Research On Secure Deletion And Verification For Cloud Data Based On Keys Management

In the context of the big data era,with the rapid development of 5G technology and cloud storage technology.Cloud storage services provide users with a scalability and cost-effective data storage platform.Lots of users choose cloud storage server to store their data.When the user stores the data on the cloud storage server,separation of ownership and management of cloud data stored in a cloud storage server causes users to lose control of data.If the cloud data is not deleted in time and deleted results cannot be verified after the cloud data expires,there are security issues that unauthorized access and privacy leakage.The issues will affect cloud data security and hinder the development of cloud storage services.To solve the problems of keys leakage and unauthorized access to data secure deletion and verification processes in cloud storage environments.Our researching works based on key management technology are as follows:(1)A cloud data secure deletion scheme based on key derivation encryption is proposed.To protect key security,a nodal key tree based on flash memory's hierarchical structure is constructed.A key derivation encryption algorithm proposed to generate data key for encrypting users' data and simplify keys management.Secondly,the scheme combines partial block erasure method with key deletion method to delete both the ciphertext and the key components after data is expired.Furthermore,the process of secure data deletion is formally described by a mathematical model.An optimal solution is given to reduce the page transfer overhead by employing optimization algorithm.The simulation experiment is conducted to verify the proposed scheme.(2)A cloud data security deletion scheme based on decentralized keys destruction is proposed.Aiming at the problem of malicious disclosure of secrets in nodes in distributed hash table network.Firstly,a node trust value evaluation model is constructed to evaluate the trust value of nodes.Distributing key to node with high trust values using a secret sharing scheme.Secondly,the key is automatically deleted by the periodic self-updating function of the distributed hash table network.The ciphertext in the cloud is overwritten by random data.The simulation experiment is conducted to verify the proposed scheme.(3)A cloud data deletion verification scheme based on CP-ABE(ciphertext-policy attribute-based encryption)is proposed to verify the data deletion result.Firstly,an attribute association tree is constructed to implement fast attribute revocation and re-encrypt key.Further the fine-grained deletion of data is achievement.The ciphertext in the cloud is overwritten by random overwrite technology.Building a rule transpose algorithm,and it combines with merkle hash tree to achieve cloud data security deletion and generate a validator.The deletion result is verified by the validator.The effectiveness of the proposed scheme is verified by the experimental test scheme.