In recent years,with the rapid growth of data volume generated by modern industries,the development of cloud storage technology is also widely concerned by people from all walks of life.As a new concept derived from the concept of cloud computing,cloud storage is essentially a cloud computing system with data storage and management as its core.Cloud storage enables users to store,access and operate cloud data without restrictions as long as they have devices which can be connected to the internet.It provide users with more convenient and efficient services,it also provide a feasible solution for enterprises and institutions data cloud storage,and storage and management are also unified in the cloud,which greatly reduces the burden on users.But at the same time,because the cloud storage system in open network environment,the user loses the physical control of the cloud data,so that the data security stored by the user is threatened by various aspects,such as data loss,data leaks,data unauthorized access and a series of problems,these problems have largely become obstacles to the healthy development of cloud storage on the Internet.In the existing complex distributed cloud storage environment,new and more secure encryption algorithms are urgently needed to achieve the secure storage of data.Generally,the secure cloud storage technology for data includes access control,user authorization and data encryption.On the basis of existing literature research,this paper conducts a more in-depth study on the part of encryption and secure storage algorithm based on revocable attribute.The main research work of this paper is as follows:(1)An identity-based revocable attribute encryption scheme based on dynamic mark is proposed.The legality authentication of the user identity is completed through zero-knowledge authentication,and the cryptographic hash function allows the attribute server to complete user's identity authentication without infringing the user's private information,thus realizing the anti-collusion attack of the scheme.By adding dynamic mark,the scheme can more easily implement the user part attribute revocation and user revocation,grasp the user's effective attribute information in real time,and it is easier to obtain the user revocation list in the encryption process.(2)An elliptic curve lattice encryption algorithm based on normal basis is proposed,aiming at the safe storage of user data and preventing the illegal and unauthorized use of data,so that the encrypted data on the cloud storage will not cause any serious loss to the user even if it is leaked.Because the amount of data stored in the cloud is relatively large,the algorithm uses the lattice group to realize the block encryption of the data.The elliptic curve algorithm has a wide application prospect as one of the algorithms with high encryption security in the asymmetric encryption algorithm.In this paper,for the elliptic curve of finite field GF(2~8),the points on the elliptic curve are more concisely represented by selecting the appropriate normal basis,so that the operation on it can be simplified.Finally,the high security of the encryption algorithm is proved by the diversity of irreducible polynomials on the polynomial rings and the uncertainty of normal basis selection.(3)Through Hadoop architecture to build the required cloud storage platform,including the construction and deployment of the cluster.Because the Hadoop open source distributed file system is especially suitable for large-scale dataset applications and it has a high degree of fault tolerance,thus it is suitable for secure cloud storage of large amounts of data.Using encryption algorithm based on matrix group of elliptic curve points represented by normal basis to encrypt system sensitive data,and the access control based on dynamic mark identity revocable attribute encryption is used to realize the fine-grained authorized access to the user.The process of initializing the system,reading and writing data files,and uploading and downloading files on the Hadoop cloud storage platform is analyzed,it also explains the data security cloud storage scheme in Hadoop. |