摘要
为了保证云服务端存储数据的保密性和用户访问数据的便捷性,应由用户对自己的数据文件进行加密保护,并支持云服务提供商对密文数据文件的检索。设计了基于PKI技术的可搜索云加密存储系统,采用Curtmola可搜索对称加密方案实现对密文数据的检索,使用数字证书和公钥密码技术实现云服务端与用户之间的身份鉴别、密钥协商和通信安全等机制,云服务提供商对用户的数据和索引文件进行加密存储,防止黑客从服务器上非法获取文件内容。经过安全性分析,此系统能够实现身份鉴别、通信加密、存储安全和密文检索安全,防止窃听攻击、伪造攻击、重放攻击等攻击手段,适用于政府、企业等单位建立安全可靠的云存储系统。
To guarantee data privacy and access convenience in cloud storage system,cloud users should encrypt their data by themselves and cloud service providers can search key words on encrypted data files.We design a searchable cloud encryption storage system based on PKI technology.In this system,we use Curtmola’s searchable symmetric encryption scheme to support key word searching on encrypted data and adopt digital certificates to implement identification,key agreement,and communication security.Cloud service providers store users’ cipher-text data and index files to protect data privacy from hackers’ attacks.According security analysis,this cloud encryption storage system can acquire the security of identification,communication encryption,storage encryption,and searchable security on encrypted data.Eavesdropping attack,forgery attack,replay attack and other attacks can be defeated.This system may be used in secure and reliable cloud storage systems of governments,enterprises,and other institutions.
出处
《软件导刊》
2018年第2期182-185,共4页
Software Guide
关键词
信息安全
云存储
密码技术
可搜索加密
PKI技术
information security
cloud storage
cryptographic technology
searchable encryption
PKI technology
