移动云存储安全保护方案的研究与实现

发布时间：2018-03-27 07:06

本文选题：移动云存储　切入点：数据安全　出处：《北京邮电大学》2014年硕士论文

【摘要】：随着移动互联网技术的发展和智能移动终端的广泛应用,智能移动终端上需要存储的信息量呈不断增长趋势,因此需要采用新的技术手段解决移动终端面临的大量信息存储问题。作为云存储技术与智能移动终端相结合的产物,移动云存储不仅有效地降低了移动终端在数据存储容量方面的限制,而且能够很好地解决移动终端的数据备份问题,移动终端用户通过移动网络可以随时随地进行数据备份的管理与恢复,降低因移动终端故障等原因带来的数据丢失风险。目前互联网市场上的移动云存储应用已有几十种。然而,移动云存储可能遭受到来自移动终端和云存储端的数种安全威胁,不安全的云存储服务提供商可能在主动或被动的情景下造成用户数据的泄露,移动云存储服务的安全性尚有待提高。本文的目标是设计并实现一套移动云存储环境下的安全保护方案,该方案通过多种安全手段的综合应用,将移动终端的用户数据在云存储端进行安全的备份,降低移动终端数据丢失且不可恢复的可能；数据以安全的方式存储在云存储端,防止源于云存储端的数据泄露问题；方案提供了安全的数据共享手段,在保证数据机密性的前提下实现移动终端数据备份的共享。本文的主要研究内容包括： 1.研究移动云存储技术,分析移动云存储环境下的安全威胁。移动云存储由“移动终端”和“云存储端”两部分组成,本文将分别从上述的两个侧面分析移动云存储可能遭受的安全威胁,并结合实例研究可用于解决这些问题的安全技术,为设计移动云存储安全保护方案作理论准备。 2.设计移动云存储安全保护方案,解决移动云存储环境下的数据丢失和数据泄密问题。本文设计的移动云存储安全保护方案主要针对组织结构相对松散的小范围集体用户或个人用户,该方案主要强调三方面的功能：身份认证功能、数据安全备份存储功能,和数据安全共享功能。为实现这些功能特性,设计了身份认证、数据加密上传、数据下载解密、授权访问和撤销权限等五项关键业务流程。 3.仿真实现移动云存储安全保护方案。本文选取了Android操作系统作为移动终端的实验平台,并选择Hadoop开源框架作为云存储框架,利用HDFS提供云存储功能。
[Abstract]:With the development of mobile Internet technology and the wide application of intelligent mobile terminal, the amount of information needed to be stored on intelligent mobile terminal is increasing. Therefore, it is necessary to adopt new technical means to solve the problem of mass information storage faced by mobile terminals, which is the product of the combination of cloud storage technology and intelligent mobile terminals. Mobile cloud storage not only effectively reduces the limitation of data storage capacity of mobile terminal, but also can solve the problem of data backup of mobile terminal. Mobile terminal users can manage and restore data backup anytime and anywhere through mobile network to reduce the risk of data loss caused by mobile terminal failure. At present there are dozens of mobile cloud storage applications in the Internet market. However, mobile cloud storage may be subject to several security threats from mobile terminals and cloud storage, and insecure cloud storage service providers may cause user data leaks in active or passive situations. The security of mobile cloud storage service needs to be improved. The goal of this paper is to design and implement a set of security protection scheme in mobile cloud storage environment. The user data of the mobile terminal is safely backed up in the cloud storage terminal to reduce the possibility that the mobile terminal data can be lost and can not be recovered; the data is stored in the cloud storage terminal in a secure manner to prevent the data leakage from the cloud storage terminal. The scheme provides a secure means of data sharing and realizes the sharing of data backup of mobile terminal under the premise of ensuring the confidentiality of data. The main contents of this paper are as follows:. 1. Research mobile cloud storage technology, analyze the security threat in mobile cloud storage environment. Mobile cloud storage consists of "mobile terminal" and "cloud storage terminal". In this paper, we will analyze the possible security threats to mobile cloud storage from the above two aspects, and study the security techniques that can be used to solve these problems with an example, so as to prepare for the design of mobile cloud storage security protection scheme. 2. Design mobile cloud storage security protection scheme, To solve the problem of data loss and data leakage in mobile cloud storage environment, the security protection scheme of mobile cloud storage is designed for small group users or individual users with relatively loose organizational structure. This scheme mainly emphasizes three functions: identity authentication function, data security backup storage function, and data security sharing function. In order to realize these functions, identity authentication, data encryption and upload, data download and decryption are designed. Authorization of access and revocation of permissions are five key business processes. 3. The security protection scheme of mobile cloud storage is realized by simulation. In this paper, Android operating system is chosen as the experimental platform of mobile terminal, and Hadoop open source framework is chosen as cloud storage framework, and HDFS is used to provide cloud storage function.
【学位授予单位】：北京邮电大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP333;TP309.2

【参考文献】