本文關(guān)鍵詞：云存儲(chǔ)中支持隱私保護(hù)的隱藏性隨機(jī)訪問機(jī)制研究　出處：《電子科技大學(xué)》2013年碩士論文　論文類型：學(xué)位論文

  更多相關(guān)文章： 云存儲(chǔ) 概率加密 布谷鳥哈希 布隆過濾器 洗牌

【摘要】：隨著計(jì)算機(jī)和網(wǎng)絡(luò)信息的高速發(fā)展，數(shù)據(jù)也在不可避免的海量增長，導(dǎo)致越來越多的客戶傾向于把數(shù)據(jù)的存儲(chǔ)和維護(hù)工作外包給專業(yè)的服務(wù)提供商，從而從基礎(chǔ)存儲(chǔ)管理和維護(hù)的沉重壓力中逃離出來,更專注于自身核心業(yè)務(wù)的研究和壯大。正是在這種需求下，云存儲(chǔ)的研究嶄露頭角，并得以迅速發(fā)展。云存儲(chǔ)具有良好的便利性、可擴(kuò)展性，顯著降低本地的存儲(chǔ)和維護(hù)開銷，少量的經(jīng)濟(jì)花費(fèi)等優(yōu)勢(shì)。然而，由于云存儲(chǔ)系統(tǒng)中的數(shù)據(jù)對(duì)網(wǎng)絡(luò)和服務(wù)器的依賴性使得越來越多的用戶和研究者對(duì)其安全性產(chǎn)生了質(zhì)疑，并且安全性逐漸成為云存儲(chǔ)系統(tǒng)發(fā)展的一個(gè)至關(guān)重要的瓶頸。其中，隱私保護(hù)是云存儲(chǔ)安全中的極其重要的一個(gè)方面。用戶并不希望非授權(quán)用戶（包括云服務(wù)提供商）獲得有關(guān)存儲(chǔ)數(shù)據(jù)的任何信息。通常情況下，用戶首先在本地對(duì)數(shù)據(jù)進(jìn)行加密，然后把加密后的數(shù)據(jù)上傳到云端。利用加密的方法可以有效的保護(hù)數(shù)據(jù)內(nèi)容的安全。但是，云服務(wù)提供商仍舊可以根據(jù)用戶的訪問方式，獲得存儲(chǔ)數(shù)據(jù)的有關(guān)信息，從而導(dǎo)致用戶的隱私遭受侵犯。比如某個(gè)特定用戶經(jīng)常訪問哪些數(shù)據(jù)，或者在特定時(shí)間段，某個(gè)用戶訪問了多少次同一數(shù)據(jù)等。這類隱私保護(hù)被稱為訪問方式的隱私保護(hù)，即在訪問過程中用戶的訪問方式不能夠被泄漏。一旦獲取用戶的訪問方式，云服務(wù)提供商就能夠發(fā)動(dòng)各種各樣的攻擊，例如通過跟蹤用戶訪問的特定數(shù)據(jù)元素來嘗試推斷用戶的行為模式，私人興趣以及重要的個(gè)人隱私信息。另外，云服務(wù)提供商也可以專注于那些訪問頻率非常高的用戶數(shù)據(jù)，或者在用戶未察覺的的情況下暗自刪除那些從來不被訪問的數(shù)據(jù)，以節(jié)省存儲(chǔ)和維護(hù)的成本。因此，如何在云存儲(chǔ)中保護(hù)用戶訪問方式的隱私，是現(xiàn)今的一個(gè)重要研究方向。 本論文就如何在云存儲(chǔ)的大環(huán)境下保障用戶訪問方式的隱私及如何構(gòu)造隱藏性隨機(jī)訪問方案來進(jìn)行了研究，成功構(gòu)建了一個(gè)隱藏性隨機(jī)訪問方案。具體來說，主要工作有： (1)研究和分析了概率加密方法的原理和優(yōu)勢(shì)，并選擇了一個(gè)高效的概率加密方法作為本文方案的數(shù)據(jù)加密方法。 (2)研究和分析了兩個(gè)著名的數(shù)據(jù)結(jié)構(gòu)：布谷鳥哈希和布隆過濾器，并采用改進(jìn)的布谷鳥哈希和布隆過濾器相結(jié)合的多層結(jié)構(gòu)作為本文方案的數(shù)據(jù)結(jié)構(gòu)。在此結(jié)構(gòu)上成功實(shí)現(xiàn)隱藏性隨機(jī)訪問方案。 (3)在隱藏性隨機(jī)訪問方案的設(shè)計(jì)過程中，本文還研究了數(shù)據(jù)層重構(gòu)過程中的洗牌策略，即隨機(jī)化元素的存儲(chǔ)位置，并采用高效的洗牌策略，進(jìn)一步提高了訪問效率。 (4)本文研究了分區(qū)的存儲(chǔ)結(jié)構(gòu)和MapReduce并行查詢策略的組合，提高了訪問效率，同時(shí)使訪問過程中用戶和服務(wù)器之間的交互次數(shù)降低到常數(shù)級(jí)。另外，分區(qū)的思想使每次訪問受影響的數(shù)據(jù)元素的幾率大大減少，這也是提高系統(tǒng)性能的一個(gè)關(guān)鍵。 (5)本文在構(gòu)造了支持隱私保護(hù)的隱藏性隨機(jī)訪問方案后，分析了此方案的性能和安全性，并和現(xiàn)存的典型模型進(jìn)行了比較，成功證明了本文方案的可執(zhí)行性和優(yōu)勢(shì)。 (6)最后在Hadoop平臺(tái)下實(shí)現(xiàn)了本文提出的隱藏性隨機(jī)訪問方案，，完成了文件加密，隱藏性隨機(jī)訪問數(shù)據(jù)結(jié)構(gòu)構(gòu)建，訪問過程和數(shù)據(jù)層重構(gòu)過程模擬，并評(píng)估了訪問效率。
[Abstract]:With the rapid development of computer and network information, the data also inevitably lead to massive growth in, more and more customers tend to put the data storage and maintenance work is outsourced to professional service providers, in order to escape from the basic storage management and maintenance of the heavy pressure of study, and focus on their core business is growing. In this case, the research of cloud storage emerged and developed rapidly. Cloud storage has good convenience, scalability, reduce local storage and maintenance costs, a small amount of economic costs and other advantages. However, the dependence of cloud storage system in the data on the network and server make users and more and more studies have questioned its safety and security has become a crucial bottleneck in development of cloud storage system. Among them, privacy protection is One of the most important aspect of the cloud storage security. The user does not want unauthorized users (including cloud service provider) to obtain any information about the stored data. Typically, the user first locally to encrypt the data, then the encrypted data is uploaded to the cloud. The use of encryption method can protect the data content effective safety. However, cloud service providers still can be based on user access, get information about the storage of data, resulting in the user's privacy violations. For example, a specific user often access what data, or in a specific period of time, a number of users to access the same data. This kind of privacy the protection of privacy protection is called access mode, namely the user during the visit visit could not be leaked. Once get the user access, cloud service providers will be able to Enough to launch a variety of attacks, such as access behavior by tracking the user specific data to try to infer the user's personal interests and important personal privacy information. In addition, cloud service providers can also focus on those who visit the very high frequency of user data, or when the user is not aware of the case secretly delete those never accessed data to save storage and maintenance cost. Therefore, how to protect the privacy of user access in cloud storage, is an important research direction of the current.
This paper studies how to protect the privacy of user access and how to construct a hidden random access scheme in cloud storage environment. A hidden random access scheme is successfully constructed.
(1) the principle and advantages of probabilistic encryption are studied and analyzed, and a high efficient probability encryption method is selected as the data encryption method of this scheme.
(2) the research and analysis of the two famous data structure: Cuckoo hashing and bloom filter and multi-layer structure improved cuckoo hashing and bloom filter which is combined with the data structure of this scheme. The hidden random access scheme to achieve success in this structure.
(3) in the design of hidden random access scheme, we also studied the shuffling strategy in data layer refactoring process, namely, the location of randomized elements and the efficient shuffle strategy, which further improved the access efficiency.
(4) this paper studies the storage structure and MapReduce partition parallel query strategy combination, improve access efficiency, while the number of interaction between the user and the server access process is reduced to a constant level. In addition, the probability of the partition method so that each data element access affected greatly reduced, which is the key to improve the performance of the system.
(5) after constructing a hidden random access scheme that supports privacy protection, we analyze the performance and security of the scheme, and compare it with the existing typical models. The successful implementation proves the feasibility and advantages of the scheme.
(6) finally, under the Hadoop platform, we implemented the hidden random access scheme proposed in this paper. We completed file encryption, hiding random access data structure construction, access process and data layer reconfiguration process simulation, and evaluated the access efficiency.

【學(xué)位授予單位】：電子科技大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2013
【分類號(hào)】：TP333;TP309

【相似文獻(xiàn)】

相關(guān)期刊論文 前10條

1 陳一梅;;數(shù)字化參考咨詢的隱私保護(hù)研究[J];農(nóng)業(yè)圖書情報(bào)學(xué)刊;2008年01期

2 劉智濤;霍成義;;電子商務(wù)中的隱私保護(hù)技術(shù)研究[J];現(xiàn)代計(jì)算機(jī)(專業(yè)版);2008年10期

3 龍琦;;基于k-匿名的隱私保護(hù)[J];科協(xié)論壇(下半月);2010年03期

4 畢菊;王莉;;基于快速隱私保護(hù)關(guān)聯(lián)規(guī)則的挖掘算法[J];遼寧科技大學(xué)學(xué)報(bào);2010年05期

5 李超良;;物聯(lián)網(wǎng)隱私保護(hù)機(jī)制簡介[J];福建電腦;2011年04期

6 楊s

本文編號(hào)：1416422