| With the rapid development of information technology,massive data storage requirements have spawned cloud computing and cloud storage systems.Cloud storage system is an extension of cloud computing,which can provide rich storage space for cloud computing,and is a cross era development of storage technology.However,storing data to the cloud can cause users to lose control of the data,which can lead to many data security risks,such as malicious intrusion,privacy disclosure,or tampering of cloud servers.How to ensure the integrity of cloud data has become a key factor in the increasingly widespread application of cloud storage.Moreover,current user storage requirements are gradually diversified.In practical application scenarios,enterprises and individuals are no longer satisfied with the independent integrity verification function,but also require dynamic operation of cloud data,damage data positioning,data recovery,user revocable,and so on.This thesis focuses on the integrity authentication model and user revocation for multi cloud migration.The main work is as follows:(1)The authentication methods used in most existing multi cloud data migration authentication models are generally random authentication,that is,randomly selecting data blocks for authentication.This may lead to missed detection and high authentication overhead.Moreover,in the existing multi cloud migration integrity verification,operations after detecting data corruption are rarely considered.This thesis proposes a scheme for locating and recovering damaged data during cloud data migration based on hierarchical authentication mode instead of random authentication,which can perform hierarchical authentication on continuously stored data,improve authentication efficiency,and locate damaged data blocks at the same time.Finally,it uses erasure correction technology to recover damaged data blocks.Performance analysis and experimental evaluation show that the scheme has greatly improved the performance of authentication and reduced the computing and communication costs of the enterprise.(2)Most of the existing user revocable data integrity verification schemes have the following problems: the signature designed by the user revocation process does not meet the flexible term scheduling,the proxy re-signature process has security risks and the verification efficiency is not high.This paper proposes a user-recoverable cloud storage data integrity verification scheme for the above problems.It designs an administrator attribute for users to achieve real-time user revocation.It uses proxy re-signature technology to achieve signature replacement during user revocation,to prevent new users from downloading data from the cloud again to sign and upload,and uses the trusted execution environment of the proxy server to ensure information security in the re-signature stage,Protect signature information from being tampered with or leaked.In the audit challenge,use random mask to hide key information to avoid curious third party auditors from obtaining the user’s real data through verification information.The security analysis and performance analysis further show that the scheme is safe and efficient. |
PDF Full Text Request