| Due to the continuous improvement and development of cloud computing technology,the allocation of cloud virtual machine resources has attracted much interest of researchers.Some cloud resource auction mechanisms that meet different economic attributes emerge as the times require.However,these mechanisms rarely consider the security of data in the process of cloud virtual machine allocation.Once the critical information is leaked,it could cause immeasurable damage to the company or organization that owns the data.Therefore,the security of private data is an urgent problem to be solved in the process of cloud virtual machine allocation.Secure multiparty computation technology can compute jointly based on the data of each participant without a trusted third party,while ensuring the privacy of the participants’ data and the correctness of the computation results.This thesis studies the problem of data privacy protection in cloud virtual machine resource allocation by using secure multiparty computation technology.The main work is as follows:(1)A static virtual machine allocation scheme against malicious adversaries is designed.This thesis proposes a general secure computation framework for multiple data providers,and realizes the privacy protection of static virtual machine allocation against malicious adversaries based on this framework.The framework realizes the security against malicious adversaries through two independent garbled circuits.The framework first adopts the cut-and-choose technology to ensure the input consistency of the two garbled circuits,and provides an input cheating detection mechanism.Secondly,the two computation parties exchange their roles to perform two garbled circuit computations,and avoid using oblivious transfers with the help of data providers.Then,the correctness of the computation results is verified by comparing the output consistency of the two garbled circuits.Finally,the theoretical analysis shows the security of the proposed scheme,and the experimental evaluation verifies the feasibility of the scheme.(2)A dynamic virtual machine allocation scheme based on combined cloud auction mechanism and privacy-preserving is proposed.Aiming at the problem of privacy-preserving against semi-honest adversaries in dynamic virtual machine allocation,this thesis introduces a proxy service provider and a server to complete the privacy-preserving dynamic virtual machine allocation with the cloud resource provider.The bidders adopt secret sharing to submit their bidding information.The cloud resource provider and the proxy service provider allocate and publish the allocation results by combining secret sharing computation and garbled circuit computation.The secret sharing computation needs to adopt the multiplication triplets provided by the server.In addition,the theoretical analysis shows that the scheme can protect privacy in the semi-honest adversary model.The experimental results prove that the scheme is feasible. |
PDF Full Text Request