| In recent years,the convenience,efficiency and high scalability of cloud storage have made more and more users choose to store data in the cloud.In this context,cloud data security has become a key issue to be solved urgently.Searchable encryption is a technology that encrypts the keywords of a file and uploads it to the cloud to build a secret index and provide users with search services in a secret environment.It is currently a research hotspot at home and abroad to solve the problem of ciphertext retrieval.This technology can effectively reduce the risk of plaintext information leakage in distributed cloud servers.It is a distributed cloud storage solution that can ensure user data security.From the application scenario,searchable encryption technology is divided into single-user searchable encryption and multi-user searchable encryption.However,with the rapidly increase in the number of users and the temptation of illegal organizations,the risk of the traditional multi-user searchable encryption technology leaking files from internal users continues to increase.In order to reduce this risk and improve the security and retrieval efficiency of the distributed cloud storage system,this thesis mainly conducts the following two parts of research work.(1)Designed a searchable encryption scheme oriented to a limited range of group users.First,the internal organization divides all users into different user groups according to actual needs,and marks each user with a group ID;secondly,the use of a segmented index structure can store the characteristics of keyword expansion information,and the user's group The group information is stored in the index structure;when the data owner submits the secret key to construct and update the index,the corresponding secret key is found in the index and then matched to the secret file information of the user group identification link,thereby Realize the research goal of limiting the effective search range for group users,prevent users from obtaining content that is not related to themselves,and improve the security of the cloud system.(2)A security mechanism for group cross-authorization access is designed.First,the data owner completes the confidential index construction and file upload;secondly,the applicant applies for the access permission of a certain group,and the corresponding access policy is configured by the user administrator of the accessed group and updated to the index structure;when the data user performs the search task,he submits the keyword trapdoor and access strategy.After matching the secret keyword,the access scope is judged through the access strategy,and the corresponding search results are returned to complete the cross authorization of the search scope.The mechanism improves the practicability and search efficiency of secret search in distributed secure cloud storage.Based on the BDH(Bilinear Diffie-Hellman)mechanism,this thesis proves the security of the designed scheme and ensures the semantic security of the system against adaptive keyword selection attacks.The experimental comparison work with the latest articles in this field shows that the solution designed in this thesis can realize the searchable encryption function that limits the search range for group users,and has significant advantages in terms of computational cost,storage cost,and search efficiency. |
PDF Full Text Request