Research On Core Technologies Of The Encrypted NoSQL Database

Enterprises and individuals are tending to outsource their local data to third-party data centers in the era of big data,so as to obtain high-quality data services with a low local cost.As an important part of data outsourcing services,NoSQL databases play a key role in data distributed storage and high-concurrency processing.However,research on NoSQL is still in its infancy,which makes existing databases vulnerable to attacks in storing data.Moreover,such data breaches frequently reported in the media have also gained widespread concern over the security and privacy of outsourced data.Many encryption schemes based on NoSQL have been proposed and applied to different scenarios.However,the state-of-the-art works are still defective in terms of functionality and cannot meet the diverse needs of users for fine-grained data access control.To address the above challenges,we design and implement a cryptosystem based on NoSQL database in a multi-user web application scenario.Then we extend the cryptosystem in the application scenario of the C/S architecture,and design a ciphertext access control scheme based on encrypted NoSQL database.The contributions in this thesis can be summarized as follows:(1)We design and implement a cryptosystem based on NoSQL database.In the cryptosystem,the existing cryptographic algorithms can be perfectly integrated into the encryption module.And a multi-level security mechanism is provided for the raw data,where each data item can be uniformly encrypted through the designed data encryption mode.We demonstrate that the proposed cryptosystem enables the database to complete multiple data requests in a ciphertext environment.Besides,extensive experiments also show the superior performance of the cryptosystem in terms of encrypted data processing.(2)We design a ciphertext access control scheme based on encrypted NoSQL database.Through the processing of the encrypted database structure and the access control matrix,we design an authorization method that can simply and flexibly support the addition,modification,and revocation of user permissions,and minimize privacy leakage in collusion between attackers and users.Moreover,an optimization method is proposed for the revoking of user permissions,so that the re-encryption processing of data can be safely performed by a third-party server.The experiments of the ciphertext access control scheme demonstrate that its permission processing is efficient,and it has moderate communication overhead and storage overhead.