| With the rapid development of cloud computing,hundreds of cloud service providers of different sizes have appeared on the market.Because single cloud services have problems such as reduced reliability due to single points of failure,a cloud computing model called "multi-cloud"(or "intercloud","cloud-of-clouds")is proposed and studied in recent years.Although this multi-cloud model can bring users more reliable data storage and computing services,it also brings more complex outsourcing data privacy protection issues.Some cloud servers in multi-cloud may be dishonest,and these cloud servers may also launch a collusion attack to obtain users' private data.Considering these two characteristics in the multi-cloud model,the existing research work has two main deficiencies.One is the lack of consideration of possible collusion in multi-cloud for file distribution.The second is that for file search,there are problems of low efficiency and not supporting the integrity verification of query results.Therefore,how to design a verifiable secure search scheme in a multi-cloud environment is still a challenging problem.This paper focuses on file distribution,secure search,and query result verification in a multi-cloud environment.The main research work includes the following two aspects:(1)To protect the privacy and availability of data in a multi-cloud environment,this paper proposes a secure and reliable file distribution scheme.To ensure the security of files,a iterative encryption method is proposed,which can not only effectively resist the collusion attack launched by some cloud servers,but also enhance the security of files in the case of key leakage.Considering that the cloud server may have a single point of failure,the RS erasure code is introduced to generate redundant file slices,and the files are inserted with some random values to eliminate the relevance problem caused by the file length.In addition,in view of the problem that files may be tampered with by dishonest cloud servers,an efficient method for checking the authenticity of files is proposed.By embedding the summary information of the file in the file name,this method not only realizes the file authenticity check,but also eliminates the association of file names on different cloud servers.(2)To protect query privacy,improve query efficiency and verify the integrity of query results in a multi cloud environment,this paper proposes a secure and verifiable file search scheme based on the file distribution scheme.To achieve a secure keyword search in a multi-cloud environment,a tree index structure based on Bloom filters is constructed for each cloud server.To check the query result integrity,a lightweight query integrity verification scheme suitable for the multi-cloud model is proposed to detect dishonest behaviors of the cloud server with a small computational and communication overhead.In addition,we present the security analysis of secure search protocol and query integrity verification method.Finally,we do extensive simulation experiments and performance analysis for the above two solutions.Experimental results show that our scheme not only guarantees data privacy,query privacy and verifiability of query results,but also achieves lower time cost. |
PDF Full Text Request