Data destruction model for cloud storage based on lifecycle control
CAO Jingyuan1, LI Lixin1, LI Quanliang2, DING Yongshan1
1. Information Engineering University, Zhengzhou Henan 450001, China; 2. Luoyang Electronic Equipment Examination Center of China, Luoyang Henan 471003, China
Abstract:A data destruction model based on lifecycle control under cloud storage environment was proposed to solve the lack of effective data destruction mechanism for user data, and that data security was threatened and destruction time was controlled in the life cycle, which greatly limited the development of cloud services. The plain text was processed by functional transformation to generate the cipher text and metadata and avoid the complex key management. Secondly, in order to improve the controllability of data destruction, a self-destruction data objects based on controllable time was designed, which made any illegal access of expired objects to trigger the assured deletion by rewriting program, and realized the data destruction based on lifecycle control. The analysis and experimental results show that the scheme can enhance the flexibility and controllability of data destruction and reduce the performance cost, while protecting the data safely and effectively.
曹景源, 李立新, 李全良, 丁永善. 云存储环境下生命周期可控的数据销毁模型[J]. 计算机应用, 2017, 37(5): 1335-1340.
CAO Jingyuan, LI Lixin, LI Quanliang, DING Yongshan. Data destruction model for cloud storage based on lifecycle control. Journal of Computer Applications, 2017, 37(5): 1335-1340.
[1] 熊金波, 李凤华, 王彦超,等. 基于密码学的云数据确定性删除研究进展[J]. 通信学报, 2016, 37(8):167-184.(XIONG J B, LI F H, WANG Y C, et al. Research progress on cloud data assured deletion based on cryptography[J].Journal on Communications, 2016, 37(8):167-184.) [2] 冯登国,张敏,张妍,等.云计算安全研究[J].软件学报,2011,22(1):71-83.(FENG D G, ZHANG M, ZHANG Y, et al. Research on cloud computing security[J]. Journal of Software, 2011,22(1):71-83.) [3] Cloud security alliance[EB/OL].[2016-06-20].http://www.cloudsecurityalliance.org. [4] RIVEST R L. All-or-nothing encryption and the package transform[C]//Proceedings of the 4th International Workshop on Fast Software Encryption. London:Springer-Verlag, 1998:210-218. [5] PERLMAN R. File system design with assured delete[C]//Proceedings of the 3rd IEEE International Security in Storage Workshop. Piscataway, NJ:IEEE,2005:83-88. [6] PERLMAN R. The ephemerizer:making data disappear[J].Journal of Information Systems Security,2005,1(1):21-32. [7] TANG Y, LEE P P C, LUI J C S, et al. Secure overlay cloud storage with access control and assured deletion[J]. IEEE Transactions on Dependable and Secure Computing, 2012,9(6):903-916. [8] GEAMBASU R, KOHNO T, LEVY A A, et al. Vanish:increasing data privacy with self-destructing data[C]//Proceedings of the 18th Conference on USENIX Security Symposium. Berkeley, CA:USENIX Association, 2009:299-316. [9] ZENG L F, SHI Z, XU S J, et al. SafeVanish:an improved data self-destruction for protecting data privacy[C]//Proceedings of the 2010 IEEE Second International Conference on Cloud Computing Technology and Science. Washington, DC:IEEE Computer Society, 2010:531-528. [10] 王丽娜,任正伟,余荣威,等.一种适于云存储的数据确定性删除方法[J].电子学报,2012, 40(2):266-272.(WANG L N,REN Z W,YU R W, et al. A data assured deletion approach adapted for cloud storage[J]. Acta Electronica Sinica,2012,40(2):266-272.) [11] 熊金波,姚志强,马津峰, 等.面向网络内容隐私的基于身份加密的安全自毁方案[J].计算机学报, 2014, 37(1):139-150.(XIONG J B, YAO Z Q, MA J F, et al. A secure self-destruction scheme with IBE for the internet content privacy[J]. Chinese Journal of Computers, 2014, 37(1):139-150.) [12] 徐小龙,龚培培,章韵,等.一种基于移动Agent的云端(Cloud-P2P)数据复合销毁机制[J].计算机科学, 2015,42(10):138-146.(XU X L, GONG P P, ZHANG Y, et al. Mobile-Agent-based composite data destruction mechanism for cloud-P2P[J]. Computer Science,2015,42(10):138-146.) [13] 张坤,杨超,马建峰,等.基于密文采样分片的云端数据确定性删除方法[J].通信学报, 2015,36(11):108-117.(ZHANG K,YANG C,MA J F, et al. Novel cloud data assured deletion approach based on ciphertext sample slice[J].Journal on Communications,2015,36(11):108-117.) [14] PETERSON Z J, RANDAL B, JOE H. Secure deletion for a versioning file system[C]//Proceedings of the 4th USENIX Conference on File and Storage Technologies. Berkeley, CA:USENIX Association, 2005:143-154. [15] 沈薇薇,熊金波,黄阳群, 等.基于生命周期控制的电子文件安全删除方案[J].小型微型计算机系统,2016,37(5):1091-1096.(SHEN W W, XIONG J B, HUANG Y Q, et al. Assured deletion scheme for electronic files based on life cycle control[J].Journal of Chinese Computer Systems,2016,37(5):1091-1096.)