| In recent years,cloud storage technology has attracted the attention of various industries due to its advantages of convenience,economy and flexibility.With the increase of the user and data volume,cloud storage faces the problems of data redundancy and insufficient storage space.Thus,it is urgent to relieve the pressure of cloud server by adopting the deduplication technology.The current technology utilizes the traditional encryption algorithms to protect data confidentiality,but hinder fine-grained data sharing.Moreover,attribute-based encryption can effectively solve the problem of data sharing.With full use of attribute-based encryption,the deduplication technology has the advantages of data sharing and storage space saving,and thus has been achieved great progress,but there are still some problems to be solved.Firstly,cloud servers spend plenty of time searching for physical copies,which consumes a large amount of computing power and reduces the deduplication efficiency.Secondly,when the user's attributes are revoked,the user still has the access right of files,and thus the forward and backward secrecy of data cannot be guaranteed.Finally,a large amount of network bandwidth has to be consumed in server-side deduplication,and the attribute-based encryption technology cannot be applied into the client-side deduplication technology since the encrypted data are probabilistically generated.These problems hinder the application of the deduplication protocol in practical scenarios.This paper focuses on the security and performance of encrypted data deduplication protocols,and mainly does the following work:In the medical system,an efficient encrypted data deduplication protocol is presented to support data sharing and attribute revocation.By using of the prime number principle,the proposed protocol can improve the efficiency of the cloud server in the physical copy search phase,where the cloud server can execute search operation with less service cost.An attribute-based encryption algorithm is utilized to achieve fine-grained access control of the data.Furthermore,the extended functionality can realize the attribute revocation of the unauthorized users.The security proof shows that the proposed protocol is secure under the corresponding security models,and the simulation experiments demonstrates the efficiency of the proposed protocol.In cloud storage,a client-side deduplication protocol is constructed to support flexible access control.The proposed protocol makes use of client-side deduplication.After proving the ownership of the data,the subsequent uploader does not need to upload the complete data to the cloud server,which can avoid the consumption of network bandwidth.The proxy re-encryption technology is utilized to update the encrypted data and the non-revoked users'private key,which can realize attribute revocation of the unauthorized user.The security proof and simulation experiments show that the proposed protocol is secure and efficient,respectively. |
PDF Full Text Request