for security deduplication system,to enhance the security of convergent encryption,it adopts the method that users interact with a third party to generate the convergent key,which ensures the security of the data in case of the predicted plaintext space,but with the users and data increase,how to safely and efficiently manage so many convergent keys becomes the main problem in data deduplication.In this paper we proposed a convergent key sharing method based on the data ownership,only the initial uploader of the data owner encrypts the data with a randomly chosen convergent key and then distributes the key.Only the same data owners who pass the proof of ownership could retrieve the convergent key,only the users really own the claimed data could retrieve the key,since the convergent key only need to store once for the duplicate data,it could eliminate redundancy and reduce the key management burden of the users.By executing deduplication check on plaintext,only a few duplicated data owners are required to encrypt the data,thus reduce the computation and communication costs,by analyzing and comparing with previous solutions,it shows that our scheme is more security and efficient for data deduplication.2.We propose a signature-sharing based auditing scheme with data deduplication.For data auditing,the current data integrity auditing schemes have achieved public verification and batch auditing.To achieve auditing with data deduplication,the existing schemes need different users to sign the same data,which consume a lot of computing resources of the users,it is unacceptable when the client-side computing power is limited.Based on the public verification and batch auditing of the current auditing schemes,we propose a signature-sharing based scheme,for the same data,only the initial uploader need to sign the data and share its signature with the subsequent owners for data auditing,anyone else who has the same data could use the initial uploader's metadata for data integrity auditing.By signature-sharing,the multiple signature computation become one computation when multiple users with same data,thus greatly reduces the computation costs of the users,this can effectively reduce the burden of the signature computation of the users,consequently achieves both data integrity and storage efficiency.The scheme also analyzes the deletion,insertion and modification of the user data and gives the concrete realization method,the analysis show that our scheme is secure and efficient.