Research On Fine-grained Cloud Data Assured Deletion Scheme

With the rapid development of Internet technology and mobile communication technology,user data is showing an explosive growth trend.In order to meet the storage needs of massive data,more and more enterprises and individuals choose cloud storage and fog storage services to reduce local overhead and computing costs.However,when users upload data to the server,they will lose direct control of the data,resulting in many data security issues.To avoid data security issues,expired data and backup data need to be deleted on time,and the correctness of deletion results needs to be verified to achieve assured data deletion.Therefore,how to ensure the assured deletion of expired data and backup data in cloud servers has become an urgent problem to be solved.Two schemes have been studied and designed for the assured deletion of cloud data in different scenarios.The specific research work is as follows:1.Aiming at the problems existing in traditional cloud storage assured data deletion schemes such as single point of failure,reliance on trusted third parties,and lack of secure key management methods,a fine-grained cloud data assured deletion scheme for multi-authoritative users is proposed.Building an access policy graph based on user protection requirements,generating data keys and control key based on the access policy graph,using the data key to encrypt data,and achieving data encryption,outsourcing storage,and fine-grained data access control;Shamir(m,n)threshold secret sharing scheme is used to ensure the security of data keys and control key;At the same time,a key management mechanism for authoritative users is designed using the "ask/answer" method to avoid system paralysis caused by a single point of failure,improving the system’s fault tolerance;Then construct a Merkel hash tree to verify the correctness of the deletion results;Finally,upload the deletion results to the blockchain network.The tamper proof and decentralized nature of the blockchain ensures the validity and traceability of the deletion results.The security analysis,functional comparison analysis,and efficiency analysis indicate that the scheme is safe and efficient,and achieves more comprehensive functionality with acceptable overhead.2.Aiming at the problems of low data availability,the inability of mobile users to access data,and high overhead of data update operations in traditional cloud storage environments,a fine-grained assured deletion scheme of cloud data that supports dynamic updates of multiple copies in cloud and fog collaborative environment is proposed.Firstly,a trusted platform module is used to build a secure and trusted fog node cluster to ensure the confidentiality of private data;Secondly,construct a cloud-fog-user layered access control structure to meet the needs of mobile users to access data and update data in a fine granularity;Then,an improved Merkel Hash Tree is designed,and a new primitive named Multi-Copy Association Tree is proposed to achieve fine-grained dynamic updates of specified data and its replica data under multiple copies storage;Finally,a blockchain network composed of fog node cluster is constructed to record the entire dynamic update process of data,achieving the verifiability of deletion results.Security analysis and efficiency analysis indicate that the scheme achieves more comprehensive functionality with acceptable overhead.