KR101790757B1 - Cloud system for storing secure data and method thereof - Google Patents

Cloud system for storing secure data and method thereof Download PDF

Info

Publication number
KR101790757B1
KR101790757B1 KR1020150149590A KR20150149590A KR101790757B1 KR 101790757 B1 KR101790757 B1 KR 101790757B1 KR 1020150149590 A KR1020150149590 A KR 1020150149590A KR 20150149590 A KR20150149590 A KR 20150149590A KR 101790757 B1 KR101790757 B1 KR 101790757B1
Authority
KR
South Korea
Prior art keywords
data
user terminal
metadata
metadata server
hash value
Prior art date
Application number
KR1020150149590A
Other languages
Korean (ko)
Other versions
KR20170049700A (en
Inventor
이임영
김원빈
Original Assignee
순천향대학교 산학협력단
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 순천향대학교 산학협력단 filed Critical 순천향대학교 산학협력단
Priority to KR1020150149590A priority Critical patent/KR101790757B1/en
Publication of KR20170049700A publication Critical patent/KR20170049700A/en
Application granted granted Critical
Publication of KR101790757B1 publication Critical patent/KR101790757B1/en

Links

Images

Classifications

    • G06F17/30156
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1446Point-in-time backing up or restoration of persistent data
    • G06F11/1448Management of the data involved in backup or backup restore
    • G06F11/1453Management of the data involved in backup or backup restore using de-duplication of the data
    • G06F17/30174
    • G06F17/30997
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Quality & Reliability (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The exemplary embodiment of the present invention provides a metadata server that determines whether data is duplicated using metadata of uploaded data and transmits the duplicated data to a user terminal, and receives the duplicated data from the user terminal and verifies the duplicated data, And a storage server for storing data. Therefore, by verifying data transmitted to the information storage server, it is possible to reduce a number of communication times, a calculation amount, and a traffic amount of communication data generated in the process of storing cryptographic data, and reduce the risk of data contamination.

Figure R1020150149590

Description

[0001] The present invention relates to a cloud system for storing encrypted data,

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a cloud system for storing cryptographic data, and more particularly, to a cloud system and method in which cryptographic data is deduplicated and stored.

Recently, demand for cloud storage has increased and many studies are underway. With the development of IT technology, many kinds of devices are being used, and most of the devices are connected to the network. In the environment using existing local storage space, it is changing to store the data of the device in the cloud story using the network in recent years, or to integrate and manage the digital document and information of the enterprise. Cloud storage is largely classified as a private cloud and a public cloud, both of which use data storage in physical storage. As the amount of data stored increases, the number and amount of physical storage devices required increases, which is a costly problem for the cloud environment used by a large number of users. Many researches have been conducted to improve the data storage space efficiency of cloud storage. When many companies and researchers store the same data repeatedly, the actual storage space of the data can be reduced by referring to the originally stored data, rather than allocating space as many times as the number of requests, thereby reducing the maintenance cost of the cloud storage environment.

On the other hand, a technique for preventing repeated storage of data is called a data de-duplication technique. A method for preventing repeated storage of data proceeds in various manners, but a basic operation is performed by comparing previously stored data with newly stored data to determine whether or not the same data is stored. The method of comparing the stored data proceeds through a linear comparison, but the larger the size of the data, the slower the comparison speed of the data becomes.

As a unit for comparing data redundancy, there is a file unit comparison and a block unit comparison. The file-by-file comparison is a method of comparing data of a file unit as a single object, so that even if only one bit of data of two files is recognized as a different file, duplication is not performed. Therefore, the deduplication efficiency is low. However, because the size of a file can be as large as a single file, the deduplication processing speed is very fast. On the other hand, a method of dividing a single file into blocks is also used. In this method, a file is divided into blocks of a certain size and used as one object. The advantage of this method is that even if some of the original files of the two files are different, the duplication is more efficient than the file-by-file comparison method because the two files are individually blocked and only the same part is removed. However, in this method, since a file is divided into a plurality of blocks and each block undergoes a comparison process, the deduplication rate is slower than the deduplication per file unit.

Also, it can be classified into two types depending on the position of deduplication. Data deduplication typically involves deduplicating the original files by sending them to the cloud storage. This method is called a target deduplication method and since the original file is transferred to the cloud storage as it is, the user terminal does not require a deduplication operation. Also, since the hardware processing performance of cloud storage is generally higher than that of an individual user, the processing speed for de-duplication is fast. However, because data sources are transported to cloud storage, there is a lot of data communication traffic. On the other hand, a method of transferring the data to the cloud storage by processing the deduplication at the user's terminal may be used. In this method, data de-duplication is performed at the user's terminal to transmit only the non-duplicated data to the cloud storage. Therefore, data communication traffic is less than the target deduplication method. However, as described above, since the processing performance of the personal user terminal is lower than that of the hardware of the cloud storage, it may take a long time in the deduplication process and a heavy load may be generated on the user's terminal.

On the other hand, information leakage may occur due to internal and external factors of providers of cloud storage. If the information stored in the cloud storage is plain unencrypted, the contents of the leaked data can be fully known. Therefore, it is necessary to encrypt the data stored in the cloud storage. A simple encryption scheme is a technique in which different ciphertexts are generated according to the encryption key possessed by the encrypting subject even if the original text is the same. On the other hand, the data de-duplication technique is a technique of comparing two data to judge whether or not they are the same data. Therefore, even if the original data is the same, different ciphers are different from each other. Various encryption methods and communication methods are applied for this purpose. In this process, there arises a problem that a large number of communications and calculation are performed.

In addition, if integrity is not guaranteed because the verification procedure of the data stored in the cloud storage is not included, the data corresponding to the metadata by the third party different from the stored data and the data actually stored may be different from the data corresponding to the metadata There is a risk of contamination where the problem of getting stolen, corrupted, or malicious code is acquired.

Korean Registered Patent No. 10-1374594 (Published date 2014.03.10.)

SUMMARY OF THE INVENTION An object of the present invention is to provide an encryption data deduplication storage method which improves the communication method and communication data and has a relatively small number of communication and a calculation amount.

The exemplary embodiment of the present invention provides a metadata server that determines whether data is duplicated using metadata of uploaded data and transmits the duplicated data to a user terminal, and receives the duplicated data from the user terminal and verifies the duplicated data, And a storage server for storing data.

The metadata server may generate and transmit a unique session key for encrypting the data to the user terminal.

The metadata server decrypts the data encrypted with the session key and can read whether or not the data is duplicated with the stored metadata.

The metadata server may generate an unsaved data list and a signature value of the data list and transmit the generated signature list to the user terminal.

The storage server may receive the data block of the unsaved data list from the user terminal, process the data block, and compare the data block with the signature value.

The metadata server receives the signature value of the storage server and can generate and store metadata of the file from the signature value.

Data transmission between the user terminal and the metadata server may be performed through a hash value.

According to another embodiment of the present invention, there is provided a method for receiving a hash value of encrypted data from a user terminal and performing deduplication with previously stored data, receiving a duplicated data block generated from the duplicated data list from the user terminal, And synchronizing the stored data blocks. The present invention also provides a method for deduplicating and storing encrypted data in a cloud system.

And generating and transmitting a unique session key for encrypting the data to the user terminal before the deduplication step.

The deduplication step may decrypt the data encrypted with the session key and read the duplication with the stored metadata.

In the deduplication step, deduplication may be performed to generate an unsaved data list and a signature value of the data list, and transmit the unsigned data list and the signature value to the user terminal.

The storing may include receiving a data block of the unsaved data list from the user terminal, processing the data block, and comparing the data block with the signature value.

The synchronizing step may generate and store metadata of a file from the signature value.

As described above, the cloud system according to the present invention distinguishes between a metadata server and an information storage server, determines whether the meta data server is duplicated, and transmits only data that is not duplicated to the information storage server. Also, by verifying data transmitted to the information storage server, it is possible to reduce a number of communication times, a calculation amount, and a traffic amount of communication data generated in the process of storing encrypted data, and reduce the risk of data contamination.

FIG. 1 is a block diagram illustrating a system for redundantly storing encrypted data according to an embodiment of the present invention. Referring to FIG.
FIG. 2 is a diagram illustrating a method of Convergent Encryption (CE) technology according to an embodiment of the present invention.
3 is a diagram illustrating a structure of metadata according to an embodiment of the present invention.
4 is a flowchart showing a deduplication / storage method according to an embodiment of the present invention.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings so that those skilled in the art can easily carry out the present invention. The present invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. In order to clearly illustrate the present invention, parts not related to the description are omitted, and similar parts are denoted by like reference characters throughout the specification.

Throughout the specification, when a part is referred to as being "connected" to another part, it includes not only "directly connected" but also "electrically connected" with another part in between .

Throughout the specification, when an element is referred to as "comprising ", it means that it can include other elements as well, without excluding other elements unless specifically stated otherwise. Also, the terms " part, "" module," and " module ", etc. in the specification mean a unit for processing at least one function or operation and may be implemented by hardware or software or a combination of hardware and software have.

The cloud system for duplicating and storing password data of the present invention is based on a metadata server and an information storage server. In order to compare and remove the encrypted data, the user communicates with the metadata server and has a procedure of uploading the corresponding file to the information storage server based on the result of communication with the metadata server.

Hereinafter, preferred embodiments according to the present invention will be described in detail with reference to the accompanying drawings.

1 is a block diagram illustrating a system 100 for eliminating and storing encrypted data according to an embodiment of the present invention.

Referring to FIG. 1, a cloud system 100 according to an exemplary embodiment of the present invention includes a metadata server 110 that transmits / receives data to / from a user terminal 200, and an information storage server.

At this time, the information transmission / reception of each of the metadata server 110, the user terminal 200, and the information storage server 120 is performed through a network including wired and wireless, ID) and the public keys of each other are distributed.

The user terminal 200 is a terminal 200 capable of performing upload and download for accessing a cloud service provided by the cloud system 100 and sharing information, and includes a smart phone, a notebook, or a tablet PC.

The user terminal 200 interacts with the servers of the cloud system 100 via a wired / wireless network, wherein the wireless network may include wifi, bluetooth, and the like.

In addition, the user terminal 200 may further include a display device capable of displaying an operation with the cloud system 100.

The cloud system 100, which removes encrypted data and stores it, confirms the user terminal 200, issues a session key, verifies whether or not the blocks of the file to be uploaded by the user terminal 200 are stored, and returns a result And an information storage server 120 for storing only data that is not overlapped with the metadata server 110 in cooperation with the metadata server 110.

The metadata server 110 receiving the upload request from the user terminal 200 confirms the corresponding user terminal 200 and issues a session key which is a symmetric encryption key for the communication session with the corresponding user terminal 200.

After issuing the session key, the user terminal 200 encrypts the file to be uploaded by dividing it into blocks, encrypts the encrypted file with the session key, and transmits the encrypted hash value to the metadata server 110.

The metadata server 110 compares the received hash values with the hash values previously stored in the metadata server 110 to determine whether to store the hash values, and reconstructs only the unsaved hash values to construct the data. The metadata server 110 encrypts the reconstructed hash value using the secret key of its own public key encryption algorithm, generates a signature value, and transmits the signature value to the user terminal 200. The user terminal 200 reconstructs a block to be uploaded based on the reconstructed hash value received from the metadata server 110 and transmits the reconstructed block to the information storage server 120 together with the signature value transmitted by the metadata server 110 send.

The information storage server 120 compares the transmitted block with the signature value to determine whether the user has transmitted the correct blocks. When the user transmits the correct block, the information storage server 120 notifies that the user has transmitted the correct block through synchronization with the metadata server 110, and the metadata server 110 stores the data stored in the information storage server 120 Lt; / RTI >

In FIG. 1, the information storage server 120 and the metadata server 110 are illustrated as being formed together, but this does not indicate physical proximity.

Hereinafter, specific symbols will be used to describe them.

Before describing the embodiments of the present invention, the symbols used in the following description are defined as follows.

*: Participating object (

Figure 112015104408917-pat00001
:user
Figure 112015104408917-pat00002
,
Figure 112015104408917-pat00003
: Metadata Server,
Figure 112015104408917-pat00004
: Information storage server)

Figure 112015104408917-pat00005
: Original file

Figure 112015104408917-pat00006
: One-way hash function

Figure 112015104408917-pat00007
: Duplicate
Figure 112015104408917-pat00008
Number of

Figure 112015104408917-pat00009
: Not duplicated
Figure 112015104408917-pat00010
Number of

Figure 112015104408917-pat00011
:
Figure 112015104408917-pat00012
All
Figure 112015104408917-pat00013
Number of

Figure 112015104408917-pat00014
:
Figure 112015104408917-pat00015
Convergent Encryption Encryption Key to Encrypt

Figure 112015104408917-pat00016
:
Figure 112015104408917-pat00017
Encrypted with
Figure 112015104408917-pat00018

Figure 112015104408917-pat00019
:
Figure 112015104408917-pat00020
Hash < / RTI >
Figure 112015104408917-pat00021

Figure 112015104408917-pat00022
:
Figure 112015104408917-pat00023
Consisting of a set of
Figure 112015104408917-pat00024
List of

Figure 112015104408917-pat00025
: Duplicate removed
Figure 112015104408917-pat00026

Figure 112015104408917-pat00027
: Duplicate removed
Figure 112015104408917-pat00028

Figure 112015104408917-pat00029
:file
Figure 112015104408917-pat00030
Hash < / RTI >
Figure 112015104408917-pat00031

Figure 112015104408917-pat00032
:user
Figure 112015104408917-pat00033
Identifier

Figure 112015104408917-pat00034
: Encrypted
Figure 112015104408917-pat00035
Set of

Figure 112015104408917-pat00036
: The session key between the metadata server and the user

Figure 112015104408917-pat00037
: * Symmetric key

Figure 112015104408917-pat00038
: * Public key

Figure 112015104408917-pat00039
: * Private key

Figure 112015104408917-pat00040
: Encryption using key ** as an encryption key

Figure 112015104408917-pat00041
: Decryption using key ** as decryption key

Figure 2 illustrates a method of the Convergent Encryption (CE) technology used in the system 100 of the present invention.

CE encryption method is the original file

Figure 112015104408917-pat00042
The hash value obtained by hashing the hash algorithm in the hash module
Figure 112015104408917-pat00043
As a symmetric key, and calculates it as shown in Equation (1) by using an encryption key encrypted by the encryption module.

[ Equation 1 ]

Figure 112015104408917-pat00044

3 is a diagram illustrating a structure of metadata according to an embodiment of the present invention.

Referring to FIG. 3, the metadata stored in the metadata server 110 includes metadata

Figure 112015104408917-pat00045
Identifier (
Figure 112015104408917-pat00046
), A list of hashed blocks (
Figure 112015104408917-pat00047
), Data obtained by encrypting a set of encryption keys (block
Figure 112015104408917-pat00048
), user
Figure 112015104408917-pat00049
Identifier (
Figure 112015104408917-pat00050
).

Specifically, as shown in Equation 2,

Figure 112015104408917-pat00051
Hash
Figure 112015104408917-pat00052
.

& Quot; (2 ) & quot ;

Figure 112015104408917-pat00053

Also,

Figure 112015104408917-pat00054
And uses CE to encrypt it. CE encryption is a specially generated encryption key
Figure 112015104408917-pat00055
To use a general symmetric key encryption scheme. The generation of the encryption key used at this time is calculated as shown in Equation (3).

& Quot; (3 ) & quot ;

Figure 112015104408917-pat00056

Figure 112015104408917-pat00057
Encrypted using
Figure 112015104408917-pat00058
The
Figure 112015104408917-pat00059
( CID ), and the hashed data
Figure 112015104408917-pat00060
List of
Figure 112015104408917-pat00061
.

Also,

Figure 112015104408917-pat00062
List of
Figure 112015104408917-pat00063
And
Figure 112015104408917-pat00064
on
Figure 112015104408917-pat00065
,
Figure 112015104408917-pat00066
,
Figure 112015104408917-pat00067
To generate metadata.

Hereinafter, with reference to FIG. 4, a description will be given of a method of deduplicating and storing encryption data between the cloud system 100 and the user terminal 200 according to an embodiment of the present invention.

The embodiment includes an encryption and deduplication request step of the user terminal 200, a deduplication processing step, a step in which the user terminal 200 uploads the deduplicated encrypted data, and a data synchronization step.

In the cloud system 100 of the embodiment, since the confidentiality of data is required, it is necessary to encrypt the transmitted data. Therefore, it is necessary to distribute the session key between the metadata and the user terminal 200.

First, the user terminal 200 transmits its identifier < RTI ID = 0.0 >

Figure 112015104408917-pat00068
(S100).

After confirming the user's identity from the identifier, the metadata server 110 distributes the encrypted session key to the user using the public key of the user terminal 200 (S110).

Next, the user terminal 200 transmits the session key of the file to be uploaded

Figure 112015104408917-pat00069
By encrypting
Figure 112015104408917-pat00070
And
Figure 112015104408917-pat00071
,
Figure 112015104408917-pat00072
To the metadata server 110 (S120).

Next, the deduplication step of the metadata server 110 proceeds (S130).

The deduplication step may include comparing the hash value of the cipher data transmitted from the user terminal 200 with the data stored in the metadata server 110, comparing the cipher data and generating a list of the unsaved data, ≪ / RTI >

First, the metadata server 110 transmits

Figure 112015104408917-pat00073
Decoded
Figure 112015104408917-pat00074
And the metadata stored in the metadata server 110
Figure 112015104408917-pat00075
And determines whether or not each block is stored.

Next, the metadata server 110 transmits the metadata

Figure 112015104408917-pat00076
Blocks which are not stored among the blocks of
Figure 112015104408917-pat00077
. In addition, the metadata server 110 creates a signature value that can be created only by the metadata server 110
Figure 112015104408917-pat00078
To the user (S140). The signature value generation is as shown in Equation (4).

& Quot; (4 ) & quot ;

Figure 112015104408917-pat00079

Next, the user terminal 200 uploads the block to the information storage server 120, and the information storage server 120 verifies the block.

First, the user terminal 200

Figure 112015104408917-pat00080
And signature value
Figure 112015104408917-pat00081
And reconstructs a block that is not stored in the information storage server 120
Figure 112015104408917-pat00082
.

to the next,

Figure 112015104408917-pat00083
And the signature value received from the metadata server 110
Figure 112015104408917-pat00084
,
Figure 112015104408917-pat00085
To the information storage server 120 (S160).

Accordingly, the information storage server 120

Figure 112015104408917-pat00086
Included in
Figure 112015104408917-pat00087
Respectively.
Figure 112015104408917-pat00088
. next,
Figure 112015104408917-pat00089
With a list of
Figure 112015104408917-pat00090
And is compared with the signature value (S170).

The comparison operation procedure is shown in Equation (5).

& Quot; (5 ) & quot ;

Figure 112015104408917-pat00091

Figure 112015104408917-pat00092

If the two hash values are equal to each other as in Equation (5), the unsaved data is stored.

Finally, when the data is normally stored in the information storage server 120, the metadata server 110 may synchronize with the metadata server 110 so that the metadata can be normally stored in the metadata server 110.

The information storage server 120 verifies the operation value of the data uploaded by the user and the signature value of the metadata server 110, and when the normal data is uploaded, the signature value of the metadata server 110

Figure 112015104408917-pat00093
Signed with its own secret key, and transmits it to the metadata server 110 (S180).

The operation of the secret key is shown in Equation (6).

& Quot; (6 ) & quot ;

Figure 112015104408917-pat00094

The metadata server 110 receives the signature value of the information storage server 120 and can confirm the contents of the signature value. The signature value generated by the metadata server 110 itself,

Figure 112015104408917-pat00095
Through the
Figure 112015104408917-pat00096
It is confirmed that the block of < RTI ID = 0.0 >
Figure 112015104408917-pat00097
(S190), and terminates the cloud upload.

As described above, after confirming whether or not the data is duplicated through the metadata, the information is stored in the information storage server 120, thereby minimizing the data transmission for duplicate verification, and using the encryption technology to solve the security problem.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but is capable of numerous modifications and alterations without departing from the spirit or scope of the invention.

It will be apparent to those skilled in the art that various modifications and variations can be made in the present invention without departing from the spirit or scope of the invention as defined in the following claims. There will be.

100: Cloud system
110: Metadata server
200: user terminal

Claims (5)

A session key for a communication session with the user terminal is issued to the user terminal when the upload request is received from the user terminal, and the file to be uploaded by the user terminal is divided into blocks and encrypted by hashing The encrypted hash value is compared with a previously stored hash value to determine whether to store the hash value, reconstructs only the hash value that is not stored, encrypts the hash value with the secret key using the reconstructed hash value, A metadata server for generating and transmitting to the user terminal, and
And if the block to be uploaded is reconstructed based on the reconstructed hash value and the signature value is transmitted from the user terminal together with the signature value,
≪ / RTI > The metadata server generates a unique session key for data encryption and transmits the generated session key to the user terminal,
The metadata server decrypts the data encrypted with the session key by the user terminal and reads the hash value of the encrypted data from the user terminal by reading the duplication with the metadata stored in the metadata server And performing duplicate removal with the stored data,
The information storage server receives and verifies and stores the deduplicated data block generated from the deduplicated data list from the user terminal, and
Wherein the information storage server is configured to synchronize the stored data block with the metadata server
And storing the encrypted data in the storage medium. delete delete 3. The method of claim 2,
Wherein the de-
And generating a signature value of the unlisted data list and the data list and transmitting the generated signature list to the user terminal.
KR1020150149590A 2015-10-27 2015-10-27 Cloud system for storing secure data and method thereof KR101790757B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150149590A KR101790757B1 (en) 2015-10-27 2015-10-27 Cloud system for storing secure data and method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150149590A KR101790757B1 (en) 2015-10-27 2015-10-27 Cloud system for storing secure data and method thereof

Publications (2)

Publication Number Publication Date
KR20170049700A KR20170049700A (en) 2017-05-11
KR101790757B1 true KR101790757B1 (en) 2017-10-27

Family

ID=58741997

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150149590A KR101790757B1 (en) 2015-10-27 2015-10-27 Cloud system for storing secure data and method thereof

Country Status (1)

Country Link
KR (1) KR101790757B1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102018382B1 (en) * 2017-10-20 2019-09-04 김남희 Good restaurant information providing system

Also Published As

Publication number Publication date
KR20170049700A (en) 2017-05-11

Similar Documents

Publication Publication Date Title
US11108753B2 (en) Securing files using per-file key encryption
US10877850B2 (en) Systems and methods of transmitting data
EP3062261B1 (en) Community-based de-duplication for encrypted data
US8892866B2 (en) Secure cloud storage and synchronization systems and methods
CN106453612B (en) A kind of storage of data and shared system
US10685141B2 (en) Method for storing data blocks from client devices to a cloud storage system
KR102450295B1 (en) Method and apparatus for deduplication of encrypted data
KR101285281B1 (en) Security system and its security method for self-organization storage
EP3235163B1 (en) De-duplication of encrypted data
Yan et al. A scheme to manage encrypted data storage with deduplication in cloud
CN109787747B (en) Anti-quantum-computation multi-encryption cloud storage method and system based on multiple asymmetric key pools
KR101790757B1 (en) Cloud system for storing secure data and method thereof
CN109787965B (en) Quantum computing resistant cloud storage method and system based on multiple asymmetric key pools
KR101413248B1 (en) device for encrypting data in a computer and storage for storing a program encrypting data in a computer
CN104683113A (en) Security storage method based on data encryption
CN104660720A (en) Security storage method based on identity authentication
CN117061126A (en) System and method for managing encryption and decryption of cloud disk files
CN111506546A (en) High-security file cloud storage method
Gaikwad et al. Journal homepage: http://www. journalijar. com INTERNATIONAL JOURNAL OF ADVANCED RESEARCH RESEARCH ARTICLE

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E902 Notification of reason for refusal
E701 Decision to grant or registration of patent right
GRNT Written decision to grant