一种云存储环境下的安全存储系统  被引量:28

A Secure Storage System Over Cloud Storage Environment

在线阅读下载全文

作  者:薛矛[1] 薛巍[1,2] 舒继武[1,2] 刘洋[2] 

机构地区:[1]清华大学计算机科学与技术系,北京100084 [2]清华大学信息科学与技术国家实验室,北京100084

出  处:《计算机学报》2015年第5期987-998,共12页Chinese Journal of Computers

基  金:国家自然科学基金(60925006;61232003);国家"八六三"高技术研究发展计划重大专项课题子课题(2009AA01A403);国家科技重大专项子课题(2013ZX03002004-003)资助~~

摘  要:如今,数据越来越多地被选择存放在云存储环境,而非个人电脑中.这使得用户失去了对数据的完全控制,从而难以保证数据的安全性.为了解决此问题,文中提出了一种新的安全云存储系统架构.基于这套架构,文中设计并实现了一个安全云存储系统——Corslet.Corslet可以直接架在已有的云存储系统之上而无需对其进行任何改变,同时提供端到端的数据私密性保护、完整性保护以及访问权限控制等功能.Corslet使用简单,用户只需在客户端存放他们的身份证书即可.对Corslet的测试结果显示,Corslet架在NFSv4集群之上I/O性能下降不到5%,证明Corslet在提高用户数据安全性的同时,其性能也是可以接受的.Nowadays, data has been increasingly shared among different users inside the cloud storage systems, instead of being owned by any single private user, which makes an ordinary user usually does not have the control permission over the whole system, thus hard to secure data storage or data sharing of his own files. To solve this problem, this paper proposes a new secure cloud storage system architecture. Based on this architecture, this paper designs and implements a secure cloud storage system called Corslet. Corslet can run directly on deployed underlying cloud storage systems without modification, while bringing end-to-end confidentiality and integrity as well as efficient access control for user data. For individual users, Corslet is easy to use, the only thing to keep locally is their certifications. The experiments and standard benchmark results show that Corslet over NFSv4 cluster brings acceptable I/O throughput reduction which is less than 5%, proving that Corslet can provide enhanced security for user data while maintaining acceptable performance.

关 键 词:安全存储系统 加密文件系统 私密性 完整性 访问控制 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象