Embodiment
Retouching in detail to one or more embodiment of the invention is hereafter provided together with the accompanying drawing for illustrating the principle of the invention
State.The present invention is described with reference to such embodiment, but the invention is not restricted to any embodiment.The scope of the present invention is only by right
Claim limits, and the present invention covers many replacements, modification and equivalent.Illustrate in the following description many details with
Thorough understanding of the present invention is just provided.These details are provided for exemplary purposes, and without in these details
Some or all details can also realize the present invention according to claims.
An aspect of of the present present invention provides a kind of mobile device data storage method.Fig. 1 is according to embodiments of the present invention
Mobile device data storage method flow chart.The present invention merges a variety of data synchronization mechanisms according to the characteristic value information of data
Together, and synchronization policy can flexibly be selected.The selection of synchronization mechanism can be specified by user, can also be by application program
To select, the synchronizing information of data is separately positioned in characteristic value information file, makes the applicable surface of method wider.
, it is necessary to detect the redundancy condition and deletion condition of data before data syn-chronization, and then carried out according to these situations
Data syn-chronization operates.User's smart mobile phone is connected with cloud storage service device by network.The inventive method uses hashed value conduct
The characteristic value information of data, according to the data cases of synchronization, different characteristic value informations is generated using individual quick ashing technique, with
Prevent from colliding;It is independent in itself with method using the quantity and type of ashing technique, enhance adaptation of methods.
Characteristic value information is made up of " filename characteristic value information " and " file content characteristic value information ", and both combine, can
With the routing information and content information of one file of unique mark.
(1) calculating of filename characteristic value information.Method considers two kinds of conventional situations:1. the text of flattening storage
Part, such as the All Files (not including subdirectory) under a catalogue, then only need calculation document name characteristic value information.2. tree-shaped deposit
The catalogue and file of storage structure, such as the file in multi-level bibliographic structure, then need to calculate complete trails filename characteristic value information.
(2) characteristic value information of file content calculates.The data type of user's smart mobile phone is various, there is the chis such as text
Very little less file, also there is the bigger file data such as photo, video segment.For the different data of document size this two class
Situation, following two calculative strategies can be used:1. using associated person information as the small data quantity information of representative, total data is calculated
Characteristic value information.2. being the big data quantity information of representative with photo, video etc., whole calculations can be used.But in order to
The use of smart mobile phone electric power is saved, on the premise of Hash collision is prevented, the calculating for choosing several file fragments can be used
Mode.Because the file synchronization of the inventive method depends on file name information, same file is in the amended spy of content
Value indicative information collision probability is very low.
According to the application characteristic based on cloud storage service device, characteristic value information is individually packed and is stored as file, be stored in
Cloud storage service device.The advantages of this method is:When terminal carries out Data duplication inspection, only download features value information file, save
Network bandwidth, without repeating the characteristic value information for calculating cloud storage service device and preserving data, improve data and check efficiency.
The characteristic value information logical organization of the inventive method design is as follows:Characteristic value information file is by 3 class data blocks
Composition:File header information block, filename characteristic value information block and file content characteristic value information block.
File header information block is defined as follows field name, is respectively:
ARYSIZE:Indicate the size of filename hash code mapping array
FNHTYPE:Indicate to calculate the ashing technique type that filename hashed value uses
HDCOUNT:File content uses the number of ashing technique
HDTYPE:Ashing technique type
Filename characteristic value information block is defined as follows field name, is respectively:
FNNOFFSET:0 indicates without next characteristic value information;The non-zero offset for representing next filename hash information
FLAG:0 represents local without this file;1 represents that local file and cloud storage service device are completely the same;2 represent local
File content and cloud storage service device file content are inconsistent;3, which represent local, this file, and cloud storage service device does not have;
HDOFFSET represents file content hash information offset;
OFFSETFLAG:Represent whether HDOFFSET is effective.
Filename characteristic value information block tissue by the way of array linked list is hashed:Filename characteristic value information block, which is formed, to be dissipated
Row array linked list, array size are determined by ARYSIZE fields;Filename hash array linked list passes through FNNOFFSET document misregistrations
Field is measured to realize;Corresponding document content information is searched in file name information block by HDOFFSET offset fields
Block.By such a mode, the physical mappings that hash information logical organization stores to file are realized.
In the reading writing working mechanism of features described above value information file, to be written as example, to information in characteristic value information file
The write operation of block, if realize that the atomic operation expense based on affairs is bigger, and characteristic value information file will not occur simultaneously
Send out read-write operation.Accordingly, the inventive method writing using write-back method, i.e., first write information block content to newly-added information block, then it is right
The critical field of flag information block is updated, and on the premise of ensuring method correctness, write error is taken to give up and accordingly deposited
Store up the strategy in space.Modification operation of the write-back method to block of information is equally applicable, it is only necessary to before a modification, first by corresponding flag bit
It is invalid to put.Writing for newly-added information block is write including distributing the renewal write and to HDOFFSET fields.It is as follows to write flow:
(1) distribution of fresh information block is write.Only in both cases just can be to characteristic value information tail of file write information:Point
With file name information block and distribution document content information block.During data supplementing using write-back method processing tail of file,
The information inconsistence problems caused by accident, specific strategy is first write information block, then updates offset field above.
It is assumed that offset is OFFSET, write information block is WDATA, and it is WOFFSET to write offset, and write-back method writes process such as
Under:
1. OFFSET is recorded in program.
2. perform WDATA operations in end-of-file, if the step occur it is unexpected, again from 1. opening during next write information
Begin.
3. perform WOFFSET operations, if the step occur it is unexpected, during next write information again since 1..
Write-back method WOFFSET is finally performed, and ensure that the correctness of block of information.
(2) HDOFFSET fields are write, also using write-back method:It is 0 first to ensure OFFSETFLAG fields, is represented
HDOFFSET fields are invalid, then perform distribution and the write operation of fresh information block, after fresh information block is write as work(, then update
HDOFFSET fields, OFFSETFLAG fields are finally put 1, represent that HDOFFSET fields are effective.So far, it ensure that characteristic value is believed
Cease the correctness of Documents Logical.
User is in Smartphone device is actually used, it is possible that situations below:(1) lost devices, more exchange device.
(2) equipment is reset completely, such as factory reset, formats storage.(3) file is deleted by mistake.The inventive method is in reality
On the premise of existing file data stringent synchronization, consider actual conditions, file synchronization flow is optimized, to these fortuitous events
Carry out fault-tolerant processing.
File synchronization mechanism, using characteristic value information file to rely on, pass through the FNHASHCODE fields of file name information block
CODE fields are hashed to be compared, to determine that file whether there is, whether file content has with the HD of document content information block
Change, and using OFLAG fields as auxiliary, determine to participate in plus user is necessary, realize file data synchronizing function.File is same
The design of step mechanism includes the following aspects.
Under normal circumstances:
(1) no matter whether terminal device needs to reinitialize, will be first from cloud storage service device download features value information
File, using characteristic value information file as synchronous foundation.
(2) if cloud storage service device does not have characteristic value information file, the storage of cloud storage service device is emptied, local first
Beginningization characteristic value information file, and local file and characteristic value information file are sent to cloud storage service device.Realize cloud storage
Server and the uniformity of local file data.
(3) when cloud storage service device has characteristic value information file, by the way that local file and characteristic value information file are carried out
Compare, cloud is arrived into the file storage that OFLAG fields are 2 (representing that file content changes) and 3 (representing locally generated new file)
Storage server;The file that OFLAG fields are 0 (representing local to have deleted this document) is deleted from cloud storage service device;
OFLAG fields are file corresponding to 1 expression without renewal.This step also achieves cloud storage service device and local file data
Uniformity.
In file processes are transmitted in batches, it may occur that failure, so that characteristic value information file fails to be sent to cloud
Storage server, make the file that cloud storage service device stores and the characteristic value information file that cloud storage service device stores inconsistent.
To file data, synchronous solution has 2 kinds.
Scheme 1:In the case where local file does not change, a synchronizing process is restarted, and selects not deposit from cloud
Store up server and recover file, you can reach the synchronous target of file strict conformance.Assuming that user's text of cloud storage service device storage
Part collection is combined into U, and the user file information aggregate recorded in the characteristic value information file of cloud storage service device storage is UH, U-UH=
Un, set UnIt is the information for the n file that cloud storage service device hash information file is lost, is this n file the reason for loss
After being sent to cloud storage service device, corresponding characteristic value information file fails to be sent to cloud storage service device.In local number
In the case of not changing, locally possess the complete information of this n file, as long as a successful synchronization, cloud storage clothes
Business device and local, cloud storage service device characteristic value information file and user file, it is possible to reach strict conformance.
The local file of scheme 2 has increasing, delete in the case of, restart a synchronizing process, select not from cloud storage service
Device recovers file, deleted from cloud storage service device with the inconsistent file of local file, by filename verification mode from cloud storage
Server deletes 3 options with the inconsistent file of local file, you can reaches the synchronous target of file strict conformance.Assuming that cloud
The user file collection of storage server storage is combined into U, the user recorded in the characteristic value information file of cloud storage service device storage
Fileinfo collection is combined into UH, U-UH=Un, UnIt is the information for the n file that cloud storage service device characteristic value information file is lost,
Local file collection is combined into UL, then UL∩Un≤Un, no matter UnSet sizes a, as long as successful synchronization, so that it may so that U=UL,
Cloud storage service device and local, cloud storage service device characteristic value information file and user file is set to reach strict conformance.
By introduce prevent because these surprisingly caused by user data loss mechanism, allow user to participate in necessary decision, protect
The practicality of the inventive method is demonstrate,proved.Before file synchronization, first from cloud storage service device download features value information file, then allow
User decides whether to recover file from cloud storage service device.After the completion of these steps, smart mobile phone and cloud storage clothes are just carried out
The file synchronization of business device.The file that this method can effectively solve to occur in actual use loses problem, can be again in specific implementation
Refine the overlay strategy of file of the same name.
Auxiliary expansion, such as the letter such as add file modification time stamp, source file terminal identity can be carried out to core methed
Breath, to improve the degree of intelligence of method and efficiency, and by classifying to data syn-chronization situation, the unnecessary participation of user is reduced,
The Consumer's Experience of raising method.
According to further embodiment of the present invention, in the data synchronization process of cloud storage service, for security requirement,
Third-party storage control centre is introduced, is responsible for giving user one legitimate anonymous identity by verifying the cellphone information of user.
User is before registering using cloud storage service device, it is necessary first to obtains identity license in storage control centre, uses identity afterwards
Cloud storage service device registration security account is gone in license.Except user oneself registers during registration security account, can also select to access
Control the mode of server registration.
User of the present invention directly cannot permit to log in cloud storage service device with identity, but utilize an identity license pair
The modes of multiple secure accounts is answered to use cloud storage service device, user's registration secure account had both protected privacy of user or can allowed
Attacker loses the target of attack.User can create multiple tokens on demand after obtaining identity license from storage control centre and carry out table
Show different accounts.The token parameter of each user is different from, even the parameter of the different accounts of same user is also to differ
Sample, so ensure that cloud storage service device end can not connect the different accounts of same user, be merely able to limitation one
Individual user creates the maximum quantity of account.Here is that (H () is hash function, and a is that cloud is deposited for secure account token T generation method
Server address is stored up, j is same user's registration account number, and sk is private key for user, and n is total number of users, and e is random number):
ρ=H (a ‖ j)(n-1)/α;
T=ρsk·e mod n
The method of this generation secure account and common identity anonymous verification method are completely similar above, and the present invention will
Parameter disclosed in above-mentioned ρ conducts, user only needs to input private key sk when logging in cloud storage service device, private without forwarding
Key.
Embodiments of the invention method is divided into registration, login and data storage and shared.Registration mainly storage control
The identity allowed registration at center and the secure account registration at cloud storage service device end.User obtains body from the registration of storage control centre
Part license, next with identity allowed registration cloud storage service device secure account, user's can uses cloud storage service afterwards
The storage of device and sharing functionality.
User and storage control centre complete identity Licensing Authority agreement in this process, and storage control centre, which returns, to be used
Family credential parameter value (cloud storage service device end is not involved in wherein).First, control centre is stored it needs to be determined that user is legal use
Family rather than one section of malicious attack program, this user of the present invention by the private essential information of other of cellphone information and user together on
It is transmitted to storage control centre.Here cellphone information passes through return as the foundation for confirming user's necessary being, storage control centre
Short message judges whether this application comes from validated user., can using storage control centre as half in identity allowed registration framework
Letter state, user need to be stored in storage control centre after mobile phone terminal is by other personal informations encryption of oneself.Here is
The specific steps of identity allowed registration:
1) other essential informations after registration request, cellphone information and encryption are sent to storage control centre by user.
2) storage control centre compares this cellphone information, if times of registration exceedes number upper limit r, returns to user's failure.
3) store control centre and return to user's verification information, verify whether this cellphone information is effective, if authentication failed,
Return to user's failure.
4) storage control centre confirms the legal identity of user.User performs digital signature association with storage control centre
View:
Define public key group (Ai, b, c, n), calculate Q values:
Wherein sk is private key for user, and λ is private key for user number, and Ai, b, c is use
The order interception value of family private key, n is total number of users.
Afterwards during user's registration cloud storage service device secure account, mobile phone terminal proves that user possesses legal body using Q values
Part license.
5) mobile phone terminal preserves random parameter e and result of calculation Q value.
User can rely on the license of this identity to be taken in cloud storage after obtaining legal identity license from storage control centre
Register multiple secure accounts in business device end.According to user and cloud storage service device to the height of safe coefficient demand, two can be selected
The different registration cloud storage service device mode of kind:
1) user is sent to cloud storage service device device information needed and identity license to complete to register.Under this mode,
After user obtains identity license, storage control centre is at off-state, is not involved in ensuing any flow completely.
The mode of user's registration is adapted to the higher user of level of security and cloud storage service device, is assisted with the tripartite of generally protection privacy of user
View is compared, and control centre is stored in this flow can not obtain any privacy of user and cloud storage service device.
2) cloud registration goes to realize by storing control centre.User issues storage control centre cloud storage service device address and cloud
Storage server goes to complete the registration of cloud storage service device to the demand of personally identifiable information by storing control centre.Here by
Control centre will be stored as half trusted status in the present invention, in order that the personal information of user's storage is to storing control centre not
It can be seen that the present invention, using other personal informations of homomorphic cryptography method encryption user, storage control centre can be from the information of encryption
In retrieve the required personal information of cloud storage service device, be unable to know the particular content of information.
The step of flow of two kinds of logon modes is similar, and here is by user's registration:
1) user sends registering account request to cloud storage service device.
2) cloud storage service device returns to times of registration upper limit k and address parameter a.
3) mobile phone terminal performs checking, and the result and times of registration j are sent into cloud storage service device.
4) cloud storage service device verifies the result and j value (1≤j≤k), if checking is invalid, terminates association
View returns to user's failure.
5) mobile phone terminal creates token account T, creates successfully rear to cloud storage service device end transmission T and alias.
6) it whether there is same T in cloud storage service device Test database, fail if being returned in the presence of if;Otherwise by T and
Random number e adds database and binds this alias, returns to user's registration account success.
User is after cloud storage service device register account number is obtained, it is possible to stores oneself at cloud storage service device end
Data.Storage control centre is also no longer participate in wherein.The present invention is also done on the basis of security privacy is considered by user's request
The processing of some safety classifications, the expense of mobile phone terminal can be saved and do not influence the basic security of user.
Mobile phone terminal first verifies that secure account, and cloud storage service device is logged in after being proved to be successful.The data that user uploads can
To carry out multidomain treat-ment according to content type etc., data are divided into (D1, D2..., DN) N number of subregion, then do not sympathized with according to user
Condition (whether content needs to maintain secrecy to cloud storage service device end) selection cipher mode:
1) cloud storage service device end will be uploaded to after data encryption.This method decoding key only in mobile phone terminal, is fitted
Close the higher storage file of safety requirements and the not high cloud storage service device end of confidence level.
2) user directly uploads data, and data encryption is carried out by cloud storage service device end.In this manner, user this
Data message is visible to cloud storage service device end.The method is adapted to user to be used when storing insignificant information, mainly for
Reduce the computing cost at cell phone end.
Due to the demand with household co-operation finished item or processing data, user is stored in the number at cloud storage service device end
Shared away according to needs, and the file generally uploaded has multiple sharers and existed.User can be right when storing oneself data
Data carry out multidomain treat-ment.User is needed according to oneself and data are divided into N number of subregion by shared consideration, and sharer accesses user's
During shared data, particular zones can only be accessed and be unable to download access other parts data.
Here is the detailed process that sharer obtains Share Permissions:
1) sharer sends sharing request and the address of oneself to data host;
2) after data host agrees to, the number of partitions β of sharer's demand data is sent to cloud storage service device end;
3) it is below shared key km βGeneration, wherein (u, v) is random parameter pair, t is current time;
km β=uH (β ‖ m ‖ t)2+v
4) cloud storage service device end is by shared the number m and shared key k of this number of partitionsm βData host is returned to (if β areas
It is the shared data encrypted by cloud storage service device, then takes decoding key);
5) data host is transmitted to sharer's shared key km βAnd the decoding key of this shared partition;
6) sharer is according to shared key km βWith the public key T of secure account, complete shared key checking is formed:G=H
(km β‖T)(n-1)/α
Afterwards, cloud storage service device end storage of public keys G and parameter be to (n, α), and returns to sharer β areas and can share confirmation;
After flow above, when sharer needs to access the data in β areas, it is only necessary to log in cloud storage service device, input
km β, the token account public key T of cloud storage service device end extraction sharer, if shared key checking formula is set up, sharer can
With accessing shared data area β.
Further, in data synchronization process, the present invention preferably improves existing incremental transmission method, to be deposited in cloud
The optimization carried out in storage system.Exemplified by uploading new edition file process.Originally, have one on cloud storage service device and mobile phone terminal
Part file OLD identical copies.Subsequent user have modified mobile phone terminal OLD copies, form NEW.Then, it is necessary to by mobile phone terminal
NEW is uploaded on cloud storage service device and is formed redaction.It is sender that then the present invention, which defines mobile phone terminal, and Cloud Server is reception
Side.Incremental transmission can be divided into four steps:
1. mobile phone terminal initiates NEW upload requests to Cloud Server.
2. OLD is divided into block by Cloud Server by fixed size, the rolling check code and AES check codes of each block are calculated, and
Each piece of rolling check code set CHECHSET is transferred to mobile phone terminal.
After 3. Cloud Server receives CHECHSET, rolling verification is carried out to an equal amount of rolling window of NEW file openings.
The rolling of sliding window is verified using byte as single rolling distance rolls forward, often roll 1 byte once roll verification with
AES is verified., can be to orient the position of all identical blocks of NEW and OLD after method of calibration verification travels through whole file
Put, remaining is exactly the data block information for needing incremental transmission to the NEW of Cloud Server.So last mobile phone terminal needs to transmit
Data be:The data block differed in NEW with OLD, and redaction NEW piecemeal metadata information.
After 4. Cloud Server receives the content of mobile phone terminal incremental transmission, file data blocks and NEW piecemeal metadata are entered
Row association, forms new edition file.The blocks of files for needing to associate is made up of two parts, blocks of files exclusive NEW and NEW with
Blocks of files public OLD.Therefore need to do the operation of two steps:1. NEW delta files block and NEW piecemeal member that mobile phone terminal is transmitted
Data are associated;2. public documents block will be oriented in the existing OLD files of server end, and by itself and NEW file member numbers
According to being associated.So far, complete NEW files are formed in Cloud Server.Increment, which uploads file processes, to be terminated.
Wherein, 3. in the rolling method of calibration mentioned be time overhead main in transmitting procedure, method is specific as follows:Rolling
Dynamic check code rolls check code using multinomial, by the way that first character section is removed into check code, adds last byte
Check code mode, renewal calculate examine code value.The present invention judges whether two data segments are identical, and verification is rolled by calculating
Code come guess the two may it is identical, with AES check codes determine the two certainly it is identical.
See that specific sliding window rolls method of calibration again, in two steps:
1. first calculating the rolling hashed value of data in sliding window, and search its value in CHECHSET and whether there is.
If 2. do not find, the byte of sliding window rolls forward 1.If it is found, then further calculate sliding window
The ASE values of intraoral data.If ASE values exist in CHECHSET, then it is assumed that data are duplicate data in sliding window at present,
In the absence of the then byte of sliding window rolls forward 1.
It is different from end-to-end application scenarios, there is the characteristic of high concurrent, under cloud storage environment under cloud storage environment
Incremental transmission, server end transmits central point in topological structure, it is necessary to tackle the scene of high concurrent as star, system
Concurrency is limited by memory size, network bandwidth, magnetic disc i/o read or write speed.Therefore, performance of the present invention to rolling check code
It is optimized.
The present invention mentions Rsync rolling check code, and with the thought of increment, each only needs are calculated between window twice
Different byte values.Therefore magnetic disc i/o only needs to pay close attention to the data of first the two bytes of tail of sliding window one.Therefore,
Calculate when rolling check code every time from disk read sliding window after next byte enter internal memory, with sliding window first
Byte data is replaced, and realizes the rolling information of check code of incremental update sliding window.Performance boost is done for magnetic disc i/o operation.
Read in advance by the way of several bytes come optimization method using the thought of buffering area.Specific buffer data update method is such as
Under:
Two buffering areas, head and tail are opened up, size is all bSize, and wherein bsize is much smaller than rolling window size.
Sliding window removes Head [i] and is a window sliding comprising tail [i]., will after sliding window reading (Size-1) is secondary
The Size buffer data moves to the 1st position of buffering area, then reads in (Size-1) individual byte, completes buffering area forward
Slide.
The optimization method can effectively optimize disk access.It is sliding window content all storage internal memory and full content
The compromise for the mode that disk is read every time is deposited, the limitation of memory size and disk read-write speed has been taken into account, has been more suitable for method
Concurrent actual motion environment.
Obviously, can be with general it should be appreciated by those skilled in the art, above-mentioned each module of the invention or each step
Computing system realize that they can be concentrated in single computing system, or be distributed in multiple computing systems and formed
Network on, alternatively, they can be realized with the program code that computing system can perform, it is thus possible to they are stored
Performed within the storage system by computing system.So, the present invention is not restricted to any specific hardware and software combination.
It should be appreciated that the above-mentioned embodiment of the present invention is used only for exemplary illustration or explains the present invention's
Principle, without being construed as limiting the invention.Therefore, that is done without departing from the spirit and scope of the present invention is any
Modification, equivalent substitution, improvement etc., should be included in the scope of the protection.In addition, appended claims purport of the present invention
Covering the whole changes fallen into scope and border or this scope and the equivalents on border and repairing
Change example.