本文選題：云存儲 + 數(shù)據(jù)安全��； 參考：《河北大學》2017年碩士論文

【摘要】：云存儲因其高效、便捷、海量存儲的特點而頗受歡迎,然而云存儲獨特的環(huán)境使用戶失去了對數(shù)據(jù)的絕對控制權,數(shù)據(jù)泄露事件層出不窮。為了保障數(shù)據(jù)的安全性,當前主流的解決辦法是對數(shù)據(jù)進行加密。數(shù)據(jù)加密的位置分三種,首先是在客戶端加密,在客戶端加密可以充分保障用戶數(shù)據(jù)的安全性,但是會對客戶端造成巨大負擔,且云服務商強大的計算能力得不到應用;其次是在云端加密,云端加密可以充分利用云服務提供商強大的計算能力,但用戶數(shù)據(jù)有可能暴露給云服務提供商;還有些研究方案提出了第三方加密的思想,通過第三方服務器完成數(shù)據(jù)加密工作,僅僅將云提供商作為機械硬盤來使用。針對用戶數(shù)據(jù)在云端加密不安全的問題,結合云環(huán)境虛擬化的特點,提出了一種基于封閉環(huán)境加密的云存儲方案CB-CSS。通過虛擬機隔離技術構造封閉計算環(huán)境,改進RSA公鑰加密算法使其無需重新產(chǎn)生大素數(shù)就能實現(xiàn)密鑰變化,并通過SSL安全連接傳輸數(shù)據(jù)以及密鑰,將數(shù)據(jù)在封閉計算環(huán)境中安全加密后再存儲至分布式文件系統(tǒng)來保護用戶數(shù)據(jù)的機密性,具有一點加密,多點安全存儲的特點。封閉計算環(huán)境能阻止操作系統(tǒng)中不良應用以及云管理員的攻擊,有效防范數(shù)據(jù)泄露。在開源云項目OpenStack上部署出來進行了性能測試,并和相關方案進行了安全性對比分析,實驗結果表明,通過存儲結構的改變,用戶數(shù)據(jù)的機密性得到了提升,相較于其它在云端加密的云存儲方案來說本方案所帶來的性能損耗有所降低。
[Abstract]:Cloud storage is popular because of its high efficiency, convenience and mass storage. However, the unique environment of cloud storage makes users lose absolute control of data, and data disclosure events emerge in endlessly. In order to ensure the security of data, the current mainstream solution is to encrypt the data. The location of data encryption is divided into three types. Firstly, encryption in the client can fully protect the security of user data, but it will create a huge burden on the client, and the powerful computing power of cloud service provider can not be applied. Secondly, in cloud encryption, cloud encryption can make full use of the powerful computing power of cloud service provider, but user data may be exposed to cloud service provider. Data encryption is done through third-party servers, only cloud providers are used as mechanical hard drives. In order to solve the problem of user data encryption in the cloud, a cloud storage scheme CB-CSS based on closed environment encryption is proposed, which combines the characteristics of cloud environment virtualization. The closed computing environment is constructed by the isolation technology of virtual machine, and the RSA public key encryption algorithm is improved so that it can realize the key change without reproducing a large prime number, and transmit the data and key safely through SSL. The data is encrypted in the closed computing environment and stored in the distributed file system to protect the confidentiality of the user data. It has the characteristics of a little encryption and multi-point secure storage. The closed computing environment can prevent the bad application in the operating system and the attack of the cloud administrator, and prevent the data leakage effectively. The performance test is carried out on OpenStack, an open source cloud project, and the security analysis is carried out. The experimental results show that the confidentiality of user data is improved by changing the storage structure. Compared with other cloud storage schemes in cloud encryption, the performance loss caused by this scheme is reduced.
【學位授予單位】：河北大學
【學位級別】：碩士
【學位授予年份】：2017
【分類號】：TP333;TP309

【參考文獻】

相關期刊論文 前10條

1 許盛偉;林慕清;;基于匿名廣播加密的云存儲訪問控制方法[J];計算機應用;2017年02期

2 王惠峰;李戰(zhàn)懷;張曉;孫鑒;趙曉南;;云存儲中數(shù)據(jù)完整性自適應審計方法[J];計算機研究與發(fā)展;2017年01期

3 吳光強;;適合云存儲的訪問策略可更新多中心CP-ABE方案[J];計算機研究與發(fā)展;2016年10期

4 趙波;夏忠林;安楊;向，

本文編號：2111628