With the development of cloud storage system and its application in complex environment, its data security has been more and more attention. On the one hand, node crashes or external invasion are likely to lead to incomplete data; on the other hand, when the data is incomplete, because the cloud service provider deliberately concealed or other factors, the user cannot be promptly informed of the change. In view of the above problems, this paper makes a deep research, and puts forward a secure storage system based on how to ensure the data availability when data integrity and data are not complete. In this paper, we begin with the availability of data; the research focuses on the confidentiality of data, the loss of data recovery and data recovery. In this paper, we propose a data secure storage scheme based on Tornado codes (DSBT) by combining the technique of symmetric encryption and erasure codes. Program uses boot password to solve the traditional data encryption in the problem of key preservation and management; system design by correcting Tornado data redundancy code delete code in order to solve problems and recover lost data; through a hash keyed to Tornado code with error correction function so as to solve the problem of data tampering. On this basis, the paper continues to carry out research on data retrieval (POR). Based on the classic POR algorithm based on BLS short signature, the trusted log is introduced, and the trusted log is used to provide the user with the test results. Finally, combined with the DSBT scheme, the computational efficiency of the POR algorithm is optimized, which has nothing to do with the file size, which can achieve the calculation complexity of the constant level. According to the above scheme, this paper implements a secure cloud storage prototype system based on Cassandra. The test shows that the system can provide strong data loss recovery ability, effectively resist the Byzantine fault, in the back of the desirable detection ability is also prominent, but also has very high computation efficiency, especially in the face of large files. This paper studies the modeling and analysis methods of some key problems of data security in cloud storage, such as encryption storage, integrity verification, access control, and verification and so on. Through the data segmentation and refinement rules algorithm to optimize the access control strategy, using the data label verification cloud data integrity, using replica strategy to ensure the data availability, the height of authentication to strengthen security, attribute encryption method using signcryption technology to improve the algorithm efficiency, the use of time encryption and DHT network to ensure that the cipher text and key to delete the data, so as to establish a security scheme for cloud storage has the characteristics of privacy protection.
Read full abstract