本文選題：云存儲　切入點：公開審計　出處：《華僑大學》2017年碩士論文　論文類型：學位論文

【摘要】：云存儲技術作為云計算服務中應用最廣泛的服務之一,提供了一種面向海量數據存儲和管理的有效途徑,已然成為未來存儲發(fā)展的主要趨勢。近年來,隨著云存儲技術的廣泛應用,云存儲服務在給人們帶來諸多便利的同時,也潛在著很多的安全威脅。其中,云服務提供商和用戶之間缺少相互信任,一直是阻礙云存儲服務進一步發(fā)展與普及的重要障礙。作為用于增強云服務提供商和用戶之間相互信任與提高云服務質量的一種有效手段,云數據操作行為安全審計成為了云存儲研究相關領域的一個研究熱點。為此,本文在深入研究傳統計算機和網絡行為日志審計技術的基礎上,結合云數據的使用環(huán)境,探索并提出了多種面向云數據安全的行為日志審計方法。本論文的主要貢獻如下:(1)研究并提出一種基于云存儲環(huán)境的第三方操作行為日志公開審計模型。該模型為云環(huán)境下用戶操作行為日志審計提供了安全的保護機制,解決了云存儲環(huán)境下行為日志審計過程中面臨的隱私泄露問題。(2)提出一種基于Merkle哈希樹的操作行為日志審計方法。其基本思想是利用Merkle哈希樹作為操作行為日志存儲結構,并從Merkle哈希樹上生成可公開驗證的證明值,以防范攻擊者對審計日志的篡改攻擊。實驗結果表明,該方法能夠避免審計過程中的用戶隱私泄露問題,同時具有較高的審計效率。(3)提出一種融合錯誤定位的操作行為日志審計方法。其主要思想是使用短簽名對用戶的數據操作行為生成標簽,并在生成證明過程中引入隨機掩碼技術,實現取證過程中對日志內容信息的隱私保護。實驗結果表明,此方法可以提供無狀態(tài)的公開審計,可選擇性的按需審計,錯誤定位功能以及較高的審計效率。(4)提出一種面向可共享云數據的無證書操作行為日志審計方法。基本思想是利用基于無證書秘鑰的分發(fā)機制來解決云服務提供商面臨的復雜的證書分發(fā)管理問題和用戶身份隱私保護的問題,并且結合短簽名和隨機掩碼技術來保護群組用戶審計行為日志隱私。
[Abstract]:Cloud storage technology, as one of the most widely used services in cloud computing services, provides an effective way to store and manage mass data, and has become the main trend of storage development in the future. With the wide application of cloud storage technology, cloud storage service not only brings a lot of convenience to people, but also has a lot of potential security threats. Among them, there is a lack of mutual trust between cloud service providers and users. It has been an important obstacle to the further development and popularization of cloud storage services as an effective means to enhance mutual trust and improve the quality of cloud services between cloud service providers and users. Security audit of cloud data operation behavior has become a research hotspot in cloud storage research field. Therefore, based on the research of traditional computer and network behavior log audit technology, this paper combines the use of cloud data environment. The main contributions of this paper are as follows: 1) Research and propose a public audit model of third-party operational behavior log based on cloud storage environment. This model is based on cloud storage environment. It provides a secure protection mechanism for user operation behavior log audit in cloud environment. This paper solves the privacy disclosure problem in the process of behavior log audit in cloud storage environment. It proposes a new audit method of operational behavior log based on Merkle hash tree. Its basic idea is to use Merkle hash tree as the storage structure of operational behavior log. A publicly verifiable proof value is generated from the Merkle hash tree to guard against tampering attacks on audit logs by attackers. The experimental results show that this method can avoid the problem of user privacy disclosure in the audit process. At the same time, it has higher audit efficiency. (3) A new audit method of operation behavior log is proposed, which combines error location. The main idea is to use short signature to generate label for user's data operation behavior. In order to protect the privacy of log content information in the process of obtaining evidence, this method can provide stateless public audit and optional on-demand audit. Error location function and high audit efficiency. 4) A new audit method for shared cloud data is proposed. The basic idea is to use the distribution mechanism based on the certificate secret key to solve the problem of cloud service provider. The complex issue of certificate distribution management and the protection of user identity privacy, Combined with short signature and random mask technology, the privacy of group user audit behavior log is protected.
【學位授予單位】：華僑大學
【學位級別】：碩士
【學位授予年份】：2017
【分類號】：TP333;TP309

【參考文獻】

相關期刊論文 前5條

1 高運;伏曉;駱斌;;云取證綜述[J];計算機應用研究;2016年01期

2 李學龍;龔海剛;;大數據系統綜述[J];中國科學:信息科學;2015年01期

3 馮朝勝;秦志光;袁丁;;云數據安全存儲技術[J];計算機學報;2015年01期

4 馮登國;張敏;李昊;;大數據安全與隱私保護[J];計算機學報;2014年01期

5 胡亮;王文博;趙闊;;計算機取證綜述[J];吉林大學學報(信息科學版);2010年04期

，

本文編號：1632048