本文選題：CP-ABE加密算法 + Map/Reduce模型��； 參考：《湖南大學(xué)》2013年碩士論文

【摘要】：隨著信息技術(shù)的廣泛應(yīng)用和快速發(fā)展，云計算作為一種新興的商業(yè)計算模型日益受到人們的廣泛關(guān)注。然而，云計算數(shù)據(jù)存儲模型的安全性缺乏可靠性。鑒于此，本文主要對云計算用戶數(shù)據(jù)存儲模型進行了研究分析，并通過對相關(guān)的機器學(xué)習(xí)和構(gòu)建CP-ABE算法模型，改進Map/Reduce算法模型，提升訪問速度。 本文在前人研究的基礎(chǔ)上，主要從事了以下幾方面的工作： 首先，針對傳統(tǒng)對稱加密算法存在諸如自身安全性不高、加密和解密采用同一密鑰而帶來密鑰傳播安全等固有問題、以及非對稱加密體系運算量大不適用于大數(shù)據(jù)處理的弊端，通過研究密文屬性的數(shù)據(jù)存儲算法CP-ABE，該算法利用了單調(diào)訪問控制樹，將服務(wù)器端的相關(guān)屬性集合在內(nèi)部節(jié)點和葉子結(jié)點的訪問控制樹中，從而保證了云計算系統(tǒng)的安全可靠，并且該算法相比于傳統(tǒng)的對稱和非對稱加密算法具有密鑰服務(wù)器端集中管理、使密鑰相對于用戶透明，并更易于管理。在云存儲系統(tǒng)中，基于CP-ABE算法的訪問控制模型可以由加密方控制主動權(quán)，只有滿足密文要求的用戶才能獲得解密權(quán)限。該機制降低了權(quán)限管理的復(fù)雜度以及訪問控制信息的存儲空間； 其次，由于Map/Reduce模型在分配輸入文件時沒有考慮集群中大量異構(gòu)節(jié)點的計算性能，導(dǎo)致運行map任務(wù)時網(wǎng)絡(luò)數(shù)據(jù)傳送時間增加，本課題針對該問題提出一種云計算環(huán)境下的改進型Map/Reduce模型，以降低分類過程中的模糊粒度。針對云計算環(huán)境中不同的節(jié)點在集群中的計算性能不同等特點，通過設(shè)計2次改進型索引分類存儲模型和算法，在傳統(tǒng)的1次Map/Reduce結(jié)果中建立反向索引表，并在2次Map/Reduce計算中對索引詞進行權(quán)重計算分類，，這樣索引數(shù)據(jù)經(jīng)過2次分類后，不再是簡單的反向索引表，而是具有權(quán)重閾限的分類反向索引表，從而提高數(shù)據(jù)存儲能力和計算速度； 最后，結(jié)合學(xué)校實驗條件狀況，搭建hadoop平臺模擬大型異構(gòu)云環(huán)境，驗證文中提出的改進Map/Reduce算法模型的有效性和效率。
[Abstract]:With the wide application and rapid development of information technology, cloud computing as a new business computing model has attracted more and more attention. However, the security of cloud computing data storage model lacks reliability. In view of this, this paper mainly studies and analyzes the cloud computing user data storage model, and through the related machine learning and the construction CP-ABE algorithm model, improves the Map/Reduce algorithm model, enhances the access speed. On the basis of previous studies, this paper mainly engaged in the following aspects of work: First of all, the traditional symmetric encryption algorithm has some inherent problems, such as the low security of itself, the security of key propagation caused by the use of the same key in encryption and decryption, and the disadvantages of asymmetric encryption system, which is not suitable for big data processing. By studying CP-ABE, a data storage algorithm for ciphertext attributes, the algorithm utilizes monotone access control tree, and sets the related attributes of server in the access control tree of internal nodes and leaf nodes, thus ensuring the security and reliability of cloud computing systems. Compared with the traditional symmetric and asymmetric encryption algorithm, this algorithm has the key server side centralized management, which makes the key more transparent than the user, and easier to manage. In cloud storage system, the access control model based on CP-ABE algorithm can be controlled by the encryptor. Only the user who meets the requirements of ciphertext can obtain decryption permission. This mechanism reduces the complexity of privilege management and the storage space of access control information. Secondly, because the Map/Reduce model does not consider the computing performance of a large number of heterogeneous nodes in the cluster when allocating input files, the network data transfer time increases when running the map task. In this paper, an improved Map/Reduce model in cloud computing environment is proposed to reduce the fuzzy granularity in the classification process. In view of the different computing performance of different nodes in cloud computing environment, by designing two times improved index classification storage model and algorithm, the reverse index table is established in the traditional one-time Map/Reduce result. In the second Map/Reduce calculation, the index words are classified by weight calculation. After two times of classification, the index data is no longer a simple reverse index table, but a classified reverse index table with weight threshold. In order to improve the data storage capacity and computing speed; Finally, the hadoop platform is built to simulate the large heterogeneous cloud environment, and the effectiveness and efficiency of the improved Map/Reduce algorithm model proposed in this paper are verified.
【學(xué)位授予單位】：湖南大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2013
【分類號】：TP333

【參考文獻】

相關(guān)期刊論文 前10條

1 楊振賢;;基于云計算的安全數(shù)據(jù)存儲研究與設(shè)計[J];信息安全與技術(shù);2011年10期

2 王昊鵬;劉旺盛;;虛擬化技術(shù)在云計算中的應(yīng)用初探[J];電腦知識與技術(shù);2008年25期

3 顧理琴;;淺談云計算(Cloud Computing)——未來網(wǎng)絡(luò)趨勢技術(shù)[J];電腦知識與技術(shù);2008年S2期

4 唐箭;;云存儲系統(tǒng)的分析與應(yīng)用研究[J];電腦知識與技術(shù);2009年20期

5 彭文華;卞一茗;;基于CP-ABE算法的訪問控制方法在Linux下的實現(xiàn)和算法優(yōu)化[J];電腦知識與技術(shù);2010年27期

6 張龍立;;云存儲技術(shù)探討[J];電信科學(xué);2010年S1期

7 王小明;付紅;張立臣;;基于屬性的訪問控制研究進展[J];電子學(xué)報;2010年07期

8 張淼;徐國愛;胡正名;楊義先;;可信計算環(huán)境下基于主機身份的一次性密鑰交換協(xié)議[J];電子與信息學(xué)報;2007年06期

9 卞一茗;楊庚;;基于ABE算法的訪問控制方法研究[J];廣西通信技術(shù);2009年04期

10 王連強,張劍,呂述望,劉振華;一種基于密碼的層次訪問控制方案及其分析[J];計算機工程與應(yīng)用;2005年33期

本文編號：1879663