本文選題：云存儲 + 數據冗余　； 參考：《北京郵電大學》2013年碩士論文

【摘要】：隨著云存儲系統的發(fā)展和在復雜環(huán)境中的應用,它的數據安全性也越來越受到廣泛的關注。一方面,節(jié)點崩潰或者外部入侵都有可能導致數據不完整；另一方面當數據不完整時,由于云服務提供商故意隱瞞或其它因素,用戶無法及時獲知這種變化。針對上述問題,本文進行深入研究,圍繞如何檢測數據完整性和數據不完整時如何保障數據可用性這兩點,提出了一個安全存儲系統方案。 本文從數據可用性著手,研究首先集中在數據的機密性、數據的丟失恢復和數據的篡改恢復。結合對稱加密技術和糾刪碼技術,本文提出了一個基于Tornado碼的數據安全存儲方案(DSBT)。方案采用引導密碼解決傳統對稱數據加密中密鑰難以管理和保存的問題；采用糾刪碼中的Tornado碼設計數據冗余系統以解決數據丟失恢復問題；并通過帶密鑰的哈希使Tornado碼具備糾錯功能從而解決數據的篡改問題。 在此基礎上,論文繼續(xù)開展對數據可取回性檢測(POR)的研究。在經典的基于BLS短簽名的POR算法基礎上,引入可信日志,采用可信日志向用戶提供檢測結果,實現輕量級的第三方架構。最后結合DSBT方案,優(yōu)化POR算法的計算效率,使其與文件大小無關,達到常數級的計算復雜度。 根據上述方案,本文實現了一個基于Cassandra的安全云存儲原型系統。同時測試顯示,系統能提供較強的數據丟失恢復能力,有效抵抗拜占庭錯誤,在可取回性方面的檢測能力也同樣突出,同時還具有非常高的計算效率,尤其在面對大文件時。
[Abstract]:With the development of cloud storage system and its application in complex environment, its data security has been paid more and more attention. On the one hand, the node crash or external intrusion may lead to incomplete data; on the other hand, when the data is incomplete, users can not know the change in time due to the cloud service provider deliberately concealing or other factors. Aiming at the above problems, this paper deeply studies how to detect the data integrity and how to guarantee the data availability when the data is incomplete, and puts forward a secure storage system scheme. In this paper, we focus on the confidentiality of data, the restoration of data loss and the restoration of data tampering. Combined with symmetric encryption and erasure code, a secure storage scheme based on Tornado code is proposed in this paper. The scheme adopts bootstrap cipher to solve the problem that the key is difficult to manage and save in the traditional symmetric data encryption, and the tornado code in erasure code is used to design the data redundancy system to solve the problem of data loss and recovery. The tornado code has error correction function by hashing with key to solve the problem of data tampering. On this basis, the thesis continues to carry out the research on data availability detection (POR). Based on the classical POR algorithm based on BLS short signature, the trusted log is introduced, and the trusted log is used to provide the detection result to the user, and the lightweight third-party architecture is realized. Finally, combined with the DSBT scheme, the computational efficiency of the POR algorithm is optimized to make it independent of the file size and achieve the computational complexity of constant level. According to the above scheme, this paper implements a secure cloud storage prototype system based on Cassandra. The test also shows that the system can provide strong data loss recovery ability, effectively resist Byzantine errors, and has the same outstanding detection ability in retrievability, and also has a very high computational efficiency, especially in the face of large files.
【學位授予單位】：北京郵電大學
【學位級別】：碩士
【學位授予年份】：2013
【分類號】：TP333;TP309

【參考文獻】

相關期刊論文 前1條

1 肖達;舒繼武;陳康;鄭緯民;;一個網絡歸檔存儲中實用的數據持有性檢查方案[J];計算機研究與發(fā)展;2009年10期

，

本文編號：2013788