云存储中支持隐私保护的隐藏性随机访问机制研究

发布时间：2018-01-12 23:14

本文关键词：云存储中支持隐私保护的隐藏性随机访问机制研究　出处：《电子科技大学》2013年硕士论文　论文类型：学位论文

【摘要】：随着计算机和网络信息的高速发展，数据也在不可避免的海量增长，导致越来越多的客户倾向于把数据的存储和维护工作外包给专业的服务提供商，从而从基础存储管理和维护的沉重压力中逃离出来,更专注于自身核心业务的研究和壮大。正是在这种需求下，云存储的研究崭露头角，并得以迅速发展。云存储具有良好的便利性、可扩展性，显著降低本地的存储和维护开销，少量的经济花费等优势。然而，由于云存储系统中的数据对网络和服务器的依赖性使得越来越多的用户和研究者对其安全性产生了质疑，并且安全性逐渐成为云存储系统发展的一个至关重要的瓶颈。其中，隐私保护是云存储安全中的极其重要的一个方面。用户并不希望非授权用户（包括云服务提供商）获得有关存储数据的任何信息。通常情况下，用户首先在本地对数据进行加密，然后把加密后的数据上传到云端。利用加密的方法可以有效的保护数据内容的安全。但是，云服务提供商仍旧可以根据用户的访问方式，获得存储数据的有关信息，从而导致用户的隐私遭受侵犯。比如某个特定用户经常访问哪些数据，或者在特定时间段，某个用户访问了多少次同一数据等。这类隐私保护被称为访问方式的隐私保护，即在访问过程中用户的访问方式不能够被泄漏。一旦获取用户的访问方式，云服务提供商就能够发动各种各样的攻击，例如通过跟踪用户访问的特定数据元素来尝试推断用户的行为模式，私人兴趣以及重要的个人隐私信息。另外，云服务提供商也可以专注于那些访问频率非常高的用户数据，或者在用户未察觉的的情况下暗自删除那些从来不被访问的数据，以节省存储和维护的成本。因此，如何在云存储中保护用户访问方式的隐私，是现今的一个重要研究方向。本论文就如何在云存储的大环境下保障用户访问方式的隐私及如何构造隐藏性随机访问方案来进行了研究，成功构建了一个隐藏性随机访问方案。具体来说，主要工作有： (1)研究和分析了概率加密方法的原理和优势，并选择了一个高效的概率加密方法作为本文方案的数据加密方法。 (2)研究和分析了两个著名的数据结构：布谷鸟哈希和布隆过滤器，并采用改进的布谷鸟哈希和布隆过滤器相结合的多层结构作为本文方案的数据结构。在此结构上成功实现隐藏性随机访问方案。 (3)在隐藏性随机访问方案的设计过程中，本文还研究了数据层重构过程中的洗牌策略，即随机化元素的存储位置，并采用高效的洗牌策略，进一步提高了访问效率。 (4)本文研究了分区的存储结构和MapReduce并行查询策略的组合，提高了访问效率，同时使访问过程中用户和服务器之间的交互次数降低到常数级。另外，分区的思想使每次访问受影响的数据元素的几率大大减少，这也是提高系统性能的一个关键。 (5)本文在构造了支持隐私保护的隐藏性随机访问方案后，分析了此方案的性能和安全性，并和现存的典型模型进行了比较，成功证明了本文方案的可执行性和优势。 (6)最后在Hadoop平台下实现了本文提出的隐藏性随机访问方案，，完成了文件加密，隐藏性随机访问数据结构构建，访问过程和数据层重构过程模拟，并评估了访问效率。
[Abstract]:With the rapid development of computer and network information, the data also inevitably lead to massive growth in, more and more customers tend to put the data storage and maintenance work is outsourced to professional service providers, in order to escape from the basic storage management and maintenance of the heavy pressure of study, and focus on their core business is growing. In this case, the research of cloud storage emerged and developed rapidly. Cloud storage has good convenience, scalability, reduce local storage and maintenance costs, a small amount of economic costs and other advantages. However, the dependence of cloud storage system in the data on the network and server make users and more and more studies have questioned its safety and security has become a crucial bottleneck in development of cloud storage system. Among them, privacy protection is One of the most important aspect of the cloud storage security. The user does not want unauthorized users (including cloud service provider) to obtain any information about the stored data. Typically, the user first locally to encrypt the data, then the encrypted data is uploaded to the cloud. The use of encryption method can protect the data content effective safety. However, cloud service providers still can be based on user access, get information about the storage of data, resulting in the user's privacy violations. For example, a specific user often access what data, or in a specific period of time, a number of users to access the same data. This kind of privacy the protection of privacy protection is called access mode, namely the user during the visit visit could not be leaked. Once get the user access, cloud service providers will be able to Enough to launch a variety of attacks, such as access behavior by tracking the user specific data to try to infer the user's personal interests and important personal privacy information. In addition, cloud service providers can also focus on those who visit the very high frequency of user data, or when the user is not aware of the case secretly delete those never accessed data to save storage and maintenance cost. Therefore, how to protect the privacy of user access in cloud storage, is an important research direction of the current.
This paper studies how to protect the privacy of user access and how to construct a hidden random access scheme in cloud storage environment. A hidden random access scheme is successfully constructed.
(1) the principle and advantages of probabilistic encryption are studied and analyzed, and a high efficient probability encryption method is selected as the data encryption method of this scheme.
(2) the research and analysis of the two famous data structure: Cuckoo hashing and bloom filter and multi-layer structure improved cuckoo hashing and bloom filter which is combined with the data structure of this scheme. The hidden random access scheme to achieve success in this structure.
(3) in the design of hidden random access scheme, we also studied the shuffling strategy in data layer refactoring process, namely, the location of randomized elements and the efficient shuffle strategy, which further improved the access efficiency.
(4) this paper studies the storage structure and MapReduce partition parallel query strategy combination, improve access efficiency, while the number of interaction between the user and the server access process is reduced to a constant level. In addition, the probability of the partition method so that each data element access affected greatly reduced, which is the key to improve the performance of the system.
(5) after constructing a hidden random access scheme that supports privacy protection, we analyze the performance and security of the scheme, and compare it with the existing typical models. The successful implementation proves the feasibility and advantages of the scheme.
(6) finally, under the Hadoop platform, we implemented the hidden random access scheme proposed in this paper. We completed file encryption, hiding random access data structure construction, access process and data layer reconfiguration process simulation, and evaluated the access efficiency.

【学位授予单位】：电子科技大学
【学位级别】：硕士
【学位授予年份】：2013
【分类号】：TP333;TP309

【相似文献】