• •    下一篇

云存储服务端数据存储加密机制的设计和实现

吕从东%韩臻%马威   

  • 基金资助:
    教育部创新团队发展计划(IRT201206)

Design and Implementation of Data Storage Encryption Mechanism in Cloud Storage

LV Cong-dong%HAN Zhen%MA Wei   

  • About author:北京交通大学计算机与信息技术学院,北京,100044

摘要: 云存储是一种新型的网络存储形式。随着云存储的广泛使用,云存储中的数据安全问题,如数据泄漏、数据篡改,也成了用户广泛关注的问题。云存储可以分为访问层、应用接口层、基础管理层和存储层,云存储安全可以分为访问层安全、应用接口层安全、基础层安全和存储层安全。为保证云存储中服务端数据存储的机密性,文章设计了数据存储加密机制,在基于云桌面的办公系统个人存储的应用环境中,实现了基础管理层和存储层加密机制。基于JAVA、JSP等技术,实现了基础管理层;基于Bash脚本等技术,实现了基础管理层与存储层的接口;基于开源项目TGT实现了存储层数据加密机制,保证服务端存储数据的机密性。

Abstract: Cloud storage is a new form of network storage. With the widespread use of cloud storage, data security in cloud storage, such as data leakage, data tampering, has become widespread concern. Cloud storage can be divided into the access layer (AL), the application interface layer (APIL), the infrastructure management layer (IML) and the storage layer (SL). Security of cloud storage can be divided into security of the access layer (SAL), security of the application interface layer (SAPIL), security of the infrastructure management layer (SIML) and security of the storage layer (SoSL). A data storage encryption mechanism is designed to deal with the conifdentiality of the data in cloud storage in this paper. The mechanism is implemented in an application environment of the ofifce system based on cloud desktop. The infrastructure management layer is implemented based on JAVA and JSP. The interface between the infrastructure management layer and the storage layer is implemented based on Bash Script. The data encryption on the sever is implemented based on open source projects TGT.