Research On Data Assured Deletion Schemes In Cloud Storage

Data is outsourced to the cloud,resulting in the separation of data's ownership and control.When a user initiates a delete request,there is no guarantee that the cloud service provider will delete the user's data and all copies immediately.Therefore,a new technique is presented called assured deletion based on key management,meaning that expired data is reliably deleted and remain permanently inaccessible by any party.The idea of assured deletion scheme is that the data is encrypted before it is outsourced to the cloud.If the key is secure,the data will not be leaked,which turns the cloud data deterministic deletion problem into the security deletion problem of the corresponding key of the client.Cloud data assured deletion schemes based key management can be divided into three types.The types are centralized key management,the distributed key management,and the key management based on access control policies.This paper mainly studies cloud data assured deletion scheme based on distributed key management and access control policies.Aiming at the problems of the cloud data assured deletion scheme for distributed key management are that it less considers the fine-grained access control of data and lacks key deletion function set by users' demand,a cloud data assured deletion scheme based on improved delegated byzantine fault tolerance named ADS-IDBFT is proposed.To solve the security problem of the shared data,the scheme uses CP-ABE encryption to encrypt the original data.To effectively detect and supervise the fraud behavior of the key management party,the scheme,with improving the blockchain transaction model,establishes data transactions based on blockchain technology and manages transparently the key by the blockchain network.The system writes a management contract based on the users' management needs,and sets key deletion function based on the users' needed.When the deletion condition preset in the contract is satisfied,the contract account automatically performs the key destruction operation to realize the assured deletion of the cloud data.Theoretical analysis and experimental results show that the scheme significantly improves the security and reliability of cloud data deletion compared with other schemes.Aiming at the problems of the cloud data assured deletion scheme based on access control policies are low efficiency of encryption and decryption and the single point of failure,an efficient scheme of cloud data assured deletion named ESAD is proposed.The scheme replaces complicated bilinear pairing with simple scalar multiplication on elliptic curves to realize ciphertext policy attribute-based encryption of cloud data,while solving the security problem of shared data.In addition,the efficiency of encryption and decryption is improved.The scheme designs an attribute key management system that employs a dual-server to solve system flaws caused by single point failure.The method of updating attribute value is used to replace the ciphertext re-encryption in the existing scheme to delete the data,thereby improving the deletion efficiency of the cloud data.The theoretical analysis and experimental results show that the scheme guarantees security and significantly improves the efficiency of each stage of cloud data assured deletion.