Cloud Storage Data Integrity Audit And Assured Deletion

As a new storage model,cloud storage is widely used by individuals and businesses because of its advantages such as mass storage,pay-as-you-go and real-time sharing.However,cloud storage exposes data security issues while providing convenience to people.Due to the innovative application mode of cloud storage,the owner and control of data are separated.If users want to ensure the security of data stored in the cloud,it is necessary to audit integrity of data in the cloud storage.In addition,most of the cloud service provider untrustworthy,when the data deletion command is issued,in order to delete the data,the assured deletion need to be done.Therefore,how to effectively ensure the security of cloud data has become an urgent problem to be solved.For the data security problem in cloud storage environment,this paper focuses on cloud storage data integrity audit and assured deletion research.Aiming at the problems of data dynamic operation and malicious cloud service provider attacks encountered in multi-copy data integrity audit,a multi-copy integrity audit scheme based on DDCT is proposed.Firstly,the DDCT table is introduced to solve the problem of dynamic data operation,and the block number,version number and timestamp of the copy data are stored in the table.In order to resist the malicious cloud service providers attack,a timebased replica data signature authentication algorithm is designed.Secondly,the concept of blockchain is used to propose the concept of replica block including block header and block body.The block header storage copy data is based on the timestamp identifies the authenticated signature information,and the block body stores the encrypted copy data.Finally,the thirdparty auditing agency uses a replica timestamp-based signature authentication algorithm to audit the integrity of the multi-copy data.Through security analysis and experimental comparison,this solution protects data information from third-party auditors while effectively preventing malicious cloud service provider attacks.At the end of data life cycle,there is still a risk of data leakage,because mostly data which was stored in cloud is removed by logical deletion of the key.Therefore,a cloud data assured deletion scheme(WV-CP-ABE)based on ciphertext re-encrypt and overwrite verification was proposed.When data owner wants to delete the outsourced data,the data fine-grained deletion operation was realized by re-encrypting the ciphertext to change the access control policy.Secondly,a searchable path hash binary tree(DSMHT)based on dirty data block overwrite was built to verify the correctness of the data to be deletion.Finally,the dual mechanism of changing the ciphertext access control policy and data overwriting guarantees the data assured deletion.The experimental analysis proves that the fine-grained control is better and the security is more reliable than the previous logical delete method in the assured deletion of data.