For searchable encryption, balancing the security and retrieval efficiency of data is important. Aiming at the low retrieval performance and the lack of single keyword search mode in SSE-1 ciphertext retrieval scheme, and the problems such as the limitation of single-machine resources in the traditional single-server architecture, a multi-keyword parallel ciphertext retrieval system was designed and implemented. Different index encryption strategies were used to improve the ciphertext retrieval performance. The block search of the inverted index was realized by partitioning the ciphertext inverted index, which solves the limitation of single-machine resources and improves the retrieval efficiency. The traditional single-machine retrieval architecture was extended and the parallel retrieval of multiple keywords was realized by combining the characteristic of distribution. Experimental results show that compared with the SSE-1 scheme, the proposed scheme has the efficiency of retrieval and update operations improved under the premise of ensuring ciphertext data security and realizes multi-keyword retrieval. At the same time, the distributed architecture of the system is dynamically expanded to improve the system load capacity.

In traditional ciphertext database, the encryption and decryption method is not opaque to the upper application, short of independent key management mechanism and unable to manage multi-user security. In order to solve the problems, a new middleware system for ciphertext database was designed and implemented. Firstly, the encryption and decryption of sensitive data were realized by parsing and rewriting the datagram sent by database client or database server. Then, key management was realized by setting up independent key management module and using secondary key management. Finally, through the independent user management module, the management of users in ciphertext database was realized by means of user authority judgment, identity dynamic authentication, user identity cancellation and update. The experimental results show that, compared with the traditional ciphertext database, the proposed middleware system has better security, and its transmission efficiency is constantly improved with the increase of data volume. The proposed middleware system can effectively guarantee the security of ciphertext database and has high data transmission efficiency.

Focusing on inefficient data security and access control in the existed cloud storage, which results in sensitive information to be stolen, combined with the existed Ciphertext-Policy Attribute-Based Encryption (CP-ABE) and data partition,an efficient data privacy protection model based on the hybrid cloud was proposed. First of all, according to the data sensitive degree, the data were divided into data blocks based on different sensitivity levels, and then data blocks were stored on different cloud platforms. According to the security level of the data, data were encrypted by using the different intensity encryption technologies. At the same time, the scheme of "first match after decryption" was adopted in the decryption stage and the algorithm was optimized. Finally, user decrypted ciphertext by the multiplication. Compared with the single node algorithm, for encrypting 1 Gb data, the efficiency of symmetric encryption algorithm more than doubled in the public clouds. The experimental results show that the proposed scheme can protect the privacy data of cloud storage user, reduces the system cost and improves the system flexibility.

According to the distributed feature of cloud computing, a parallel homomorphic encryption scheme based on the MapReduce Hadoop was proposed with the combination of homomorphic encryption and MapReduce parallel framework under Hadoop environment. The concrete parallel homomorphic encrypting algorithm was implemented, and the theoretical analysis was given to prove the security and correctness of the proposed algorithm. The evaluation experiments on the cloud cluster consisting of 4 computing nodes with total 16 Central Processing Units (CPUs) show that the data encryption of the parallel homomorphic encryption algorithm can reach the speed-up radio of 13. The experimental result shows that the proposed algorithm can reduce the time cost of data encryption and can be applied to real-time applications.

In order to protect privacy of consumers in cloud computing, encrypted data storage is a feasible way. To speed up process of encryption and decryption, a parallel Advanced Encryption Standard (AES) encryption algorithm was proposed taking the characteristic of multi-nodes in cloud computing into account. The performance of the algorithm was analyzed in theory, and then experiments were conducted to demonstrate the efficiency of the designed algorithm. The experimental results show that the speed-up radio of the proposed encryption scheme can reach 15.9, and the total time cost of AES encryption can be reduced by 72.7% on the cloud cluster consisting of 4 compute nodes of total 16 CPUs.

Private data is easy to suffer from the attacks about data confidentiality, integrity and freshness. To resolve this problem, a secure data aggregation algorithm based on homomorphic Hash function was proposed, called HPDA (High-Efficiency Privacy Preserving Data Aggregation) algorithm. Firstly, it used homomorphic encryption scheme to provide data privacy-preserving. Secondly, it adopted homomorphic Hash function to verify the integrity and freshness of aggregated data. Finally, it reduced the communication overhead of the system by improved ID transmission mechanism. The theoretical analyses and experimental simulation results show that HPDA can effectively preserve data confidentiality, check data integrity, satisfy data freshness, and bring low communication overhead.

How to protect data privacy and data integrity is the major challenge in data aggregation of Wireless Sensor Networks (WSN). This paper proposed an integrity-Energy-Saving Privacy-preserving Aggregation (iESPART), which was based on Energy-Saving Privacy-preserving Aggregation (ESPART). By using a homomorphic message authentication code scheme, iESPART was not only able to protect data integrity, but also able to determine which nodes had been attacked. The simulation results show that iESPART achieves the same data privacy-preserving effect as integrity-protecting Private Data Aggregation (iPDA), with a more comprehensive integrity detection mechanism and less communication overhead.

As the main part of resources prediction in the grid computing,host load is particularly important.An improved AR-based model of host load prediction was presented.The improved model not only has the advantages that AR model has,such as,low computing cost and high stability,and has the advantages that AR model has not.It can predict the dynamic interval host load that some job will encounter in the future,and process some characters of the host load variance,for example,self-similarity and long-range dependence.Experiment results show that the improved model has come to an anticipant result.