本文選題：私有云 + 安全存儲(chǔ)��； 參考：《廣東工業(yè)大學(xué)》2013年碩士論文

【摘要】：近年來(lái),隨著云計(jì)算的新興發(fā)展,基于海量數(shù)據(jù)的云存儲(chǔ)服務(wù)已成為大多數(shù)企業(yè)關(guān)注的重點(diǎn)。而云存儲(chǔ)的安全問(wèn)題是阻礙其發(fā)展的關(guān)鍵原因之一,即如何確保海量的數(shù)據(jù)安全地存儲(chǔ)在云中,以及如何確保在傳輸過(guò)程安全的前提下盡量提高系統(tǒng)效率。目前,越來(lái)越多的大型企業(yè)為了適應(yīng)數(shù)據(jù)迅速增長(zhǎng)的趨勢(shì)和滿(mǎn)足用戶(hù)隨處存儲(chǔ)的需求,已經(jīng)開(kāi)始考慮部署私有云存儲(chǔ)系統(tǒng)。在搭建私有云存儲(chǔ)平臺(tái)時(shí),存在大量的技術(shù)問(wèn)題,如完整性校驗(yàn)和負(fù)載均衡等問(wèn)題。同時(shí)隨著用戶(hù)數(shù)量和數(shù)據(jù)量的不斷增加,對(duì)私有云存儲(chǔ)系統(tǒng)服務(wù)性能也提出了更高的要求,系統(tǒng)的穩(wěn)定性、可用性、安全性都必須采取一定的技術(shù)手段才能得到保障。 本文對(duì)私有云存儲(chǔ)中的安全問(wèn)題進(jìn)行深入探討和研究,主要研究工作包括： 1.綜述了私有云存儲(chǔ)技術(shù)的國(guó)內(nèi)外研究現(xiàn)狀,指出了私有云存儲(chǔ)要解決的安全問(wèn)題。 2.研究了私有云存儲(chǔ)中的數(shù)據(jù)完整性驗(yàn)證技術(shù),提出一種適用于私有云存儲(chǔ)的數(shù)據(jù)完整性驗(yàn)證協(xié)議。該協(xié)議具有適應(yīng)性,對(duì)于較小的文件,可以通過(guò)檢查所有的數(shù)據(jù)塊來(lái)保證結(jié)果的有效性；而對(duì)于較大的文件,則可以檢查部分?jǐn)?shù)據(jù)塊以一定的概率來(lái)保證數(shù)據(jù)的完整性,從而減少系統(tǒng)資源和網(wǎng)絡(luò)帶寬的消耗。 3.研究了私有云存儲(chǔ)中的負(fù)載均衡技術(shù),提出了一種基于ID特征碼的數(shù)據(jù)分片與備份方法,利用文件塊ID和可用存儲(chǔ)節(jié)點(diǎn)ID的對(duì)應(yīng)關(guān)系查找存儲(chǔ)節(jié)點(diǎn),在出現(xiàn)失效節(jié)點(diǎn)時(shí),為對(duì)應(yīng)的文件塊隨機(jī)分配有效存儲(chǔ)節(jié)點(diǎn),提高了主服務(wù)器的效率；將需要備份的數(shù)據(jù)文件,在多個(gè)存儲(chǔ)節(jié)點(diǎn)上按指定數(shù)量建立數(shù)據(jù)副本進(jìn)行分片并選擇最優(yōu)的備份區(qū)域存儲(chǔ)。 4.應(yīng)用上述技術(shù),設(shè)計(jì)了一個(gè)基于分布式集群架構(gòu)的私有云存儲(chǔ)系統(tǒng),實(shí)現(xiàn)了數(shù)據(jù)的分片上傳、下載和備份,同時(shí)在數(shù)據(jù)上傳和下載過(guò)程中對(duì)數(shù)據(jù)進(jìn)行加密,并可以對(duì)數(shù)據(jù)進(jìn)行完整性驗(yàn)證。 論文的創(chuàng)新之處包括：(1)提出的數(shù)據(jù)完整性校驗(yàn)協(xié)議可以動(dòng)態(tài)的根據(jù)文件的大小進(jìn)行完整性校驗(yàn),系統(tǒng)只需少量的存儲(chǔ)開(kāi)銷(xiāo)和通信開(kāi)銷(xiāo),就能保證該協(xié)議的有效執(zhí)行,并且隨著文件的增大,所消耗的時(shí)間仍然保持在較低的值；(2)改進(jìn)的負(fù)載均衡技術(shù)是在文件進(jìn)行上傳的過(guò)程利用文件塊ID和可用存儲(chǔ)節(jié)點(diǎn)ID的對(duì)應(yīng)關(guān)系查找該文件所有分塊的存儲(chǔ)節(jié)點(diǎn),與一般的方法相比,減少了系統(tǒng)的時(shí)間開(kāi)銷(xiāo),提高系統(tǒng)效率。應(yīng)用上述技術(shù)設(shè)計(jì)一個(gè)基于分布式集群架構(gòu)的私有云存儲(chǔ)系統(tǒng)來(lái)對(duì)每一種方法的可行性和安全性進(jìn)行理論上的證明,以確保這些方法能夠在實(shí)際中得以應(yīng)用。
[Abstract]:In recent years, with the development of cloud computing, cloud storage service based on massive data has become the focus of most enterprises. The security of cloud storage is one of the key reasons that hinder the development of cloud storage, that is, how to ensure that mass data is safely stored in the cloud, and how to ensure the security of transmission process to improve the system efficiency as much as possible. At present, more and more large enterprises have begun to consider the deployment of private cloud storage system in order to adapt to the trend of rapid growth of data and meet the demand of users to store anywhere. When building private cloud storage platform, there are a lot of technical problems, such as integrity check and load balance. At the same time, with the increasing number of users and data, private cloud storage system service performance is also put forward higher requirements, the system stability, availability, security must take certain technical means to be guaranteed. In this paper, the security problems in private cloud storage are deeply discussed and studied. The main research work includes: 1. This paper summarizes the research status of private cloud storage technology at home and abroad, and points out the security problems to be solved. 2. The data integrity verification technology in private cloud storage is studied, and a data integrity verification protocol for private cloud storage is proposed. The protocol is adaptive. For smaller files, the validity of the results can be guaranteed by checking all data blocks, while for larger files, some data blocks can be checked to ensure the integrity of the data with a certain probability. Thus reducing the consumption of system resources and network bandwidth. 3. In this paper, the load balancing technology in private cloud storage is studied, and a method of data slicing and backup based on ID signature is proposed. The storage nodes are searched by the corresponding relation between the file block ID and the available storage node ID. The efficient storage nodes are allocated randomly to the corresponding file blocks, and the efficiency of the master server is improved, and the data files that need to be backed up are sliced according to the specified number of data replicas on a plurality of storage nodes and the optimal backup area storage is selected. 4. Based on the above technology, a private cloud storage system based on distributed cluster architecture is designed. The data is uploaded, downloaded and backed up, and the data is encrypted in the process of data upload and download. And the integrity of the data can be verified. The innovation of this paper includes: the data integrity verification protocol proposed by: 1) can dynamically verify the data integrity according to the file size. The system requires only a small amount of storage and communication overhead to ensure the effective implementation of the protocol. And as the file grows, The improved load balancing technique is to use the corresponding relationship between the file block ID and the available storage node ID to find all the storage nodes of the file in the process of uploading the file. Compared with the general method, the time cost of the system is reduced and the system efficiency is improved. The above techniques are used to design a private cloud storage system based on distributed cluster architecture to prove the feasibility and security of each method theoretically, so as to ensure that these methods can be applied in practice.
【學(xué)位授予單位】：廣東工業(yè)大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2013
【分類(lèi)號(hào)】：TP333;TP309

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 王征;劉心松;李美安;;一種高效的基于可復(fù)制資源的分布式負(fù)載均衡策略[J];電子學(xué)報(bào);2006年08期

2 蘇孝青;盛志華;;云計(jì)算環(huán)境下的數(shù)據(jù)安全存儲(chǔ)技術(shù)[J];信息安全與技術(shù);2012年08期

3 伍文靜;程耀東;汪璐;武杰;陳剛;;面向本地分布式存儲(chǔ)系統(tǒng)的動(dòng)態(tài)副本策略[J];計(jì)算機(jī)工程與應(yīng)用;2010年12期

4 張洪;路松峰;趙友橋;胥永康;胡和平;;數(shù)據(jù)安全存儲(chǔ)的分片策略模型研究[J];計(jì)算機(jī)工程與應(yīng)用;2012年18期

5 韓德志;;分布式安全存儲(chǔ)技術(shù)[J];計(jì)算機(jī)科學(xué);2007年11期

6 曹夕;許力;陳蘭香;;云存儲(chǔ)系統(tǒng)中數(shù)據(jù)完整性驗(yàn)證協(xié)議[J];計(jì)算機(jī)應(yīng)用;2012年01期

7 趙曉明;孟慶超;劉軍;;基于SVO邏輯的X.509協(xié)議安全性分析[J];軍事通信技術(shù);2007年03期

8 黃曉濤;李志永;;P2P網(wǎng)中基于文件分片的副本建立策略[J];計(jì)算機(jī)應(yīng)用研究;2008年01期

9 劉金芝;余丹;朱率率;;一種新的云存儲(chǔ)服務(wù)模型研究[J];計(jì)算機(jī)應(yīng)用研究;2011年05期

10 伍琦;萬(wàn)常選;李國(guó)林;;一個(gè)改進(jìn)型云存儲(chǔ)共享方案[J];計(jì)算機(jī)科學(xué);2012年08期

相關(guān)博士學(xué)位論文 前2條

1 陳釗;基于云災(zāi)備的數(shù)據(jù)安全存儲(chǔ)關(guān)鍵技術(shù)研究[D];北京郵電大學(xué);2012年

2 安寶宇;云存儲(chǔ)中數(shù)據(jù)完整性保護(hù)關(guān)鍵技術(shù)研究[D];北京郵電大學(xué);2012年

相關(guān)碩士學(xué)位論文 前10條

1 孫文高;數(shù)字簽名技術(shù)研究[D];西安電子科技大學(xué);2010年

2 郅斌;一種私有云存儲(chǔ)系統(tǒng)的設(shè)計(jì)與實(shí)現(xiàn)[D];北京郵電大學(xué);2011年

3 王彩亮;云存儲(chǔ)環(huán)境下數(shù)據(jù)副本管理策略研究[D];云南大學(xué);2011年

4 艾明;面向海量數(shù)據(jù)的云存儲(chǔ)系統(tǒng)實(shí)現(xiàn)與應(yīng)用研究[D];南京理工大學(xué);2012年

5 張炎華;私有云系統(tǒng)的實(shí)現(xiàn)及性能分析[D];北京郵電大學(xué);2012年

6 馮濤;一種可信安全存儲(chǔ)系統(tǒng)的研究與實(shí)現(xiàn)[D];國(guó)防科學(xué)技術(shù)大學(xué);2005年

7 黃曉云;基于HDFS的云存儲(chǔ)服務(wù)系統(tǒng)研究[D];大連海事大學(xué);2010年

8 劉雪;云存儲(chǔ)中的安全問(wèn)題研究及應(yīng)用[D];北方工業(yè)大學(xué);2012年

9 陳虎;基于HDFS的云存儲(chǔ)平臺(tái)的優(yōu)化與實(shí)現(xiàn)[D];華南理工大學(xué);2012年

10 周祥;私有云構(gòu)建中資源和數(shù)據(jù)管理的研究[D];北京工業(yè)大學(xué);2012年

，

本文編號(hào)：1870143