| With the rapid development of correlative industry in cloud computing,various derived products of computing and storage provide convenient services for the individual and enterprise.The service mode relieves immensely the pressure on client's storage and reduces the cost of equipment maintenance.But the explosive growth of data in the Big Data era put a lot of pressure on the cloud service providers.According to the relevant investigation,75%of the storage space on the cloud is occupied by duplicate data.Nevertheless,in the cloud storage model,traditional deduplicate methods face kinds of secure and private issues on data.Thus,to explore and research a secure deduplicate method under outsourced storage mode is the priority among priorities for the further development of cloud storage enterprises.Further-more,the cloud server is honest and curious,and it may try to steal user's data information.So users usually need to encrypt the data for protecting the privacy of data before uploading data to the cloud server.In addition,the model of the outsourced storage is not perfect,and users lose control of data.The virtualized cloud always suffers from disasters such as software attacks and hardware failures,and the cloud itself also has the possibility to steal data.Then,how to ensure the integrity of outsourced data is a urgent problem that can't be ignored by the provider of the cloud storage service.Therefore,based on the investigation and analysis of the current deduplicaiton and integrity audit on secure cloud storage,we make the following specific research:(1)On the one hand,Ciphertext deduplication based on convergence encryption has the problem of key storage and management.In this paper,we construct a safe convergence key encapsulation/decapsulation algorithm using the idea of blind signature.In our algorithm,a trusted third party TTP is Introduced to perform encapsulation.With unified TTP's blind signature,the same file will get the same ciphertext of convergent key,which realizes the deduplication of convergent key ciphertext.It not only ensures the security of the convergent key,but also saves the redundant storage space of the convergent key ciphertext.Theoretical analysis and experimental results show that the algorithm can meet more functional attributes and security attributes.In addition,the algorithm has better performance when facing block-level data deduplication between cross users.(2)On the other hand,the current remote data audit protocols always produce multiple integrity labels for the same effect,and the resulting storage costs cannot be ignored.In this paper,we present a cloud data public audit security protocol that supports the signature deduplication.In our protocol,by using the convergence key to the construction of BLS signature,it reduces the space waste caused by multiple signatures produced from different subscribers' signature private keys of the same data.And TTP is introduced to execute audit task as the agent and store the signature public key of files.It reduces the overhead of clients'storage and computing,and the batch audit task is also supported.Theoretical analysis and experimental results show that the algorithm can meet more security attributes,at the same time,the algorithm has better performance when facing duplicate data audit between cross users.(3)In this section,which taking cloud storage applications as a reference,relying on message lock encryption,blind signature,BLS signature,Improved data ownership proof and the data integrity audit security authentication protocol,based on IaaS services provided by Ali cloud,using JPBC cryptography library and SSH Web development framework,designs and implements the cloud encrypted data security and proxy audit platform.This platform can provide services such as Key management,safe deduplication,audit certification,privacy protection and so on.It can provide technical support and guarantee for the development of cloud computing/large data center development at home and abroad. |
PDF Full Text Request