A Dynamic Cloud Security Storage System Based on Data Drifting

doi:10.3969/j.issn.1671-1122.2019.10.009

Abstract

Abstract:

Data security is core issue of Cloud storage. Presently, Cloud storage physical positions of data are relatively changeless so that the uncertainty and complexity of system are low. According to the idea of dynamic resiliency for security defense, as long as the dynamic change is introduced, the security of Cloud storage might be enhanced systematically. Be derived from the idea, a novel mechanism, named dynamic cloud security storage system based on data drifting, is presented. The mechanism firstly separates a document into particles, and then stores them on different nodes of Cloud storage. The particles are driven to keep drifting among nodes during the store, to achieve the dynamic resilient storage view. Once user needs the document, all of the particles are gathered to the nearest node for following download. In order to improve the security, uniform distribution and Mason rotation method are mixed together to obtain better randomness. For the effective utilization of the idle network bandwidth, without affecting normal network data communication, the instance also adds a traffic monitoring module by actively drift traffic control. The simulations of the system with respect to the mechanism show that it has valid functions and security.

Key words: cloud storage, security, dynamic, drifting, data particle

CLC Number:

TP309

Xing ZHAO, Xiaodong WANG, Chuanrong ZHANG. A Dynamic Cloud Security Storage System Based on Data Drifting[J]. Netinfo Security, 2019, 19(10): 65-73.

Figures/Tables 16

References 20

[1]	WIKIPEDIA. Cloud Storage[EB/OL]. , 2018-5-15.
[2]	FU Yingxun, LUO Shengmei, SHU Jiwu, et al.Survey of Secure Cloud Storage System and Key Technologies[J]. Journal of Computer Research and Development, 2013, 50(1): 136-145.
	傅颖勋,罗圣美,舒继武.安全云存储系统与关键技术综述[J].计算机研究与发展,2013,50(1):136-145.
[3]	Executive Office Of President, National Science and Technology Council. Turstworthy Cyberspace: Strategic Plan for the Federal Cyber Security Research and Development Program[EB/OL].https://www.nitrd.gov/pubs/Fed_Cybersecurity_RD_Strategic_Plan_2011.pdf, 2011-12-10.
[4]	LIU Jie, ZENG Haoyang, TIAN Yongchun, et al.Technologies and Development Trend of Dynamic Resiliency for Security Defense[]]. Communication Technology, 2015, 48(2): 117-124.
	刘杰,曾浩洋,田永春,等.动态弹性安全防御技术及发展趋势[J].通信技术,2015,48(2):117-124.
[5]	RAGHU Y.Building the Infrastructure for Cloud Security: A Solutions View[M]. 1st ed.NY: Apress, Berkeley, 2014.
[6]	ZHAO Luyi.A Detailed Implementation of Fully Homomorphic Encryption Using Ideal Lattice[C]//IEEE. Proceedings of the 2014 International Conference on Electrical, Control and Automation, February 22-25, 2014. Shanghai, China. New York: IEEE, 2014: 132-139.
[7]	JAKE Loftus, ALEXANDER May, et al.On CCA-Secure Somewhat Homomorphic Encryption[C]//IEEE. SAC 2011, March 21-25, 2011, TaiChung, Taiwan China. New York: IEEE, 2013: 55-72.
[8]	LI shuanbao, FU Jianming, ZHANG Huanguo, et al. Scheme on User Identity Attribute Preserving Based on Ring Signcryption for Cloud Computing[J]. Journal on Communication, 2014, 35(9): 99-111.
	李栓宝,傅建明,张焕国,等.云环境下的基于环签密的用户身份属性保护方案[J].通信学报,2014,35(9):99-111.
[9]	LEE N Y, CHANG Y K.Hybrid Provable Data Possession at Untrusted Stores in Cloud Computing[C]// IEEE. 2011 IEEE 17th International Conference on Parallel and Distributed Systems, December 7-9, 2011, Washington, DC, USA. New York: IEEE, 2011: 638-645.
[10]	BOWERS D, JUELS A,OPREA A, et al.Proofs of Retrievability: Theory and Implementation[C]// ACM. Proc of the 2009 ACM Workshop on Cloud Computing Security, November 9-13, 2009, Chicago, IL, USA. New York: ACM, 2009: 43-54.
[11]	GE Yao, YONG Li, LINAN Lei, et al.An Efficient Dynamic Provable Data Possession Scheme in Cloud Storage[C]// Springer. 11th International Conference on Green, Pervasive and Cloud Computing(GPC 2016), May 5-8, 2016, Xi’an, China. New York: Springer-Verlag, 2016: 63-81.
[12]	NGUYEN T, CUTWAY A, SHI W S.Differentiated Replication Strategy in Data Centers[C]// Springer. Proceedings of the 7th IFIP International Conference on Network and Parallel Computing(NPC 2010), September 13-15, 2010, Zhenzhou, China. New York: Springer-Verlag, 2010: 277-288.
[13]	BESSANI A, CORREIA M, QUARESMA B, et al.DepSky: Dependable and Secure Storage in A Cloud-of-clouds[J]. ACM Trans on Storage, 2011, 9( 4): 31-46.
[14]	XIANG Fei, LIU Chuanyi, FANG Binxing, et al.Novel“Rich Cloud”Based Data Disaster Recovery Strategy[J]. Journal on Communications, 2013, 34(6): 92-100.
	项菲,刘川意,方滨兴,等.新的基于云计算环境的数据容灾策略[J].通信学报,2013,34(6):92-100.
[15]	BIAN Genqing, GAO Song, SHAO Bilin, et al.Security Structure of Cloud Storage Based on Dispersal[J]. Journal of Xi’an Jiaotong University, 2010, 10(9): 41-45.
	边根庆,高松,邵必林.面向分散式存储的云存储安全架构[J].西安交通大学学报,2010,10(9):41-45.
[16]	WANG jing, HUANG Chuanhe, WANG Jinhai, et al. An Access Control Mechanism with Dynamic Privilege for Cloud Storage[J]. Journal of Computer Research and Development, 2016, 53(4): 904-920.
	王晶,黄传河,王金海.一种面向云存储的动态授权访问控制机制[J].计算机研究与发展,2016,53(4): 904-920.
[17]	WU xiuguo. Research on Minimum Cost Data Replica Distribution Based on Dynamic Planning in Cloud Storage System[J]. Computer Engineering, 2017, 43(7): 29-37.
	吴修国. 云存储系统中基于动态规划的最小开销数据副本布局研究[J].计算机工程,2017,43(7):29-37.
[18]	MA weijun, RUAN Kun, FENG Jing, et al. Optimizing Algorithm for I/O Performance of Cloud Storage System Based on Dynamic Hybrid Range Mechanism[J]. Journal of Beijing University of Technology, 2013,39(5): 707-712.
	马玮骏,阮鲲,冯径,等.基于动态混合分片机制的云存储系统I/O性能优化算法[J].北京工业大学学报,2013,39(5): 707-712.
[19]	XPENXPEN. Mersenne Twister[EB/OL]. , 2019-1-15.
[20]	NAN Chunli, ZHANG Shengrui, NING Hang, et al.Random Number And its Performance Evaluation in Urban Traffic Simulation[J]. Computer engineering, 2009, 35(10): 259-261.
	南春丽,张生瑞,宁航,等.城市交通仿真中的随机数及其性能评价[J].计算机工程,2009,35(10):259-261.

命令	语义	适用
DLF	删除文件块	M/S
SED	请求传输文件	S
FAL	获取数据微粒失败	M/S
JON	节点申请加入	M
RFU	节点被拒绝	S
ACK	节点确认	S
DLN	删除节点	S