本文選題：云存儲(chǔ)　切入點(diǎn)：公開審計(jì)　出處：《華僑大學(xué)》2017年碩士論文　論文類型：學(xué)位論文

【摘要】：云存儲(chǔ)技術(shù)作為云計(jì)算服務(wù)中應(yīng)用最廣泛的服務(wù)之一,提供了一種面向海量數(shù)據(jù)存儲(chǔ)和管理的有效途徑,已然成為未來存儲(chǔ)發(fā)展的主要趨勢(shì)。近年來,隨著云存儲(chǔ)技術(shù)的廣泛應(yīng)用,云存儲(chǔ)服務(wù)在給人們帶來諸多便利的同時(shí),也潛在著很多的安全威脅。其中,云服務(wù)提供商和用戶之間缺少相互信任,一直是阻礙云存儲(chǔ)服務(wù)進(jìn)一步發(fā)展與普及的重要障礙。作為用于增強(qiáng)云服務(wù)提供商和用戶之間相互信任與提高云服務(wù)質(zhì)量的一種有效手段,云數(shù)據(jù)操作行為安全審計(jì)成為了云存儲(chǔ)研究相關(guān)領(lǐng)域的一個(gè)研究熱點(diǎn)。為此,本文在深入研究傳統(tǒng)計(jì)算機(jī)和網(wǎng)絡(luò)行為日志審計(jì)技術(shù)的基礎(chǔ)上,結(jié)合云數(shù)據(jù)的使用環(huán)境,探索并提出了多種面向云數(shù)據(jù)安全的行為日志審計(jì)方法。本論文的主要貢獻(xiàn)如下:(1)研究并提出一種基于云存儲(chǔ)環(huán)境的第三方操作行為日志公開審計(jì)模型。該模型為云環(huán)境下用戶操作行為日志審計(jì)提供了安全的保護(hù)機(jī)制,解決了云存儲(chǔ)環(huán)境下行為日志審計(jì)過程中面臨的隱私泄露問題。(2)提出一種基于Merkle哈希樹的操作行為日志審計(jì)方法。其基本思想是利用Merkle哈希樹作為操作行為日志存儲(chǔ)結(jié)構(gòu),并從Merkle哈希樹上生成可公開驗(yàn)證的證明值,以防范攻擊者對(duì)審計(jì)日志的篡改攻擊。實(shí)驗(yàn)結(jié)果表明,該方法能夠避免審計(jì)過程中的用戶隱私泄露問題,同時(shí)具有較高的審計(jì)效率。(3)提出一種融合錯(cuò)誤定位的操作行為日志審計(jì)方法。其主要思想是使用短簽名對(duì)用戶的數(shù)據(jù)操作行為生成標(biāo)簽,并在生成證明過程中引入隨機(jī)掩碼技術(shù),實(shí)現(xiàn)取證過程中對(duì)日志內(nèi)容信息的隱私保護(hù)。實(shí)驗(yàn)結(jié)果表明,此方法可以提供無狀態(tài)的公開審計(jì),可選擇性的按需審計(jì),錯(cuò)誤定位功能以及較高的審計(jì)效率。(4)提出一種面向可共享云數(shù)據(jù)的無證書操作行為日志審計(jì)方法�；舅枷胧抢没跓o證書秘鑰的分發(fā)機(jī)制來解決云服務(wù)提供商面臨的復(fù)雜的證書分發(fā)管理問題和用戶身份隱私保護(hù)的問題,并且結(jié)合短簽名和隨機(jī)掩碼技術(shù)來保護(hù)群組用戶審計(jì)行為日志隱私。
[Abstract]:Cloud storage technology, as one of the most widely used services in cloud computing services, provides an effective way to store and manage mass data, and has become the main trend of storage development in the future. With the wide application of cloud storage technology, cloud storage service not only brings a lot of convenience to people, but also has a lot of potential security threats. Among them, there is a lack of mutual trust between cloud service providers and users. It has been an important obstacle to the further development and popularization of cloud storage services as an effective means to enhance mutual trust and improve the quality of cloud services between cloud service providers and users. Security audit of cloud data operation behavior has become a research hotspot in cloud storage research field. Therefore, based on the research of traditional computer and network behavior log audit technology, this paper combines the use of cloud data environment. The main contributions of this paper are as follows: 1) Research and propose a public audit model of third-party operational behavior log based on cloud storage environment. This model is based on cloud storage environment. It provides a secure protection mechanism for user operation behavior log audit in cloud environment. This paper solves the privacy disclosure problem in the process of behavior log audit in cloud storage environment. It proposes a new audit method of operational behavior log based on Merkle hash tree. Its basic idea is to use Merkle hash tree as the storage structure of operational behavior log. A publicly verifiable proof value is generated from the Merkle hash tree to guard against tampering attacks on audit logs by attackers. The experimental results show that this method can avoid the problem of user privacy disclosure in the audit process. At the same time, it has higher audit efficiency. (3) A new audit method of operation behavior log is proposed, which combines error location. The main idea is to use short signature to generate label for user's data operation behavior. In order to protect the privacy of log content information in the process of obtaining evidence, this method can provide stateless public audit and optional on-demand audit. Error location function and high audit efficiency. 4) A new audit method for shared cloud data is proposed. The basic idea is to use the distribution mechanism based on the certificate secret key to solve the problem of cloud service provider. The complex issue of certificate distribution management and the protection of user identity privacy, Combined with short signature and random mask technology, the privacy of group user audit behavior log is protected.
【學(xué)位授予單位】：華僑大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2017
【分類號(hào)】：TP333;TP309

【參考文獻(xiàn)】

相關(guān)期刊論文 前5條

1 高運(yùn);伏曉;駱斌;;云取證綜述[J];計(jì)算機(jī)應(yīng)用研究;2016年01期

2 李學(xué)龍;龔海剛;;大數(shù)據(jù)系統(tǒng)綜述[J];中國科學(xué):信息科學(xué);2015年01期

3 馮朝勝;秦志光;袁丁;;云數(shù)據(jù)安全存儲(chǔ)技術(shù)[J];計(jì)算機(jī)學(xué)報(bào);2015年01期

4 馮登國;張敏;李昊;;大數(shù)據(jù)安全與隱私保護(hù)[J];計(jì)算機(jī)學(xué)報(bào);2014年01期

5 胡亮;王文博;趙闊;;計(jì)算機(jī)取證綜述[J];吉林大學(xué)學(xué)報(bào)(信息科學(xué)版);2010年04期

，

本文編號(hào)：1632048