Research On Data Integrity Auditing Mechanism Supporting Dynamic Update In Cloud Storage Environment

As the digital transformation of enterprises accelerates globally,the volume of data held by enterprises has rapidly grown from the initial terabyte level to petabyte,EB,and even ZB levels.The rapidly growing storage demand and the lack of local storage resources and high budget are the main contradictions faced by enterprises in their current development.More and more enterprises begin to transfer data from traditional local storage devices to cloud servers for storage,in order to enhance the comprehensive strength and core competitiveness of enterprises.Since the data in the "cloud" may be subject to external tampering,data loss and other security issues,enterprises need to determine whether the cloud server is keeping data intact.Data integrity auditing mechanisms can help enterprises effectively verify the integrity of data stored in the "cloud",but most of the existing data integrity auditing solutions have additional storage overhead,certificate burden,no support for user data sharing,and no support for dynamic data update operations.Based on the above problems,this thesis investigates data integrity auditing in cloud storage environment,and proposes a data integrity auditing scheme that supports dynamic update in cloud storage environment,which has important theoretical value and practical significance.The main research work of this thesis is as follows:1.In order to address the security issues such as external tampering and data loss of the "cloud" data in the cloud storage environment,this thesis studies and proposes a remote data integrity auditing scheme based on no certificate to check the integrity of the "cloud" data.The adoption of certificate-free signature technology enables the proposed data integrity auditing scheme to avoid not only a series of burdens caused by certificates in traditional PKI-based auditing protocols,but also the problem of over-centralized storage of keys in identity-based signature systems.In addition,the scheme designed in this thesis also provides user-oriented data access control,so that only users with valid tokens generated by the data owner can access and share remote data from the "cloud",which ensures the sharing and reliability of remote data.If the data owner wants to revoke the access rights of a user with a token,he can revoke it at any time as an administrator,and the revoked user will no longer be able to access the data stored on the "cloud" by the data owner.2.Considering the privacy requirements of the data owner’s data stored in the "cloud",the data integrity audit protocol designed in this thesis implements the privacy protection function for the third-party auditors during the audit process.During the operation of the scheme,this thesis achieves the sensitive information hiding function by introducing the blind factor to blind the user’s original data block in the evidence generation stage,so that the third-party auditors cannot steal the data information of the data owner.In addition,when the data is stored in the "cloud",the data owner may modify some of the data to a certain extent,so it also realizes the dynamic update function of the data in the "cloud".In this thesis,by introducing the tree data structure Merkle hash tree in the data integrity auditing scheme,the data owner can add,modify and delete the data in the "cloud".3.In order to prove the security and reliability of the data integrity auditing scheme designed in this thesis that supports dynamic updates in cloud storage environment,a rigorous security proof of the scheme is given in this thesis.Finally,a detailed comparison with other existing auditing schemes is conducted from both theoretical analysis and specific experiments,and the final results show that the data integrity auditing scheme designed in this thesis is secure and efficient.