CN102014133B - Method for implementing safe storage system in cloud storage environment - Google Patents

Method for implementing safe storage system in cloud storage environment Download PDF

Info

Publication number
CN102014133B
CN102014133B CN 201010569398 CN201010569398A CN102014133B CN 102014133 B CN102014133 B CN 102014133B CN 201010569398 CN201010569398 CN 201010569398 CN 201010569398 A CN201010569398 A CN 201010569398A CN 102014133 B CN102014133 B CN 102014133B
Authority
CN
China
Prior art keywords
file
key
user
access control
step
Prior art date
Application number
CN 201010569398
Other languages
Chinese (zh)
Other versions
CN102014133A (en
Inventor
舒继武
薛巍
薛矛
沈志荣
Original Assignee
清华大学
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 清华大学 filed Critical 清华大学
Priority to CN 201010569398 priority Critical patent/CN102014133B/en
Publication of CN102014133A publication Critical patent/CN102014133A/en
Application granted granted Critical
Publication of CN102014133B publication Critical patent/CN102014133B/en

Links

Abstract

在云存储环境下一种安全存储系统的实现方法属于存储安全技术领域,其特征在于:在服务器中根据用户需求建立信任域,在其中利用公钥基础设施PKI进行身份认证,利用用户空间的文件系统FUSE,实现了存储系统与底层系统无关,利用哈希算法SHA1算法以块为单位对文件计算哈希值,再利用密钥和对称加密算法AES算法对以块为单位对文件块加密,再将文件密文上传到云存储区中的文件服务器,保证了文件的机密性和完整性,文件所有者通过在访问控制列表中指定具有对该文件进行访问的用户及其权限,在发生权限撤销操作时,将对文件进行重新加密的操作推迟,只有当用户对文件内容进行修改时,由该用户重新加密修改内容所在的文件块,系统实行了文件块密钥、安全元数据文件密钥和信任域服务器密钥三层密钥管理,既保证了权限撤销时文件的 In the cloud storage environment to achieve a method for secure storage system belongs to the field of secure storage technology, comprising: establishing in the server according to user needs a trusted domain, in which the use of public key infrastructure PKI for authentication, using the user-space file FUSE system, to achieve a system independent of the underlying storage system, using a hashing algorithm is SHA1 algorithm calculates a hash value of a block of the file as a unit, and then using the key of a symmetric encryption algorithm AES algorithm in block units encrypted file block, then the ciphertext file uploaded to the cloud storage area file server, ensure the confidentiality and integrity of the file, the file owner by specifying users and their privileges have access to the file in the access control list, in the event of withdrawal rights in operation, the files are re-encrypted operating postponed only if the user of the content of the document be modified by the user to re-encrypt the file to modify the contents of the block is located, the file system block implementation of key safety and key metadata file trusted domain server key three key management, both to ensure the rights revoked when the file 全性,又不增加系统的管理负担。 Full resistance, without increasing the administrative burden of the system.

Description

在云存储环境下一种安全存储系统的实现方法 An Implementation Method secure storage system in the cloud storage environment

技术领域 FIELD

[0001] 云存储环境下安全存储系统的实现方法属于存储安全领域,尤其涉及其中的安全访问控制、密钥分发管理和文件管理等技术领域。 [0001] The method implemented in the secure storage system stores a cloud storage environment belongs to the field of security, in particular, relates to a technical field wherein the security access control, key distribution and management file management.

背景技术 Background technique

[0002] 现今随着云计算技术的飞速发展,云存储也逐渐受到了广泛的关注和应用,文件所有者可以创建文件,并将文件上传到云存储区中,将文件交由云存储服务提供商进行管理,同时该文件所有者可以允许指定其他用户对该文件进行读写访问,实现了文件的共享访问。 [0002] With the rapid development of today's cloud computing technology, cloud storage has gradually been widespread attention and application, file owner can create a file and upload it to the cloud storage area in the file handed over to the cloud storage service provider business management, while the owner of the file can allow other users to specify the file read-write access, to achieve the shared access to files.

[0003] 虽然云存储服务提供商能够给用户提供方便的文件共享访问,但是存在于其中的安全问题则不容忽视。 [0003] While cloud storage service providers to provide easy access to file-sharing users, but there is a problem in which the security is not be ignored. 首先,文件的机密性无法保证:文件是以明文形式存储于云存储区中,这些信息都毫无保留地置于云存储服务提供商的视线之中,倘若云存储服务提供商获取了这些文件信息,并应用于非法目的,则将给用户带来不可预计的后果;其次,文件信息的完整性无法保证:在其他用户对该文件的共享时,文件的信息是以明文的形式在网络中传输,这样就给网络窃听者带来了可乘之机,网络窃听者可以在网络中截取文件信息,在得到文件信息后,可以将不利于自己的一些信息删去,同时人为添加一些对自己有利的虚假信息,然后再将该信息发给其他用户,达到自己的非法目的;再次,对于权限的没有有效地管理,以及权限撤销时的安全性无法保证:如何能够有效实现用户对该文件的共享,以及当一个用户的对该文件的访问权限被撤销后,如何能够保证该文件更 First of all, can not guarantee the confidentiality of documents: documents are stored in the clear in the cloud store, this information is placed in the line of sight unreservedly cloud storage service provider, if the cloud storage service provider to obtain these documents information, and applied for illegal purposes, will give users unpredictable consequences; secondly, the integrity of the file information is not guaranteed: when other users sharing the file, the information in the form of plain text files in the network transmission, thus giving an opportunity to bring the network eavesdroppers, network eavesdropper can intercept file information in the network, after obtaining the file information, may be detrimental to some of their own information to delete, and add some of their own people favorable false information, then the information to other users, to achieve their illegal purpose; again, for not effectively manage permissions, and security can not be guaranteed at the time of withdrawal rights: how to effectively implement user to the file sharing, and access to the file when a user is revoked, how can we ensure that the file is more 后的内容不会再被撤销权限的用户获得。 The contents will not be obtained revoked permission. 以上这些都是考验安全存储系统的一些安全性问题。 These tests are some security issues secure storage system.

[0004] 安全存储系统的功·能是使用户能够保证共享数据的安全,它的实现方法是:首先文件所有者在本地使用哈希算法对该文件以块为单位计算哈希值,并使用密钥和加密算法对文件以块为单位进行加密,然后将密文和哈希值一起放入公共的存储区进行存储,这样公共存储区的管理员就无法得知文件的内容,保证了数据的机密性,同时由该文件的所有者将密钥分发给他认为可以对该文件进行访问的用户。 [0004] · safety function storage system could be enabling the user to ensure the security of shared data, its implementation is: First, the owner of the file hash value is calculated using a hashing algorithm to the file locally in units of blocks, and using key encryption algorithm and the file is encrypted in units of blocks, and then together into a common storage area to store the ciphertext and the hash value, the administrator so common memory area can not know the contents of the file to ensure that the data confidentiality, while the owner of the file will be key available to the user that he believes can access the file. 这些用户可以访问该文件,并用掌握的密钥对访问内容所在文件块进行解密,然后计算这些块的哈希值,看是否与保存的哈希值相等,如果相等,则说明访问的内容是完整的,最后再进行读取文件的内容。 These users can access the file and decrypt the file blocks access to content resides with the master key, and then calculate the hash values ​​of these blocks, to see whether the same hash value stored, if they are equal, then the content access is complete Finally then read the contents of the file. 在国内外现今所实现的安全存储系统,虽然保证了文件的机密性和完整性,但是还有一些不足:首先,有的存储系统的实现需要底层存储系统的支持,甚至是需要对内核的版本进行改动或者是有特定内核版本的要求,这样给用户带来了许多不便,如果用户需要使用这些安全存储系统,则需要安装特定的底层存储系统,或者是需要特定版本的内核,或者是需要对内核进行修改;其次,有的安全存储系统在对文件进行操作时,使用到了非对称加密算法,在一些情况中还需要使用到密钥回滚操作,由于非对称加密算法的复杂度较高,因此该类安全存储系统的性能不容乐观;再次,大部分现今的安全存储系统在对待用户的权限撤销上,一般使用的是积极撤销方法,积极撤消操作出现的背景是:由于文件的所有者可能会认为已经授权访问该文件的某个用户会对 In the secure storage system at home and abroad now realized, although to ensure the confidentiality and integrity of files, but there are some shortcomings: First, to achieve some of the storage system needs to support the underlying storage system, or even require version of the kernel make changes or require specific kernel version, so a lot of inconvenience to the user, if the user needs to use these secure storage system, you need to install a specific underlying storage system or require a specific version of the kernel, or the need for modify the kernel; Secondly, some secure storage system when the file operation, using an asymmetric encryption algorithm to, in some cases also need to use a key to rollback operation, due to the higher complexity of asymmetric encryption algorithm, Therefore, the performance of this type of secure storage system is not optimistic; again, today's most secure storage system in dealing with the user's privileges revoked, the revocation of the general using positive methods, and actively undo background that appear are: As owner of the file may You will be deemed to have been authorized to access the files a user will 文件进行破坏或者该用户可能会将文件的内容散发出去,造成文件所有者所不希望看到的效果,因此文件所有者可能会将这个用户的权限进行撤销,但是由于该用户已经掌握了访问该文件所需要的密钥,因此为了保证文件的安全性,文件所有者不得不立刻重新生成新的密钥,并用新的密钥重立刻新对文件进行加密,最后将新的密钥分发给除了被撤销权限的用户之外的其他合法用户,这就是积极撤销,这样做带来的一些后果是,对于大文件来说,积极撤销带来的立刻重新加密的密码学开销极为庞大,同时在频繁撤销的环境中,这种安全存储系统的开销也可能让用户难以承受。 Document destruction or the user may file content will dissipate, resulting in the effect file owners do not want to see, so the file owner might revoke the user's permission, but because the user has access to the master key files needed, so in order to ensure the security of the file, the file's owner had to immediately generate a new key, and immediately re new to encrypt the file with the new key, a new key will be the last addition to distribute revoked permission to other legitimate users other than the user, which is actively withdrawn, some of the consequences of doing so bring that for large files, bring positive revoked immediately re-encrypted cryptography spending very large, while frequently revocation of the environment, the cost of this secure storage system may also allow the user to bear.

[0005] 本发明实现了一种云存储环境下的安全存储系统,其为用户保证了数据的机密性和完整性,同时对用户的权限进行的有效地管理,并保证了权限撤销时文件的安全性,该系统还具有良好的可拓展性。 [0005] The present invention achieves a secure storage system under a cloud storage environment, which for the user to ensure confidentiality and integrity of data, while efficiently managing a user's privileges, and ensuring the time revoke the authority file safety, the system also has good scalability.

发明内容 SUMMARY

[0006] 本发明的目的在于提供一种云存储环境下安全存储系统的系统架构,使得用户在不可信的存储和网络环境中即使失去了对系统物理资源的控制仍然可以安全高效地进行文件共享,同时数据安全保护与已部署的底层存储系统无关:底层存储系统只提供可靠的数据存储服务,而数据机密性、完整性的保护与访问控制则在根据用户需求设立的信任域中完成;用户可以不依赖底层存储系统提供数据安全性保护机制就能保证自己数据端到端的安全性,反过来底层存储系统也无法干涉用户的安全性保护机制。 [0006] The object of the present invention to provide a secure system architecture storage system in one kind of cloud storage environment, so that the user's storage and untrusted network environment even if the system loses control of the physical resource can still be safe and efficient file sharing while data security is independent of the underlying storage system deployed: the underlying storage system only provides reliable data storage services, data confidentiality, integrity, protection and access control is done in the trusting domain set up according to user needs; user can not rely on the underlying storage system to provide data security protection mechanisms will be able to ensure the security of their own data end to end, in turn, the underlying storage system can not interfere with the security mechanisms to protect the user. 该架构将数据安全保护的责任从用户不具有控制权限的数据服务器和安全性较弱的单个客户机集中到具有较高安全级别的、可由用户自己设定维护的、可信的信任域服务器上,从而消除了存储系统对不可信文件服务器的信任需求,并降低了用户的管理复杂度和由客户机密钥泄漏所带来的安全风险,因此非常适用于用户对底层共享文件系统没有控制权限的应用场景。 The responsibility for data security architecture does not have control right from the user data server and the weaker single client focus to have a higher level of security, maintained by the users themselves set, the trusted server domain trust , thereby eliminating the need for storage system trust untrusted file server, manage and reduce the complexity of the user and the security risk posed by the client key compromise brings, making it ideal for the user does not control the underlying rights to the shared file system application scenarios.

[0007] 本发明的框架包括:信任域服务器、文件服务器、客户端和网络。 Frame [0007] of the present invention comprising: a trusted domain server, file server, client and the network. 其作用分别如下: Its effect are as follows:

[0008] 1)信任域服务器:其作用是对用户的身份进行认证,并对文件的密钥进行管理和分发; [0008] 1) the trust domain server: its role is to authenticate the user's identity, and the key file management and distribution;

[0009] 2)文件服务器:其作用是存储文件和安全元数据文件; [0009] 2) File Server: its role is to store documents and security metadata file;

[0010] 3)客户端:创建文件并对文件进行访问; [0010] 3) Client: create a file and the file is accessed;

[0011] 4)网络:作为文件传输的介质,传输用户的访问请求和文件信息; [0011] 4) Internet: medium access request and transmits the user information file as a file transfer;

[0012] 本发明的思路是: [0012] The idea of ​​the invention is:

[0013] I)该存储系统与底层存储系统无关;即数据安全保护与已部署的底层存储系统无关,底层存储系统只提供可靠的数据存储服务,而数据机密性、完整性的保护与访问控制则在根据用户需求设立的信任域中完成;用户可以不依赖底层存储系统提供数据安全性保护机制就能保证自己数据端到端的安全性,反过来底层存储系统也无法干涉用户的安全性保护机制; [0013] I) The storage system independent of the underlying storage system; i.e., independent of the underlying data security storage system deployed, the underlying storage system only provides reliable data storage services, data confidentiality, integrity protection and access control the trust established under the domain user needs to complete; users can not rely on the underlying storage system to provide data security protection mechanisms will be able to ensure the security of their own data end to end, in turn, the underlying storage system can not interfere with the user's security protection mechanisms ;

[0014] 2)文件的机密性和完整性保护; Confidentiality [0014] 2) file and integrity protection;

[0015] 1.文件所有者创建文件;首先在本地使用哈希算法——SHAl算法对文件以块为单位计算哈希值,然后使用密钥和加密算法AES算法对文件以块为单位进行加密,然后上传到云存储区中存储,这样就保证了文件在云存储区中的机密性,其中SHAl算法是由美国国家安全局设计,并由美国国家标准与技术研究院发布的一种安全散列算法,是一种被广泛应用的哈希算法,它的用处是将冗长的文件压缩成为一段独特的数字信息(一般称为哈希值),保证原来文件的合法性和安全性,同时AES算法是美国国家技术标准委员会在2000年所确定的高级加密标准,是一种广泛应用的保护数据安全的加密算法;方便的密钥管理文件所有者将密钥分发和管理的权限交给信任域服务器进行。 [0015] 1. Create a file owner file; file hash value is first calculated in a block unit using a hashing algorithm --SHAl algorithm locally and using the key encryption algorithm, AES algorithm, and the file is encrypted in units of blocks and then uploaded to the cloud storage regions, thus ensuring the cloud store confidential documents, which SHAl algorithm is designed by the national security Agency by the US national Institute of standards and technology released a secure loose column algorithm, hash algorithm is widely used, its usefulness is lengthy file compressed into a period of unique digital information (commonly referred to as a hash value), to ensure the legitimacy and safety of the original document, while AES advanced encryption standard algorithm is in the year 2000. the national technical standards Committee established, data protection is a widely used secure encryption algorithm; convenient key management owner of the file permissions to key distribution and management of trusted domain server.

[0016] i1.文件所有者指定访问控制列表,指定具有对该文件进行访问的权限的用户;当文件所有者创建一份该文件的访问控制列表,将他认为可以对该文件进行访问的用户添加入访问控制列表,并将访问控制列表发给信任域服务器,信任域服务器将该文件的密钥发给访问控制列表上的用户。 . [0016] i1 owner of the file specified access control list, specify the user has rights of access to the file; if the file owner creates a copy of the file's access control list, he thought that a user access to the file added to the access control lists, and access control lists sent to trusted domain server, domain server trust the key document issued on user access control list. 当具有访问权限的用户对文件进行访问时,数据是以密文形式在网络中传输,用户再利用掌握的密钥对文件以块为单位进行解密,然后使用SHAl算法对解密后的文件以块为单位计算哈希值,判断是否与读取到的哈希值相等,若相等,则表示数据是完整的,最后读取文件内容,若用户计算的哈希值与读取到的哈希值不相等,则表示数据的完整性遭到了破坏,则向系统报错; When a user has access to the file access, the data is cipher text transmitted in the network, the user re-use master key file is decrypted in units of blocks, then SHAl algorithm decrypted file block hash value is calculated as a unit, it is determined whether the read is equal to the hash value, if they are same, then the data is complete, the contents of the last read the file, if the user hash value with the calculated hash value read are not equal, then data integrity has been destroyed, the error to the system;

[0017] 3)密钥的分发管理由信任域服务器统一进行;在该安全存储系统中主要实现的密钥管理主要分为三层,其理由是:利用层级的组织方式对对称密钥进行组织管理,从而达到既保证系统性能和安全性,又不增加系统的管理负担的目的。 Distribution Management [0017] 3) key unified by a trusted domain server; in the secure storage system is mainly to achieve key management is divided into three layers, on the grounds that: the use of hierarchical organization of the symmetric key organizations management, so as to achieve both to ensure system performance and security without increasing the administrative burden of the system's purpose. 操作步骤如下: Steps are as follows:

[0018] 1.文件块密钥:为了安全高效地处理大文件,在本系统中以块为单位加密文件,并称此块为文件块,以区分底层存储系统块,每个文件块都使用一个单独的叫做文件块密钥的对称密钥进行加密,并且每个文件都有一组文件块密钥,; [0018] 1. File block key: for safe and efficient handling of large files, in the present system the encrypted file in units of blocks, and said blocks in this file block, to distinguish the underlying block storage system, each file blocks use a separate file called the block key encrypted symmetric key, and each has a set of file blocks file key;

[0019] i1.安全元数据文件密钥:保存在安全元数据文件中的密钥是第二级,这些密钥包括一个锁盒子密钥LBK和一个文件签名密钥FSK。 [0019] i1 security key file metadata: metadata file stored in the security key in the second stage, these keys include a key lock box and a file signature key LBK the FSK. 锁盒子密钥LBK指的是:在一个锁盒子中装有一个文件中的所有文件块密钥,但是这个盒子则被对称的锁盒子密钥LBK加密。 LBK key lock box means: all files with a file of key blocks in a lock box, but the box were LBK symmetric encryption key lock box. 只有得到锁盒子密钥LBK的授权用户才能解密锁盒子,进而得到文件块密钥以解密文件内容;文件签名密钥F·SK主要是写用户在对文件进行修改后的签名密钥。 Only with a key lock box LBK authorized users can decrypt the lock box, and then get the file block key to decrypt the file contents; file signature key F · SK mostly written after the signing key in the user file to be modified. 在这个安全存储系统中,正是通过文件签名密钥FSK来区分读操作和写操作,需要说明的是,锁盒子密钥LBK和文件签名密钥FSK都是对称密钥,采用复杂度较低的对称密钥可以显著降低系统的密码学计算开销; In this secure storage system, it is distinguished by a signature key FSK file read and write operations, it is noted that the lock box and key LBK file signature key is a symmetric key FSK, using less complex symmetric key cryptosystem can significantly reduce the computational overhead of the learning;

[0020] ii1.信任域服务器密钥:最上面的层次是信任域服务器密钥;所谓信任域服务器密钥只是信任域服务器所维护的两个对称密钥,一个叫做信任域服务器加密密钥ASEK,一个叫做信任域服务器签名密钥ASSK。 [0020] ii1 trusted domain server Key: top-level domain is trusted server key; the so-called trusted domain server key just two symmetrical trusted domains maintained by the server key, called a trusted domain server encryption key ASEK. , called a trusted domain server signing key ASSK. 前者用来加密数据文件所对应的安全元数据文件的锁盒子密钥LBK和文件签名密钥FSK,从而进行访问控制和区分读-写操作;后者用来作为HMAC算法的输入参数,对安全元数据文件中的访问控制块计算HMAC值以保证其完整性,其中HMAC是一种使用加密散列函数和密钥计算出来的一种消息验证码,它的作用主要是对消息的完整性进行检查。 The former is used to encrypt the data file corresponding to the security lock box metadata file and key file signature key LBK FSK, thereby performing access control to distinguish between the read and - write operation; which is used as an input parameter of the HMAC algorithm, the security metadata file access control block calculates HMAC value to ensure its integrity, where HMAC is a hash function and an encryption key using one kind of message authentication code calculated, its main function is the integrity of the message an examination. 信任域服务器必须保证这两个密钥的机密性,任何时候都不能将这两个密钥泄露给其他任何人,这一点可以在实际应用中借助硬件辅助手段实现。 Trusted domain server must ensure the confidentiality of these two keys, no time can the two key disclose to any other person, this can be implemented by means of hardware-assisted means in practical applications.

[0021] 本发明的特征在于,所述的方法是在信任域服务器、客户端和文件服务器组成的网络中,使用用户空间的文件系统FUSE在Linux上依次按照以下步骤实现的: [0021] The present invention is characterized in that in the method the network is trusted server domain, and the client's file servers, a user's file system space FUSE following steps are sequentially implemented on Linux:

[0022] 步骤(I):网络的初始化, [0022] Step (I): network initialization,

[0023] 步骤(1.1):信任域服务器的初始化,设立用户认证模块和访问控制模块,其中用户认证模块采用了SSL/TLS协议和公钥基础设施PKI,访问控制模块是在文件所有者授权下执行对文件的访问控制,在系统中采用了三级密钥管理机制,其中第一级密钥是文件块密钥,为了安全高效地处理大文件,在本系统中以块为单位加密文件,并称此块为文件块,每个文件块都使用一个单独的叫做文件块密钥的对称密钥进行加密,文件块密钥被加密后,存储在安全元数据文件中,第二级密钥是安全元数据文件密钥,包括一个锁盒子密钥LBK和一个文件签名密钥FSK,每个文件都有独自的安全元数据文件密钥,其中锁盒子密钥LBK被用来加密该文件中的所有文件块密钥,保证文件块密钥的机密性,后者是写用户在对文件数据进行修改后的签名密钥,用于区分读操作和写操作, [0023] Step (1.1): trusting domain server initialization, set up user authentication module and access control module, where user authentication module using the SSL / TLS protocol and Public Key Infrastructure PKI, access control module is authorized under the file owner performing access control file, in a system using the three key management mechanism, wherein the first stage is the key block key files, security processing for large files efficiently, in the present system files encrypted in units of blocks, this file blocks and said blocks, each block uses a separate file called a symmetric key to encrypt the key file blocks, the file key is encrypted blocks, the security metadata file stored in the second stage key It is the security metadata file key, comprising a lock case and a key file signature key LBK FSK, each file has its own security key metadata file, wherein the lock box LBK key was used to encrypt the file all the file blocks of keys, key confidentiality of the file block, which is written in the user data file to the modified signature key for distinguishing the read and write operations, 三级密钥是信任域服务器密钥,是信任域服务器所维护的两个对称密钥,一个叫做信任域服务器加密密钥ASEK,用来加密数据文件所对应的安全元数据文件的锁盒子密钥LBK和文件签名密钥FSK,从而进行访问控制和区分读-写操作,一个叫做信任域服务器签名密钥ASSK,用来对安全元数据文件中的访问控制块计算基于哈希的消息验证码,即HMAC值,以保证访问控制块的完整性, Three key server key is trusted domain, trusted domains are two symmetric key maintained by the server, a trusted domain called a server encryption key ASEK, lock box for encrypt encrypted data file corresponding to the security metadata file LBK file signature key and key FSK, thereby performing access control to distinguish between the read and - write operation, is called a trusted server domain signature key ASSK, the security metadata is used to access the file control block is calculated based on a hash message authentication code , i.e. HMAC value to ensure the integrity of the access control block,

[0024] 步骤(1.2):客户端设有数据加解密模块,数据完整性验证模块,缓存模块,文件系统接口, [0024] Step (1.2): The client module provided with a data encryption and decryption, data integrity validation module, a cache module, a file system interface,

[0025] 步骤(1.3):文件服务器设有存储模块; [0025] Step (1.3): a file server provided with a storage module;

[0026] 步骤(2):用户申请获得用户身份标识,步骤如下: [0026] Step (2): the user application is user identification, the following steps:

[0027] 步骤(2.1):用户在客户端通过安全套接层协议SSL和传输层安全协议TLS在加密的信道上向信任域服务器的用户认证模块发送用户身份标识请求, [0027] Step (2.1): the user at the client and SSL Secure Socket Layer TLS Transport Layer Security protocol sends a user identity to the trusted server domain in the subscriber identity module via an encrypted channel request,

[0028] 步骤(2.2):所述的用户认证模块基于公钥基础设施,用户身份与信任域服务器身份都是借助公钥基础设施所授予的X.509证书进行认证,系统新用户首先必须向注册机构申请证书,然后才可以使用该系统; [0028] Step (2.2): The user authentication module based on public key infrastructure, user identity and trust are the domain server identity by means of X.509 Public Key Infrastructure certificates granted for authentication system to new users must first institutions to apply for registration certificate before you can use the system;

·[0029] 步骤(3):文件的所有者按照以下步骤创建文件: · [0029] Step (3): The owner of the file to create the file, follow these steps:

[0030] 步骤(3.1):所述的文件所有者向所述信任域服务器发送创建文件的请求:文件所有者首先创建访问控制块的内容,内容包括:用户的身份标识、文件名、所指定的加密算法和模式以及访问控制列表,并将访问控制块发给信任域服务器的访问控制模块,其中所述访问控制列表包含用户名的哈希值以及该用户的访问权限, Sending a request to the owner of the file server creates the trusted domain file:: [0030] Step (3.1) is first created content file owner access control block, including: a user identity, a file name, specified the encryption algorithm and mode, and the access control list, the access control block and sent to the access control module trusted domain server, wherein the access control list contains the hash value of the user name and the user's access rights,

[0031] 步骤(3.2):所述的信任域服务器处理文件所有者创建文件的请求,使用身份认证模块对文件所有者的身份进行认证,判断其身份和权限,然后为其请求创建的文件生成锁盒子密钥LBK和文件签名密钥FSK ; [0031] Step (3.2): the trusted server domain processing a request to create a file of the file owner, using authentication module authenticates the identity of the owner of the file, determines the identity and privileges, and for generating a request to create a file LBK files and lock box key signing key FSK;

[0032] 步骤(3.3):信任域服务器使用信任域加密密钥ASEK加密锁盒子密钥LBK和文件签名密钥FSK,并使用信任域签名密钥ASSK为访问控制块计算HMAC值,并存入访问控制块的HMAC域中,然后将访问控制块返回给文件所有者; [0032] Step (3.3): trusted server domain encryption key using the trusted domain ASEK dongle box file signature key and key LBK FSK, and using a trusted domain signature key HMAC value is calculated ASSK access control block, and stores HMAC domain access control block, and then returns to the block access control file owner;

[0033] 步骤(3.4):所述文件所有者创建文件,输入数据,然后使用安全哈希算法,即SHAl算法,对文件以块为单位计算哈希值,将哈希值保存在安全元数据文件中,再使用文件块密钥对文件以块为单位进行加密,并生成文件密文,最后将文件的密文和安全元数据文件发给所述文件服务器进行存储; [0033] Step (3.4): the file owner to create a file, input data, and then using a secure hash algorithm, i.e. SHAl algorithm, it calculates a hash value of the file in units of blocks, and the hash value stored in the security metadata file, then the file using the block key file is encrypted in units of blocks, and generates a ciphertext file, the final ciphertext file and sent to the security metadata file server for storing files;

[0034] 步骤(4):读用户按照以下步骤读取步骤(3)所创建的文件: [0034] Step (4): Read User reading step (3) file created by the following steps:

[0035] 步骤(4.1):从所述文件服务器端读取文件数据密文和安全元数据文件, [0035] Step (4.1): read the data file and the ciphertext security metadata file from the file server,

[0036] 步骤(4.2):按以下步骤进行该读用户的身份认证, [0036] Step (4.2): the following steps performed by the read user authentication,

[0037] 步骤(4.2.1):读用户将自己的身份标识和安全元数据文件中的访问控制块发给所述信任域服务器, [0037] Step (4.2.1): read access control block own user identity and security metadata file sent to the trusted server domain,

[0038] 步骤(4.2.2):信任域服务器调用身份认证模块确认用户的身份标识,调用访问控制模块,使用信任域密钥ASEK解密该访问控制块,获得包括锁盒子密钥LBK、文件签名密钥FSK和访问控制列表在内的信息,使用信任域签名密钥ASSK计算访问控制块的HMAC值,以判断访问控制块的完整性,并根据访问控制列表确定读用户的读权限,然后将锁盒子密钥LBK发给读用户, [0038] Step (4.2.2): the trusting domain server calls the authentication module confirms the user's identity, call the access control module, using a trusted domain key to decrypt the ASEK access control block, including obtaining a lock box key LBK, file signature FSK and key information including access control list, a signature key using a trusted domain access control ASSK HMAC value calculation block to determine the integrity of the access control block and read access control list to determine a user according to the read access, and then LBK distributed to key lock box read user,

[0039] 步骤(4.3):该读用户获得锁盒子密钥LBK之后,利用其解密获得文件块密钥,然后使用文件块密钥对文件数据进行解密,最后获得文件数据的明文信息,并使用SHAl算法对所读内容所在的文件块计算哈希值,看是否与安全元数据中保存的哈希值一致,判断所读数据的完整性,若相等,则说明数据完整,用户再读取该数据,否则则向系统报错; [0039] Step (4.3): after a user obtains the read key LBK lock box, which is obtained by decrypting the file using the key block, then the file using the block key to decrypt the data file, and finally obtain the plaintext information file data, and using SHAl algorithm block to read the content of the file where the hash value, consistent with the stored security metadata to see if the hash value, the integrity of the read data is determined, if they are same, then the data is complete, the user again reads the data, otherwise the error to the system;

[0040] 步骤(5):写用户按照以下步骤写入或者修改文件数据, [0040] Step (5): write or modify user writes file data according to the following steps,

[0041] 步骤(5.1):该写用户首先从所述文件服务器端读取要修改的所述文件数据的密文和安全元数据文件, [0041] Step (5.1): The user first reads the write from the file server to modify the data file and the ciphertext file security metadata,

[0042] 步骤(5.2):写用户按以下步骤进行身份认证, [0042] Step (5.2): Write user authentication by following these steps,

[0043] 步骤(5.2.1):该写用户将自己的身份标识和安全元数据文件中的访问控制块发给信任域服务器,所述信任域服务器调用身份认证模块确认用户的身份标识,并调用所述访问控制模块,使用信任域密钥ASEK解密该访问控制块,获得包括锁盒子密钥LBK、文件签名密钥FSK和访问控制列表在内的信息,使用信任域签名密钥ASSK重新计算该访问控制块的HMAC值,看是否与访问控制块中的HMAC值相等,判断该访问控制块是否完整,并通过访问控制列表确定写用户所具有的写权限,接着,并将锁盒子密钥LBK和文件签名密钥FSK返回给用户, [0043] Step (5.2.1): The write-users will access their own identity and security metadata file control blocks sent to a trusted domain server, the server calls the trusted domain authentication module confirms the user's identity, and the call access control module, using the trusted domain key to decrypt the access control block ASEK obtain key information comprises a lock cassette LBK, FSK, and the signature key file access control list including the use of trusted domains recalculated signature key ASSK the access control HMAC value of the block to see if the HMAC value is equal to the access control block, determines that the access control block is complete, and determines the user has write permission to write by an access control list, then, the key and lock box LBK file signature key FSK and returned to the user,

[0044] 步骤(5.3)写用户按以下步骤写入或者修改文件, [0044] Step (5.3) Write the user to write or modify files in the following steps,

[0045] 步骤(5.3.1)写用户使用锁盒子密钥LBK获得文件块密钥,然后使用文件块密钥对文件数据进行解密,获得文件明文信息,并使用SHAl算法对文件以块为单位计算所要修改内容所在文件块的哈希值,看是否与安全元数据中保存的哈希值一致,判断所读数据的完整性, [0045] Step (5.3.1) the write lock box user key file blocks LBK obtained key, and then use the file blocks of the file data is decrypted key to obtain the plaintext file, and the file using SHAl algorithm on a block unit to modify the calculated hash value of the file containing the contents of the block, to see whether the stored consistent security metadata hash value, determines the integrity of the read data,

[0046] 步骤(5.3.2):对步骤(5.3.1)的文件进行写入或者修改,并使用文件块密钥重新对新的文件数据进行加密,并使用文件签名密钥FSK进行签名, [0046] Step (5.3.2): File step (5.3.1) are written or modified, the file and using the block key data is re-encrypted a new file, the file using the signature key and signing FSK,

[0047] 步骤(5.3.3):写用户将修改后的文件数据和安全元数据文件发给所述文件服务器进行存储; [0047] Step (5.3.3): write data and the user file security metadata file modified file sent to the server for storage;

[0048] 步骤¢):所述文件所有者按以下步骤进行权限撤销操作: [0048] Step ¢): the file owner permissions undo the following steps:

[0049] 步骤(6.1):该文件所有者从所述文件服务器端获得安全元数据文件,然后将自己的身份标识、安全元数据文件中的访问控制块和拟撤销的用户列表发给信任域服务器, [0049] Step (6.1): the user of the security document owner is obtained from the metadata file the file server, and the access control block their identity, the security metadata file and proposed revocation list distributed trusted domains server,

[0050] 步骤(6.2):该信任域服务器按以下步骤执行操作, [0050] Step (6.2): ​​The trusted domain server performs the following steps,

[0051] 步骤(6.2.1):调用所述的身份认证模块对文件所有者的身份标识进行认证,确定其具有撤销用户操作的权限, [0051] Step (6.2.1): invoking the authentication module identity authentication of the owner of the file, the user determines that it has permission to undo the operation,

[0052] 步骤(6.2.1):调用所述的访问控制模块,使用信任域密钥ASEK解密该访问控制土夹,获得访问控制列表、锁盒子密钥LBK和文件签名密钥FSK在内的信息,并使用自己的信任域签名密钥ASSK重新计算该访问控制块的HMAC值,判断该访问控制块的完整,然后从访问控制块的访问控制列表中删除需要撤销的用户所在的访问控制列表项,接着为文件生成新的锁盒子密钥LBK'和新的文件签名密钥FSK',然后信任域服务器用信任域服务器加密密钥ASEK重新加密新生成的锁盒子密钥LBK'和新生成的文件签名密钥FSK',并使用信任域服务器签名密钥ASSK重新对修改过的访问控制块计算HMAC, [0052] Step (6.2.1): Call the access control module, using a trusted domain key to decrypt the access control soil ASEK folder, get access control lists, and file lock box key LBK, including the signature key FSK information, and use your own domain trusted signing key ASSK recalculate the access control block HMAC value, to determine the complete access control block, then the user is removed from the list needs to be retracted from the access control access control block of the access control list item, then generate a new key lock box for the file LBK 'and the new document signing key FSK', then trust domain server with a trusted domain server encryption key ASEK re-encrypt the new generated key lock box LBK 'and the new generation the document signing key FSK ', and use a trusted domain server signing key ASSK re-modified block access control computing HMAC,

[0053] 步骤(6.2.2):所述信任域服务器将新的访问控制块、新的文件签名密钥FSK'、新的锁盒子密钥LBK'以及旧的锁盒子密钥LBK返回给文件所有者, [0053] Step (6.2.2): The trusted server domain new access control block, a new file signature key FSK ', a new key lock box LBK' old lock and key box is returned to the document LBK owner,

[0054] 步骤(6.3):所述文件所有者按以下方式使用懒惰撤销操作:使用旧的锁盒子密钥LBK解密所有文件块密钥,使用新的锁盒子密钥LBK'加密这些文件块密钥,对文件块的重新加密操作推迟到用户对文件块的更新时再进行。 [0054] Step (6.3): the owner of the file in the following manner using the undo lazy: using the old key lock box file blocks LBK decrypt all keys, the new key lock box LBK 'encrypt the encrypted file block key, re-operation of the encrypted file blocks further delayed when a user updates the file to the block.

[0055] 本发明的效果如下: [0055] The effect of the present invention are as follows:

[0056] 1.不依赖于底层文件系统并保证用户文件在云存储区的机密性,只有拥有合法权限的用户才可以获得文件的信息; [0056] 1. does not depend on the underlying file system and to ensure the confidentiality of user files in cloud storage area, the user only has legal authority can obtain information file;

[0057] 2.保证了用户对文件操作过程中端到端的完整性,用户能够及时发现数据在网络中传输时是否被非法篡改或者由于存储介质的变化导致数据破坏等情况; [0057] 2. The user of the process guarantees the operation of end of file integrity, the user is able to detect whether the illegal alteration of the data in the transmission network or a storage medium due to changes lead to destruction of data;

[0058] 3.降低了权限撤销的开销,特别是在一个多用户,权限变更频繁的应用场景中,本发明能够很大程度提高权限撤销的效率; [0058] 3. Reduce the revoke the overhead, especially in a multi-user, permission to change the frequent application scenario, revoke the present invention can improve efficiency to a large extent;

[0059] 本发明在清华大学计算机系高性能计算技术研究所进行过测试,结果表明,这种安全存储系统能在云存储环境下为用户提供文件共享的同时,也能保证数据的机密性、完整性和访问控制,并且性能开销也在用户可以接受的范围之内。 [0059] The present invention was tested in a high-performance computing Institute University Department of Computer, results show that the system can provide secure storage while the user file sharing in a cloud storage environment, but also to ensure the confidentiality of data, within integrity and access control, and user performance overhead is also acceptable range. ·附图说明: · Brief Description:

[0060] 图1系统结构图。 [0060] The system configuration of FIG. 1 FIG.

[0061] 图2文件所有者创建文件示意图。 [0061] FIG. 2 a schematic diagram of the file owner to create the file.

[0062] 图3读用户读文件示意图。 [0062] FIG. 3 reads the user to read the file. FIG.

[0063] 图4写用户写文件示意图。 [0063] Fig 4 a schematic view of the write file write user.

[0064] 图5文件所有者撤销用户权限示意图。 [0064] Fig 5 a schematic view of the file owner user revocation authority.

[0065] 图6访问控制块图示意图。 [0065] Fig 6 a schematic view of access control block of FIG.

[0066] 图7单机环境下使用IOzone测试对比ext3和本发明的读写性能。 [0066] Comparative ext3 and read and write performance testing of the present invention using IOzone in FIG. 7 stand-alone environment.

[0067] 图8集群环境下使用IOzone测试对比NFS和本发明的读写性能。 [0067] Comparative NFS read and write performance testing using the present invention under IOzone FIG cluster environment.

具体实施方式: Detailed ways:

[0068] 本发明的具体实施方式如下: [0068] The embodiment of the present invention are as follows:

[0069] >步骤1:用户申请获得用户标识:用户标识是用户在系统中唯一的身份标识,文件所有者和信任域服务器都是通过用户的标识来确定用户的身份,判断其的访问权限;为了安全有效地识别系统中主体(包括信任域服务器和用户)的身份,以便系统对进行操作的用户建立起相互之间的信任关系,系统需要一种独立于底层存储系统的安全的用户身份标识机制。 [0069]> Step 1: You apply for a user ID: user ID is the user's unique identity in the system, and the owner of the file servers are trusted domains to determine the identity of the user through the user's identity, whether it's access; for safe and effective identification system body (including the user and the trusted server domain) identity, so that the system establish trust between each other, a need for a system independent of the underlying storage system secure user identifier of a user operating mechanism. 在本系统中采用公钥基础设施(PKI, Public Key Infrastructure),通过数字证书来为系统提供用户标识。 Using public key infrastructure (PKI, Public Key Infrastructure) In the present system, user identification is provided to the system through a digital certificate. 数字证书是由公正、权威的机构签发给主体的电子文档,该文档中记录有主体名称、证书序号、签发方名称、证书的有效期、密码算法标识、公钥信息和其它信息,并经过签发方的数字签名公钥基础设施是包括了硬件、软件、人力、策略和过程的平台或框架,它利用公钥技术提供了对数字证书进行创建、管理、分发、使用、存储以及撤销的功能。 Digital certificates are issued by an impartial, authoritative institutions subject to the electronic document, the document recorded subject name, certificate serial number, the issuer name, validity of the certificate, the password algorithm identifier, public information and other information, and after the issuer the digital signature is a public key infrastructure including hardware, software, platform or framework for human, policies and procedures, which uses public key technology provides digital certificate creation, management, distribution, use, storage, and undo function. 证书颁发机构(CA, CerfiticateAuthority)和注册机构(RA, RegistrationAuthority)是公钥基础设施的重要组成部分。 Certificate Authority (CA, CerfiticateAuthority) and Registration Authority (RA, RegistrationAuthority) is an important part of public key infrastructure. 前者是公钥基础设施的核心,它是一个可信的第三方,通过将用户的公钥与用户的其他信息(包括用户身份)绑定在一起来为用户签发数字证书,并提供证书的查询、撤销、生命周期管理以及密钥管理;后者主要是面向用户履行证书颁发机构委派的一些责任。 The former is the core public key infrastructure, which is a trusted third party, to provide users with digital certificates issued by the other user's public key information with the user (including user identity) binding, and provide a certificate of inquiry revocation, life cycle management and key management; the latter is mainly user-oriented institutions delegate some responsibility to fulfill certificate issued. 公钥基础设施是一种成熟的、被广泛应用的技术体系,具有统一的规范和标准,并有很多较为完备的实现。 Public Key Infrastructure is a proven, widely used technology system, with uniform norms and standards, and there are a lot more complete realization. 利用公钥基础设施为系统提供用户标识,可以将维护用户标识唯一性和真实性的工作交给这个成熟的体系来完成,同时使系统用户在不必了解复杂管理细节的情况下安全高效地验证其他系统主体的身份,实现用户之间的相互信任,从而保证用户信息的真实性、完整性、机密性和不可否认性; Provide user identification system using the public key infrastructure, you can maintain unique user identity and authenticity of the work to be done in this mature system, while users of the system without having to understand complex administrative details of the case to verify other safely and efficiently identity system body, achieve mutual trust between users, thus ensuring the authenticity, integrity, confidentiality and non-repudiation of user information;

[0070] >步骤2:文件所有者创建文件,文件所有者创建文件的步骤一般有如下步骤,具体如图2所示; [0070]> Step 2: Create document file owner, file owner to create a file in step generally follows, particularly shown in Figure 2;

[0071] +步骤2.1:文件所有者向信任域服务器发送创建文件的请求:文件所有者首先创建访问控制块的内容,内容包括:他的身份标识、文件名、所指定的加密算法和模式以及访问控制列表,并将访问控制块发给信任域服务器; [0071] + Step 2.1: file owner to send a request to create a trusted domain server file: the file owner first create content access control block, including: his identity, file name, specify the encryption algorithm and mode, and access control lists, and access control block grant trusted domain server;

[0072]今步骤2.2:信任域服务器处理文件所有者创建文件的请求:信任域服务器首先根据文件所有者的身份标识判断其身份和权限,然后为其请求创建的文件生成锁盒子密钥LBK和文件签名密钥FSK,接着信任域服务器使用信任域加密密钥ASEK加密锁盒子密钥LBK和文件签名密钥FSK,并使用信任域签名密钥ASSK为访问控制块计算HMAC值,然后将访问控制块返回给文件所有者; [0072] Step 2.2 today: the trusting domain server processes the request to create the file owner file: the trusting domain server first determine the identity and privileges based on the identity of the owner of the file, and then create a request for document generation and lock box key LBK file signature key FSK, then trusted server domain encryption key using the trusted domain ASEK dongle box file signature key and key LBK FSK, and using a trusted domain signature key HMAC value is calculated ASSK access control block, and then the access control block is returned to the owner of the file;

[0073]今步骤2.3:文件所有者创建文件:文件所有者创建文件,输入内容,然后使用SHAl算法对文件以块为单位计算哈希值,将哈希值保存在安全元数据文件中,再使用文件块密钥对文件以块为单位进行加密,并生成文件密文,最后将文件的密文和安全元数据文件发给文件服务器进行存储; [0073] Today Step 2.3: file owner create file: file owner to create a file, input, and calculates a hash value of a block unit files used SHAl algorithm, the hash value stored in the security metadata file, and then file using the file block key is encrypted in units of blocks, and generates a ciphertext file, the final ciphertext file and metadata file sent to the security server for storing files;

[0074] >步骤3:读用户读取文件,读用户读取文件信息一般有如下步骤,具体如图3所示:今步骤3.1:读取文件密文和安全元数据文件;读用户首先从文件服务器端读取文件密文和安全元数据文件,获得访问控制块; [0074]> Step 3: Read the user to read the file, read the file information read user generally follows, specifically shown in Figure 3: this Step 3.1: read ciphertext file and a metadata file security; read from the first user file server reads the ciphertext file and metadata file security, access control block is obtained;

[0075]今步骤3.2:读用户的身份认证;读用户将自己的身份标识和安全元数据文件中的访问控制块发给信任域服务器,信任域在接收到读用户的身份标识和访问控制块后,首先使用信任域密钥ASEK解密该访问控制块,获得访问控制列表、锁盒子密钥LBK和文件签名密钥FSK等信息,然后使用自己的信任域签名密钥ASSK,计算访问控制块的HMAC值,判断访问控制块的完整性,然后信任域服务器确认了用户的身份标识,并根据访问控制列表确定了读用户的读权限,然后将锁盒子密钥LBK发给读用户; [0075] 3.2 now steps: Read user authentication; reading their user identity and security metadata file access control block grant trusted domain server, domain trust received read the user's identity and access control block after the first use of the trusted domain ASEK key to decrypt the block access control, access control lists to obtain the lock box key LBK file signature key FSK and other information, then use your own domain trusted signing key ASSK, computing access control block HMAC value, determines the integrity of the access control block, then trusted server domain identity identified user, and determines the read access according to the read user's access control list, and then sent to the lock box LBK read user key;

[0076]今步骤3.3:读用户读取文件;读用户获得锁盒子密钥LBK之后,利用其解密获得文件块密钥,然后使用文件块密钥对所读内容所在的文件块进行解密,获得明文信息,并使用SHAl算法对所读内容所在的文件块计算哈希值,看是否与安全元数据中保存的哈希值一致,判断所读数据的完整性,若所读数据是完整的,则读取该数据,否则向系统报错; [0076] Today Step 3.3: reading a user file to read; the user after reading the key lock box LBK obtained by using the block key to decrypt the file is obtained, then the file using the file key block read block where the content is decrypted, to obtain plaintext, and calculates a hash value of the contents of the file where the block is read using SHAl algorithm, to see whether the security agreement preservation metadata hash value, determine the integrity of the data being read, if read data is complete, then read the data, otherwise an error to the system;

[0077] >步骤4:写用户对文件进行修改,一般步骤如下,具体如图4所示:[0078]今步骤4.1:写用户读取文件密文和安全元数据文件;写用户首先从文件服务器端读取要修改的文件的密文和安全元数据文件; [0077]> Step 4: Write the user to modify the file, the following general procedure, specifically shown in Figure 4: [0078] this Step 4.1: Write the user to read the file and the ciphertext security metadata file; write the user file from the first server reads the file to be modified and the ciphertext security metadata file;

[0079] +步骤4.2:写用户的身份认证;写用户将自己的身份标识和安全元数据文件中的访问控制块发给信任域服务器,信任域服务器接收到访问控制块后,使用信任域密钥ASEK解密该访问控制块,获得访问控制列表、锁盒子密钥LBK和文件签名密钥FSK等信息,并使用自己的信任域签名密钥ASSK重新计算该访问控制块的HMAC值,看是否与访问控制块中的HMAC值相等,判断该访问控制块是否完整,然后确认用户的身份标识,并通过访问控制列表确定用户所具有的写权限,并将锁盒子密钥LBK和文件签名密钥FSK返回给用户, [0079] + Step 4.2: write user authentication; write access to its own user identity and security metadata file control block sent to trusted server domain, after receiving the trusted server domain access control block, domain adhesion trust ASEK key to decrypt the block access control, access control lists to obtain the lock box key LBK file signature key FSK and other information, and use your own domain trusted signing key ASSK recalculate the access control block HMAC value to see if the HMAC value is equal to the access control block, it determines that the access control block is complete, and then confirm the identity of the user, and the user has write permission is determined by the access control list, and the lock box and the key file signature key FSK LBK returned to the user,

[0080]今步骤4.3:写用户修改文件;写用户在获得锁盒子密钥LBK和文件签名密钥FSK后,使用锁盒子密钥LBK获得文件块密钥,然后使用文件块密钥对所修改内容所在的文件块进行解密,获得明文信息,并使用SHAl算法对要修改内容所在的文件块计算,看是否与安全元数据中保存的哈希值一致,判断所修改数据的完整性,紧接着写用户修改文件,然后使用文件块密钥重新对写入的内容计算哈希值和进行加密,并使用文件签名密钥FSK进行签名,最后还需要对安全元数据进行更新; [0080] Today Step 4.3: Write the user to modify the file; after-write lock box to obtain user key file signature key LBK and FSK, using the key lock box LBK obtain a file key block, then using the modification key file blocks the contents of the file where the block is decrypted plaintext to obtain information, and you want to modify the contents of the file where the block is calculated using SHAl algorithm, data integrity and security, preservation of metadata to see whether the hash values ​​match, the judge modified, followed by write user modify the file, then use the file to re-compute the hash key block and encrypt the content writing, and use the file signature key FSK is signed, the last also need to update the security metadata;

[0081]今步骤4.4:写用户将修改后的文件和安全元数据文件发给文件服务器进行存储; [0081] 4.4 this step: write user files and security metadata modified file sent to a file server for storage;

[0082] >步骤5:权限撤销的操作;当文件所有者认为某个用户可能会对文件造成破坏或者会向外散播该文件信息,可能会将这个用户的权限进行撤销,当文件所有者撤销用户的权限,一般具有以下步骤,具体如图5所示; [0082]> Step 5: Permissions undone; when the file owner thought someone might be caused by damage to or files will spread out the file information, the user's permission might be withdrawn, revoked when the owner of the file user privileges, typically having the following steps, specifically shown in Figure 5;

[0083]今步骤5.1:文件所有者向信任域服务器发出请求,请求撤销用户的权限;首先文件所有者从文件服务器端获得安全元数据文件,然后将自己的身份标识、安全元数据文件中的访问控制块和撤·销的用户列表发给信任域服务器; [0083] 5.1 now steps: file owner issued to the trust domain server requests, request for revocation of user privileges; first file owner access to safe metadata file from the file server, then their identity, security metadata file user access control block and withdraw the pin-list sent to the trust domain server;

[0084]今步骤5.2:信任域服务器对文件所有者的请求进行处理;信任域服务器接收到用户的请求后,首先使用信任域密钥ASEK解密该访问控制块,获得访问控制列表、锁盒子密钥LBK和文件签名密钥FSK等信息,并使用自己的信任域签名密钥ASSK重新计算该访问控制块的HMAC值,判断该访问控制块的完整后,在对文件所有者的身份进行认证,在确定文件所有者的身份和其具有撤销用户操作的权限后,然后从访问控制块的访问控制列表中删除需要撤销的用户所在的访问控制列表项,接着为文件生成新的锁盒子密钥LBK'和新的文件签名密钥FSK'。 [0084] Today Step 5.2: trusted server domain requests the file owner for processing; trusted domain server after receiving the user's request, the domain key using the trusted ASEK decrypt the access control block, the access control list is obtained, the lock-tight box LBK file signature key and key information such as FSK, and use your own domain trusted signing key ASSK recalculate the access control block HMAC value, after determining that the access control block is complete, to authenticate the identity of the owner of the file, undo delete required to determine the identity of the owner of the file and its operation after the user has permission to withdraw, and then from the access control list of access control block user's access control list entries, and then generate a new key lock box LBK file 'and the new document signing key FSK'. 然后信任域服务器用信任域服务器加密密钥重新加密新生成的锁盒子密钥LBK'和文件签名密钥FSK',并使用信任域服务器签名密钥重新对修改过的访问控制块计算HMAC。 Then trusted server domain with a domain trusted server encryption key to re-encrypt the newly generated key lock box LBK 'file signature key and FSK', and using a trusted server domain signature key to re-access the modified control block calculates HMAC. 然后,信任域服务器将新的访问控制块、新的文件签名密钥、新的锁盒子密钥LBK'以及旧的锁盒子密钥LBK返回给文件所有者; Then, the new trusted domain server access control block, the new document signing key, new lock box key LBK 'and the old lock box key LBK returned to the owner of the file;

[0085]今步骤5.3:文件所有者使用懒惰撤销操作;文件所有者首先使用旧的锁盒子密钥LBK解密所有文件块密钥,使用新的锁盒子密钥LBK'加密这些文件块密钥,并将新的访问控制块信息写入到安全元数据文件中,所谓的懒惰撤销方法指的是:文件所有者并不是使用新的密钥对整个文件(即所有的文件块)进行重新加密,而是将对文件块的重新加密操作推迟到用户对文件块的更新时再进行; [0085] Today Step 5.3: undo file owner using lazy; first file owner using the old key lock box file blocks LBK decrypt all keys, the new key lock box LBK 'keys encrypt the file block, and a new access control block information is written to the security metadata file, the so-called lazy withdrawal method means: the file owner is not using the new key to the entire file (ie all file blocks) re-encrypt, re-encryption operation but will deferred to the file block when the user blocks then update file;

[0086] 本发明的系统结构如图1所示,使用FUSE(Filesystem in Userspace)框架在Linux上实现。 System Structure [0086] of the present invention shown in Figure 1, using FUSE (Filesystem in Userspace) framework implemented on Linux. FUSE是一种被文件系统开发者广泛使用的技术。 FUSE is a technique widely used file system developers. 通过FUSE,文件系统开发者可以在不修改内核的前提下迅速方便地开发自己的用户态文件系统。 By FUSE, file system developers can quickly and easily develop their own user mode file system without modifying the core premise. 得益于其内核模块,FUSE可以从VFS层截获系统调用,然后将这些系统调用传递给开发者自己的用户态的文件系统以实现一些特殊的操作逻辑。 Thanks to its kernel module, can be called from the VFS layer FUSE interception system, these system calls are then passed to the file system user developer's own state to achieve some special operating logic. FUSE也使得用户可以在没有root权限的情况下挂载自己的文件系统。 FUSE also allows users to mount their own file systems without root permissions. 此外,FUSE独立于特定的底层存储系统,具有良好的可移植性。 Furthermore, independent of the specific FUSE underlying storage system having good portability. 这些特性完全满足了本发明的设计和实现需求。 These characteristics fully satisfy the design requirements and implementations of the invention. 在密码学操作上,本发明使用OpenSSL库来执行密码学相关操作,其中OpenSSL是。 Cryptographically operation, the present invention uses the OpenSSL library to perform cryptographic operations, where OpenSSL Yes. 这个库以良好的实现和完备的接口著称,因此被广泛应用。 This library is a good implementation and complete interface is known, it is widely used. 在系统中使用SHA-1作为密码学哈希函数,使用基于SHA-1的HMAC作为MAC函数,以及使用AES-256作为默认的块加密函数。 Used in the system as a cryptographic SHA-1 hash function, a MAC function based on the HMAC SHA-1 as well as the use of AES-256 as the default encryption function block. 这些参数都是可以由用户在挂载系统时进行配置。 These parameters can all be configured by the user when the system is mounted. 另外,OpenSSL也提供了对公钥基础设施(PKI)的较好的实现,可以用在系统中以认证系统角色并在用户和信任域服务器之间建立安全信道。 In addition, OpenSSL also provides better realization of public key infrastructure (PKI), you can use the system to authenticate the system roles and establish a secure channel between the user and the trusted domain server.

[0087] 本发明的核心是提出了一种云存储环境下的安全存储系统,其实现主要是由以下几个部分以及其相应的模块组成: [0087] The core of the invention is to propose a secure storage system under a cloud storage environment, which is achieved mainly by the following parts and their respective modules:

[0088] •信任域服务器 [0088] • trusted domain server

[0089] 信任域服务器主要有以下几个模块构成: [0089] trusted domain server has the following main modules:

[0090] 1.用户认证模块 [0090] 1. The user identity module

[0091] 该模块负责对用户身份进行验证。 [0091] This module is responsible for user identity verification. 实际上因为采用了在SSL/TLS和公钥基础设施,用户身份与信任域服务器身份都是借助公钥基础设施所授予的X.509证书进行认证的,系统新用户首先必须向注册机构(RA,RegistrationAuthority)申请证书,然后才可以使用该系统。 In fact, because the use of all means of X.509 Public Key Infrastructure certificates granted for authentication in SSL / TLS and PKI, user identity and trust the identity of the domain server, the user must first new system to the Registration Authority (RA , RegistrationAuthority) application for a certificate before you can use the system. 尽管这个过程需要基于非对称加密的公钥基础设施的支持,并会引入一定的开销,但是这种非对称计算只有在新用户第一次加入才会发生并且只进行一次;在占据绝大多数使用时间的后续的文件访问过程中进行的全部是对称加密计算,这样一来相比其他采用非对称加密的系统,本系统并不会引入过多的性能开销。 Although this process needs to be based supports asymmetric encryption public key infrastructure, and introduces some overhead, but this asymmetric calculate only the first time a new user is added and will occur only once; in the vast majority of occupied time subsequent file access for all symmetric encryption calculation, so that compared to the other using an asymmetric encryption system, the system does not introduce too much performance overhead. 在用户与信任域服务器进行通信的时候,信任域服务器需要验证用户证书,并从中得到用户的用户名,据此计算用户名哈希值以便进行后续的访问控制。 When the user's trusted domain server communication, the server need to verify the trust domain certificate and obtained from the user name, the user Mingha Xi values ​​calculated accordingly for subsequent access control.

[0092] 用户在进行文件访问时,必须首先在客户端上通过SSL/TLS协议在加密的信道上与信任域服务器交互,信任域服务器需要验证用户证书,并从中得到用户的用户名,据此计算用户名哈希值;在信任域服务器的通过用户认证与访问控制权限验证以后,用户才可以最终获得文件块密钥。 [0092] When the user during file access, you must first of all on the client through SSL / TLS protocol on the channel and the trust domain server interaction encrypted, trusted domain server requires authentication user credentials, and derive user name accordingly user Mingha Xi calculated value; after authentication by the user authentication and access control permissions trusted domain server, the user can finally obtained block key file.

[0093] 关于公钥基础设施需要指出的是,一些具有安全需求的组织或机构可能已经部署了公钥基础设施,因此这并不是一个额外的配置要求。 [0093] on public key infrastructure needs to be pointed out that some of the body or agency security requirements may have deployed public key infrastructure, so this is not an additional configuration requirements.

[0094] 2.访问控制模块 [0094] 2. The access control module

[0095] 该模块在文件所有者授权下执行对文件的访问控制,所执行的操作包括对用户发来的访问控制块完整性的验证(通过计算访问控制块的HMAC值),对用户身份的验证(验证用户的身份标识,并通过比较发送请求中的用户名哈希值与访问控制块中访问控制列表保存的用户名哈希),对用户请求访问权限的验证(通过查询访问控制列表获得用户的所具有的权限操作),以及对访问控制块中相关密钥的解密(使用信任域加密密钥ASEK对访问控制块进行解密,使用信任域签名密钥ASSK计算访问控制块的HMAC值)。 [0095] The module performs the access control file in the file owner authorization, including operations performed for the user sent by the verification of the integrity block access control (access control block HMAC value by calculation), the identity of the user authentication (user authentication identity, and comparing the transmission request user Mingha Xi values ​​and access control block access control list held by the user Mingha Xi), to authenticate the user requesting access (access control list by obtaining query the user has permission to operate), and the decryption of the access control block associated keys (encryption key using the trusted domain ASEK access control block is decrypted using a key trusted domain signatures ASSK computing HMAC value access control block) .

[0096] •客户端 [0096] • Client

[0097] 客户端主要由以下几个模块构成:[0098] 1.数据加解密模块 [0097] The client consists essentially of the following modules: [0098] 1. Data encryption and decryption module

[0099] 该模块承担了系统的大部分的加解密相关的密码学操作操作,包括使用文件块密钥加解密文件块等。 [0099] This module takes most of the encryption system related to the operation of cryptographic operations, including the use of encryption and decryption key file blocks file blocks and the like. 此外该模块还负责处理客户端与信任域服务器之间的通信。 In addition, the module also handles communication between the client and the server domain trust.

[0100] 2.数据完整性验证模块 [0100] 2. The data integrity validation module

[0101] 该模块提供文件块内容完整性验证等操作,以及文件块内容哈希值更新等操作。 [0101] The module provides the content block integrity verification and other file operations, and file contents hash value of the update block and other operations.

[0102] 3.缓存模块 [0102] 3. Cache module

[0103] 缓存模块提供缓存以提高系统性能。 [0103] buffer module provides caching to improve system performance. 缓存分为安全元数据缓存和文件数据缓存两部分。 Cache is divided into security metadata cache and data cache files in two parts. 其中,安全元数据缓存对诸如访问控制块、用于访问控制的密钥进行缓存;而文件数据缓存则负责缓存文件数据。 Wherein the security metadata to the cache blocks such as access control, access control key for caching; is responsible for the data cache file cache file data. 此外该模块还负责维护缓存与实际数据的一致性。 In addition, the module is also responsible for maintaining the consistency of the cache and the actual data.

[0104] 4.文件系统接口 [0104] 4. The file system interface

[0105] 该模块提供了POSIX文件系统调用。 [0105] The module provides POSIX file system calls. 本发明在这些接口中实现了大部分逻辑,考虑了对FUSE挂载点·路径的转换处理和因为以文件块为单位验证数据内容完整性而导致的对访问请求偏移和长度的扩展,并实现了对文件空洞进行读写的支持。 The present invention is implemented in most of these interfaces logic, considering the conversion processing FUSE-mount point and path to the file in units of blocks as data content integrity verification result of the access request and the extension length of the offset, and to achieve support for empty file for reading and writing.

[0106] •文件服务器 [0106] • File Server

[0107] 1.存储模块:存储文件密文和安全元数据文件。 [0107] 1. Storage modules: secure storage file and the ciphertext file metadata. 其中,安全元数据文件的主要构成为:访问控制块和文件的一些完整性信息。 Wherein the security metadata file is mainly composed of: a number of integrity information and the access control block files. 访问控制块的内容如图6所示主要包括:文件名的哈希值、访问控制列表、加密算法和加密的模式、锁盒子密钥和文件签名密钥,以及整个访问控制块的HMAC值,其中访问控制列表如下表所示,它是一个二维数组,其中一列是用户名的哈希值,这样做的目的是可以保证用户名的机密性和完整性,另一列是用户的操作权限,其中“r”表示用户具有读操作权限,“w”表示用户具有写操作权限,对于可执行文件来说,“X”表示可执行操作权限;另外,文件的完整性信息主要是文件块的哈希值等。 Content access control block shown in Figure 6 includes: a hash value of the file name, the access control list, and the encryption algorithm encryption mode, key lock boxes and file signature key, and the entire access control block HMAC value, wherein the access control list in the following table, which is a two-dimensional array, in which a user name is a hash value, the aim is to ensure the confidentiality and integrity of the user name, the user's other column operating authority, wherein "r" indicates that the user has read-only access, "w" indicates that the user has write permission for the executable file is, "X" represents permission executable operations; Further, the file integrity information file block mainly Kazakhstan Greek values ​​and so on.

[0108] [0108]

Figure CN102014133BD00141

[0109] 性能测试 [0109] Performance Test

[0110] 本发明在清华大学计算机科学与技术系高性能计算研究所进行了系统的测试,这些测试包括使用业界认可的文件系统的基准程序IOzone,分别在单机和集群环境下测试本发明的读写性能,以及测试了本发明在权限撤销下的性能。 [0110] The present invention is in the Institute of Computer Science and Technology, Tsinghua University, tested high-performance computing systems, including benchmark tests using industry-recognized file system IOzone, read this invention were tested in stand-alone and clustered environments write performance, and test the performance of the invention in authority revoked.

[0111].单机标准测试程序测试 [0111]. Stand-alone standard test program testing

[0112] 使用IOzone对本发明在单机文件系统ext3下的文件系统的性能进行测试。 [0112] Use of the present invention were tested IOzone performance file system in a single file system ext3. 实验环境包含一台具有1.8GHz AMD双核CPU和4GB内存的Sun SunFire™ V20z服务器,该服务器上运行的操作系统是Debian Linux (version 2.6.30)。 Experimental environment includes a computer with 1.8GHz AMD dual-core CPU and 4GB of memory Sun SunFire ™ V20z server, the operating system running on the server is a Debian Linux (version 2.6.30). 该服务器上同时运行信任域服务器端与客户端软件。 Run trusted domain server and client software on the server at the same time. 为消除文件系统缓存的影响,实验将文件大小设为8GB(2倍于系统内存大小)。 In order to eliminate the impact of file system cache, the experiment will file size to 8GB (2 times the size of system memory). 在测试中,测试文件大小为8GB ;文件系统访问请求大小分别为64KB。 In the test, the test file size 8GB; access request to the file system size are 64KB.

[0113] 由于没有网络通信开销,密码学计算开销将占据额外开销的主要部分。 [0113] Since no network communication overhead cost cryptography will occupy the major part of computing overhead. 通过对本发明在AES-256加密算法CFB模式下运行IOzone,并将结果与直接在ext3上运行IOzone的结果对比,有助于深入了解(因密码学计算所致性能下降的)系统性能,最后得到的结果如图7所示。 By the operation of the present invention in AES-256 encryption algorithm IOzone CFB mode, and the results of running directly on IOzone ext3 comparison result, insights into the (cryptographic calculation result of performance degradation caused by) the system performance, to obtain the final the results shown in Figure 7.

[0114] 从图中可以看出与ext3相比,本发明由于密码学计算的开销带来平均30%左右的性能下降。 [0114] As can be seen from the comparison with FIG ext3, according to the present invention, since the calculation overhead of cryptography average about 30% of the performance degradation.

[0115] •集群标准测试程序测试 [0115] • Cluster standard test program testing

[0116] 为使测试结果接近本发明在网络环境下文件系统的真实性能,本文使用IOzone对架在NFS之上的本发明与NFS进行性能比较。 [0116] For the present invention the test result is close to the true performance of the file system, the present invention is used herein and in the frame of the IOzone NFS NFS on a performance comparison in a network environment. 实验环境架设在具有7个节点的DellPowerEdge™ M605刀片集群上,包括I台信任域服务器,I台NFSv4服务器和5台装有本发明的客户机,这些机器通过IOOOMbps以太网连接。 Experimental set up in the environment DellPowerEdge ™ M605 blade cluster having seven nodes, including stage I trusted server domain, and server I NFSv4 station 5 clients with the present invention, these machines are connected by Ethernet IOOOMbps. 信任域服务器和NFS服务器分别运行在具有两颗800MHz AMD四核CPU和16GB内存的机器上,装有本发明的客户端则分别运行在5台具有两颗800MHz AMD四核CPU和8GB内存的客户机上。 NFS server and the trusted server domain respectively having two running 800MHz AMD quad-core CPU and 16GB memory machines, with the present invention having a client running respectively two 800MHz AMD quad-core CPU and 8GB of memory clients five on board. 这些机器上运行的操作系统都是Fedora Core IOLinux (version 2.6.32)。 These machines run on the operating system is Fedora Core IOLinux (version 2.6.32). 实验采用256位AES算法做数据加密算法,采用SHA-1算法作为密码学哈希函数,并使用基于SHA-1的HMAC作为MAC算法。 Experimental 256-bit AES algorithm for data encryption algorithm using SHA-1 algorithm as the cryptographic hash function, using the HMAC based on SHA-1 algorithm as the MAC. 为消除文件系统缓存的影响并测试对实际应用中较大文件的支持,将文件大小设为16GB(2倍于系统内存大小)。 In order to eliminate the impact of file system cache and testing support for the practical application of large files, the file size to 16GB (2 times the size of system memory).

[0117] 需要指出的是,为更贴近实际应用,实验选取默认的64KB作为文件块大小,并选择CFB作为AES-256的加密模式,因为其安全性较好,可在实际中广泛应用。 [0117] It is noted that, for the closer to the actual application, the experiment 64KB selected as the default file block size, and select a CFB encryption mode of AES-256, because of its better safety can be widely used in practice.

[0118] 实验利用IOzone分别测试了NFS和架设在NFS之上的本发明在16GB文件上以64KB请求进行的顺序写、顺序重写、顺序读和顺序重读的吞吐率。 [0118] Experiments were tested using the sequence IOzone and span over NFS NFS present invention to 16GB on a 64KB file write request, the order of rewriting, reading and sequential order reread throughput. 实验结果如图8所示,图中结果为5个节点上测试所得的聚合吞吐率。 The results shown in Figure 8, the test results obtained in FIG. 5 of nodes throughput polymerization.

[0119] 从图中可以看出,本发明架在NFS之上的聚合访问速度十分接近于NFS本身的速度,由此可见当客户端增多时,底层存储成为了瓶颈,本发明引入的计算开销就很不明显了。 [0119] As can be seen from the figure, the present invention is shelf access speed of polymerization is very close to the above NFS NFS speed itself, you can see when the client increases, the underlying storage become a bottleneck, computational overhead introduced by the invention very noticeable. 实验结果表明,在共享存储环境中,本发明将能得到很好的应用。 Experimental results show that, in a shared storage environment, the present invention will be well applied.

[0120] •权限撤销 [0120] • privileges revoked

[0121] 测试环境包括一台信任域服务器和一台客户机,每台机器的配置为:装有1.SGHzAMD双核CPU和4GB内存的Sun SunFire™ V20z服务器,操作系统是Debian Linux (内核版本2.6.30)。 [0121] test environment consists of a trust domain server and a client, each machine is configured to: 1.SGHzAMD equipped with dual-core CPU and 4GB of memory Sun SunFire ™ V20z server, the operating system is Debian Linux (kernel version 2.6 .30). 实验在一个IGB大小的文件上首先对1000个不同的用户授予r—权限,然后将这些用户的权限修改为rw-,最后撤销这些用户的权限。 First granted permission for experimental r- 1,000 different users on a IGB size of the file, and then modify the user's permissions to rw-, and finally undo the user's permissions. 实验在装有本发明的客户端的访问控制工具上测试得到的每个用户的有关权限的操作时间并且将这些时间做了平均,得到结果下所示。 In the experiment with access to the client according to the present invention controls the operating time of privileges for each user on the testing tools available and the time to do these averaged to obtain the results shown below.

[0122] [0122]

操作名称时间(ms) Operating Name Time (ms)

权限授予_ 1.862739~ Permissions granted _ 1.862739 ~

权限变更1.858765 权限撤销21.74450^_ Permission to change the permissions revoked 21.74450 1.858765 ^ _

[0123] 可以看出在本发明中对大文件的用户使用权限操作时间开销较短,具有很好的高效性。 [0123] As can be seen permissions shorter operation time overhead of large files to the user in the present invention, having a good efficiency.

Claims (1)

1.在云存储环境下的一种安全存储系统的实现方法,其特征在于,所述的方法是在信任域服务器、客户端和文件服务器组成的网络中,使用用户空间的文件系统FUSE在Linux上依次按照以下步骤实现的: 步骤⑴:网络的初始化, 步骤(1.D:信任域服务器的初始化,设立用户认证模块和访问控制模块,其中用户认证模块采用了SSL/TLS协议和公钥基础设施PKI,访问控制模块是在文件所有者授权下执行对文件的访问控制,在系统中采用了三级密钥管理机制,其中第一级密钥是文件块密钥,为了安全高效地处理大文件,在本系统中以块为单位加密文件,并称此块为文件块,每个文件块都使用一个单独的叫做文件块密钥的对称密钥进行加密,文件块密钥被加密后,存储在安全元数据文件中,第二级密钥是安全元数据文件密钥,包括一个锁盒子密钥LBK和一个文件签名密钥F 1. In a method for achieving secure storage system in a cloud storage environment, wherein the method is a trusted domain in the network server, and the client's file servers, a user space in the file system Linux FUSE the following steps implemented in sequence: step ⑴: network initialization step (1.D: initializing trusted server domain, and a subscriber identity module to establish access control module, wherein the subscriber identity module using the SSL / TLS protocol and public Key Infrastructure the PKI facilities, access control module controlling access to a file is performed under the authorization file owner, it uses three key management mechanism in a system, wherein the first stage is the key block key file, safe and efficient process for large file, in this system the encrypted file in units of blocks, and said blocks in this file blocks, each block uses a separate file called a symmetric key to encrypt the file key block, the block is encrypted file key, the security metadata file stored in the second stage is the key security metadata file key, comprising a lock case and a key file LBK signature key F SK,每个文件都有独自的安全元数据文件密钥,其中锁盒子密钥LBK被用来加密该文件中的所有文件块密钥,保证文件块密钥的机密性,后者是写用户在对文件数据进行修改后的签名密钥,用于区分读操作和写操作,第三级密钥是信任域服务器密钥,是信任域服务器所维护的两个对称密钥,一个叫做信任域服务器加密密钥ASEK,用来加密数据文件所对应的安全元数据文件的锁盒子密钥LBK和文件签名密钥FSK,从而进行访问控制和区分读-写操作,一个叫做信任域服务器签名密钥ASSK,用来对安全元数据文件中的访问控制块计算基于哈希的消息验证码,即HMAC值,以保证访问控制块的完整性, 步骤(1.2):客户端设有数据加解密模块,数据完整性验证模块,缓存模块,文件系统接口, 步骤(1.3):文件服务器设有存储模块; 步骤(2):用户申请获得用户身份标识,步骤如 SK, each file has its own security key metadata file, wherein the lock box LBK key was used to encrypt all the file blocks of the file key file blocks confidentiality key, which is written user in signing key after modifying the file data, used to distinguish between read and write operations, third-level domain server key is a trusted key, is the trusting domain server maintained by two symmetric key, called a trusted domain server encryption key ASEK, used to encrypt data files corresponding to the lock box security metadata files and file LBK key signing key FSK, access control and thus distinguish read - write operation, called a trusted domain server signing key ASSK, used to secure the metadata file access control block calculates hash-based message authentication code, HMAC value i.e., access control to ensure integrity of the block, the step (1.2): the client is provided with a data encryption and decryption module, data integrity validation module, a cache module, a file system interface, the step (1.3): a file server provided with a storage module; step (2): the user application is a user identity, such as the step of 下: 步骤(2.1):用户在客户端通过安全套接层协议SSL和传输层安全协议TLS在加密的信道上向信任域服务器的用户认证模块发送用户身份标识请求, 步骤(2.2):所述的用户认证模块基于公钥基础设施,用户身份与信任域服务器身份都是借助公钥基础设施所授予的X.509证书进行认证,系统新用户首先必须向注册机构申请证书,然后才可以使用该系统; 步骤(3):文件的所有者按照以下步骤创建文件: 步骤(3.1):所述的文件所有者向所述信任域服务器发送创建文件的请求:文件所有者首先创建访问控制块的内容,内容包括:用户的身份标识、文件名、所指定的加密算法和模式以及访问控制列表,并将访问控制块发给信任域服务器的访问控制模块,其中所述访问控制列表包含用户名的哈希值以及该用户的访问权限, 步骤(3.2):所述的信任域服务器处理文件所有者创建文件 The steps of: (2.1): the user and the SSL Secure Socket Layer TLS Transport Layer Security protocol sends a user identity request, step (2.2) to the trusted server domain subscriber identity module in the client encrypted channel by: the user authentication module based on public key infrastructure, user identity and trust are the domain server identity by means of X.509 public Key infrastructure certificates granted for authentication, users must first apply for a new system certificate to the registrar before you can use the system ; step (3): the owner of the document file is created in accordance with the following steps: (3.1): the owner of the file transmission request to create a file to the trusted server domain: owner of the file content creating access control block, It includes: a user identity, a file name, the designated mode and a hash encryption algorithm, and access control list, the access control block and sent to the access control module trusted domain server, wherein the access control list contains the user's name access and value of the user, step (3.2): the trusted domain owner to create a file server to handle file 请求,使用身份认证模块对文件所有者的身份进行认证,判断其身份和权限,然后为其请求创建的文件生成锁盒子密钥LBK和文件签名密钥FSK ; 步骤(3.3):信任域服务器使用信任域加密密钥ASEK加密锁盒子密钥LBK和文件签名密钥FSK,并使用信任域签名密钥ASSK为访问控制块计算HMAC值,并存入访问控制块的HMAC域中,然后将访问控制块返回给文件所有者; 步骤(3.4):所述文件所有者创建文件,输入数据,然后使用安全哈希算法SHA1,对文件以块为单位计算哈希值,将哈希值保存在安全元数据文件中,再使用文件块密钥对文件以块为单位进行加密,并生成文件密文,最后将文件的密文和安全元数据文件发给所述文件服务器进行存储; 步骤(4):读用户按照以下步骤读取步骤(3)所创建的文件: 步骤(4.1):从所述文件服务器端读取文件数据密文和安全元数据文件, 步骤( Request, using the authentication module to authenticate the identity of the owner of the file to determine its identity and permissions, and then create a request for a lock box key LBK file generation and file signature key FSK; step (3.3): trusting domain server uses ASEK trusted domain key encryption key dongle box LBK file signature key and FSK, and using a trusted domain signature key HMAC value is calculated ASSK access control block, and stored in the access control block HMAC domain, then the access control block is returned to the owner of the file; step (3.4): the file owner to create a file, input data, and then using a secure hash algorithm SHAl, calculates a hash value of the file in units of blocks, the hash value stored in the security element data file, then the file using the block key file is encrypted in units of blocks, and generates a ciphertext file, the final ciphertext file and metadata file sent to the security server for storing the file; step (4): reading a user reading step (3) file created by the following steps: (4.1): read the data file and the ciphertext security metadata files from the file server in step ( 4.2):按以下步骤进行该读用户的身份认证, 步骤(4.2.1):读用户将自己的身份标识和安全元数据文件中的访问控制块发给所述信任域服务器, 步骤(4.2.2):信任域服务器调用身份认证模块确认用户的身份标识,调用访问控制模块,使用信任域密钥ASEK解密该访问控制块,获得包括锁盒子密钥LBK、文件签名密钥FSK和访问控制列表在内的信息,使用信任域签名密钥ASSK计算访问控制块的HMAC值,以判断访问控制块的完整性,并根据访问控制列表确定读用户的读权限,然后将锁盒子密钥LBK发给读用户, 步骤(4.3):该读用户获得锁盒子密钥LBK之后,利用其解密获得文件块密钥,然后使用文件块密钥对文件数据进行解密,最后获得文件数据的明文信息,并使用SHAl算法对所读内容所在的文件块计算哈希值,看是否与安全元数据中保存的哈希值一致,判断所读数据的完整性 4.2): to carry out the following steps to read a user's identity, step (4.2.1): Read the user will have access to your identity and security metadata file control blocks sent to the trusted domain server, step (4.2. 2): the trusting domain server calls the authentication module confirms the user's identity, call the access control module, using a trusted domain key to decrypt the ASEK access control block, including obtaining a lock box key LBK, file signature key FSK and access control lists including information, signature key using a trusted domain access control ASSK HMAC value calculation block to determine the integrity of the access control block and read access control list to determine a user according to the read access, and then sent to the lock box key LBK reading a user, step (4.3): after a user obtains the read key LBK lock box, which is obtained by decrypting the file using the key block, then the file using the block key to decrypt the data file, and finally obtain the plaintext information file data, and using SHAl algorithm calculates a hash value of the file blocks where the read content, consistent with the stored security metadata to see if the hash value, the integrity of the read data is determined ,若相等,则说明数据完整,用户再读取该数据,否则则向系统报错; 步骤(5):写用户按照以下步骤写入或者修改文件数据, 步骤(5.1):该写用户首先从所述文件服务器端读取要修改的所述文件数据的密文和安全元数据文件, 步骤(5.2):写用户按·以下步骤进行身份认证, 步骤(5.2.1):该写用户将自己的身份标识和安全元数据文件中的访问控制块发给信任域服务器,所述信任域服务器调用身份认证模块确认用户的身份标识,并调用所述访问控制模块,使用信任域密钥ASEK解密该访问控制块,获得包括锁盒子密钥LBK、文件签名密钥FSK和访问控制列表在内的信息,使用信任域签名密钥ASSK重新计算该访问控制块的HMAC值,看是否与访问控制块中的HMAC值相等,判断该访问控制块是否完整,并通过访问控制列表确定写用户所具有的写权限,接着,并将锁盒子密钥LBK和 If equal, then the data is complete, the user then reads the data, otherwise the error to the system; Step (5): write or modify user writes file data according to the following steps, step (5.1): First, from the user of the write the said file server reads the data file to modify the ciphertext file and the security metadata, step (5.2): · the step of writing by the user identity authentication, the step (5.2.1): the user will write his identity and access security metadata file control blocks sent to a trusted domain server, the server calls the trusted domain authentication module confirms the user's identity, and calls the access control module, using a trusted domain key to decrypt the access ASEK control block, to obtain information including a lock box key LBK, file signature key FSK and access control lists, including use of trusted domains signing key ASSK recalculate the access control block HMAC value to see if the access control block HMAC value are equal, determines that the access control block is complete, and determines the user has write permission to write by an access control list, then, the box and lock and key LBK 文件签名密钥FSK返回给用户, 步骤(5.3)写用户按以下步骤写入或者修改文件, 步骤(5.3.1)写用户使用锁盒子密钥LBK获得文件块密钥,然后使用文件块密钥对文件数据进行解密,获得文件明文信息,并使用SHAl算法对文件以块为单位计算所要修改内容所在文件块的哈希值,看是否与安全元数据中保存的哈希值一致,判断所读数据的完整性, 步骤(5.3.2):对步骤(5.3.1)的文件进行写入或者修改,并使用文件块密钥重新对新的文件数据进行加密,并使用文件签名密钥FSK进行签名, 步骤(5.3.3):写用户将修改后的文件数据和安全元数据文件发给所述文件服务器进行存储; 步骤¢):所述文件所有者按以下步骤进行权限撤销操作: 步骤(6.1):该文件所有者从所述文件服务器端获得安全元数据文件,然后将自己的身份标识、安全元数据文件中的访问控制块和拟撤销的用户列 FSK signature key file returned to the user, step (5.3) is written by the user to write or modify files steps, the step (5.3.1) to write user key lock box LBK obtain a file key block, then using the file key block to decrypt the data file to obtain the plaintext file information and file units of a block to be modified to calculate the hash value of the contents of the file where the block to see whether the security agreement preservation metadata hash value using SHAl algorithm, the judge read data integrity, the step (5.3.2): file step (5.3.1) are written or modified, the file and using the block key data is re-encrypted a new file, the file using the signature key and perform FSK signature, step (5.3.3): write user files and data security metadata modified file sent to the file server for storage; step ¢): the file owner permissions, follow these steps to undo the steps of: ( 6.1): the security document owner is obtained from the metadata file the file server, and the access control block their identity, the security metadata file and the user intends to withdraw the column 发给信任域服务器,步骤(6.2):该信任域服务器按以下步骤执行操作, 步骤(6.2.1):调用所述的身份认证模块对文件所有者的身份标识进行认证,确定其具有撤销用户操作的权限, 步骤(6.2.1):调用所述的访问控制模块,使用信任域密钥ASEK解密该访问控制块,获得访问控制列表、锁盒子密钥LBK和文件签名密钥FSK在内的信息,并使用自己的信任域签名密钥ASSK重新计算该访问控制块的HMAC值,判断该访问控制块的完整,然后从访问控制块的访问控制列表中删除需要撤销的用户所在的访问控制列表项,接着为文件生成新的锁盒子密钥LBK'和新的文件签名密钥FSK',然后信任域服务器用信任域服务器加密密钥ASEK重新加密新生成的锁盒子密钥LBK'和新生成的文件签名密钥FSK',并使用信任域服务器签名密钥ASSK重新对修改过的访问控制块计算HMAC, 步骤(6.2.2):所述信任域 Issued to the trust domain server, step (6.2): ​​trusting domain server to perform the operation, step (6.2.1), follow these steps: Call the authentication of the identity module to authenticate the owner of the file, the user determines that it has revoked permission step (6.2.1) to: call the access control module, using the trusted domain key to decrypt the access control block ASEK obtain the access control list, and the lock box LBK key file including the signature key FSK information, and use your own domain trusted signing key ASSK recalculate the access control block HMAC value, to determine the complete access control block, then the user is removed from the list needs to be retracted from the access control access control block of the access control list item, then generate a new key lock box for the file LBK 'and the new document signing key FSK', then trust domain server with a trusted domain server encryption key ASEK re-encrypt the new generated key lock box LBK 'and the new generation file signature key FSK ', and using a trusted server domain signature key ASSK re modified access control block calculates HMAC, step (6.2.2): the trusted domain 务器将新的访问控制块、新的文件签名密钥FSK'、新的锁盒子密钥LBK'以及旧的锁盒子密钥LBK返回给文件所有者, 步骤(6.3):所述文件所有者按以下方式使用懒惰撤销操作:使用旧的锁盒子密钥LBK解密所有文件块密钥,使用新的锁盒子密钥LBK'加密这些文件块密钥,将新的安全控制信息写入安全元数据文件,并将更新后的安全元数据文件发回文件服务器,对文件块的重新加密操作推迟到用户对文件块的更新时再进行。 Will service the new access control block, a new file signature key FSK ', a new key lock box LBK' and the old key lock box LBK returned to the owner of the file, the step (6.3): the file owner lazy following manner using the undo operations: using the old key lock box file blocks LBK decrypt all keys, the new key lock box LBK 'encrypt the block key files, security metadata writes new secure control information then a file, and the security metadata updated file back to the file server, the file blocks of the re-encrypted operator deferred until the user updates the file blocks.
CN 201010569398 2010-11-26 2010-11-26 Method for implementing safe storage system in cloud storage environment CN102014133B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 201010569398 CN102014133B (en) 2010-11-26 2010-11-26 Method for implementing safe storage system in cloud storage environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 201010569398 CN102014133B (en) 2010-11-26 2010-11-26 Method for implementing safe storage system in cloud storage environment

Publications (2)

Publication Number Publication Date
CN102014133A CN102014133A (en) 2011-04-13
CN102014133B true CN102014133B (en) 2013-08-21

Family

ID=43844144

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 201010569398 CN102014133B (en) 2010-11-26 2010-11-26 Method for implementing safe storage system in cloud storage environment

Country Status (1)

Country Link
CN (1) CN102014133B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104580487A (en) * 2015-01-20 2015-04-29 成都信升斯科技有限公司 Mass data storage system and processing method

Families Citing this family (70)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102761521B (en) * 2011-04-26 2016-08-31 上海格尔软件股份有限公司 Cloud security storage and sharing service platform
CN102170452A (en) * 2011-05-19 2011-08-31 浪潮电子信息产业股份有限公司 Authorization and management method for cloud storage system
CN102546740B (en) * 2011-06-24 2015-05-06 奇智软件(北京)有限公司 Method, device and system used for compression and uncompression and based on cloud compression file
CN102438004B (en) * 2011-09-05 2017-02-08 深圳市创维软件有限公司 Method and system for acquiring metadata information of media file and multimedia player
CN102316164A (en) * 2011-09-07 2012-01-11 深圳市硅格半导体有限公司 Cloud storage user side equipment and data processing method thereof
CN102307240A (en) * 2011-09-20 2012-01-04 清华大学 Method for sharing files on internet by utilizing computer equipment
CN102299970A (en) * 2011-09-27 2011-12-28 惠州紫旭科技有限公司 Data black box system based on cloud computing
WO2017210563A1 (en) * 2016-06-02 2017-12-07 Reid Consulting Group, Inc. System and method for securely storing and sharing information
US9973484B2 (en) 2011-10-31 2018-05-15 Reid Consulting Group, Inc. System and method for securely storing and sharing information
EP2704389B1 (en) 2011-11-09 2017-04-05 Huawei Technologies Co., Ltd. Method, device and system for protecting data security in cloud
CN103139149A (en) * 2011-11-25 2013-06-05 国民技术股份有限公司 Method and system for accessing data in cloud storage
CN102546181B (en) * 2012-01-09 2014-12-17 西安电子科技大学 Cloud storage encrypting and deciphering method based on secret key pool
CN103248479A (en) * 2012-02-06 2013-08-14 中兴通讯股份有限公司 Cloud storage safety system, data protection method and data sharing method
CN102624708A (en) * 2012-02-23 2012-08-01 浙江工商大学 Efficient data encryption, updating and access control method for cloud storage
CN102685148B (en) * 2012-05-31 2014-10-15 清华大学 Implementation of the safety net system tray under a cloud storage environment
CN103065082A (en) * 2012-07-04 2013-04-24 北京京航计算通讯研究所 Software security protection method based on Linux system
CN103533006B (en) * 2012-07-06 2019-09-24 中兴通讯股份有限公司 A kind of joint cloud disk client, server, system and joint cloud disk service method
CN102739689B (en) * 2012-07-16 2015-05-13 四川师范大学 File data transmission device and method used for cloud storage system
CN103581001A (en) * 2012-07-24 2014-02-12 深圳市中兴移动通信有限公司 Gateway system with cloud storage and data interaction method applied to system
CN103595696B (en) * 2012-08-15 2018-05-01 中兴通讯股份有限公司 The method and device that a kind of File Ownership proves
CN103685140B (en) * 2012-08-31 2018-05-22 腾讯科技(深圳)有限公司 Resource share method and system based on cloud storage
CN103684712B (en) * 2012-09-14 2017-04-05 百度在线网络技术(北京)有限公司 Method, device and Dropbox that the fast quick-recovery of file is retransmitted
CN103731395B (en) * 2012-10-10 2017-11-14 中兴通讯股份有限公司 The processing method and system of file
CN102970299B (en) * 2012-11-27 2015-06-03 西安电子科技大学 File safe protection system and method thereof
CN103001772A (en) * 2012-11-27 2013-03-27 江苏乐买到网络科技有限公司 Security protection terminal for data
CN103024041A (en) * 2012-12-13 2013-04-03 曙光云计算技术有限公司 Data sharing method in cloud computing system
CN103973646B (en) * 2013-01-31 2018-05-11 中国电信股份有限公司 Use the method for public cloud storage service, client terminal device and system
CN103248618A (en) * 2013-03-08 2013-08-14 重庆城市管理职业学院 Secure file transmission system and method based on Linux adopting OpenSSL
CN103248623B (en) * 2013-04-18 2017-02-08 广东一一五科技股份有限公司 On-line access control method and system of storage region
CN103312823B (en) * 2013-07-09 2016-08-10 苏州市职业大学 A kind of cloud computing system
CN103428299B (en) * 2013-09-04 2016-06-01 安徽大学 A kind of cloud stores access control method
CN103561021A (en) * 2013-11-01 2014-02-05 全渝娟 Method for realizing cloud storage system
CN103561034B (en) * 2013-11-11 2016-08-17 武汉理工大学 A kind of secure file shared system
CN103581196B (en) * 2013-11-13 2016-05-11 上海众人网络安全技术有限公司 Distributed document transparent encryption method and transparent decryption method
CN103595721B (en) * 2013-11-14 2017-12-01 福建伊时代信息科技股份有限公司 Network disk file secure sharing method, sharing means and shared system
CN103793663A (en) * 2013-12-26 2014-05-14 北京奇虎科技有限公司 Folder locking and unlocking methods and folder locking and unlocking devices
CN103716404B (en) * 2013-12-31 2017-02-01 华南理工大学 Remote data integrity authentication data structure in cloud environment and implement method thereof
CN103763319B (en) * 2014-01-13 2017-01-18 华中科技大学 Method for safely sharing mobile cloud storage light-level data
US9411975B2 (en) * 2014-03-31 2016-08-09 Intel Corporation Methods and apparatus to securely share data
WO2015149309A1 (en) * 2014-04-02 2015-10-08 华为终端有限公司 Data processing method and terminal
CN104980401B (en) * 2014-04-09 2018-05-01 北京亿赛通科技发展有限责任公司 Nas server date safety storing system, secure storage and read method
CN104219627B (en) * 2014-08-26 2018-07-27 北京乐富科技有限责任公司 A kind of method and device sending location information
CN104298934A (en) * 2014-10-27 2015-01-21 浪潮(北京)电子信息产业有限公司 File verification method, server and system in cloud calculation system
CN104301442A (en) * 2014-11-17 2015-01-21 浪潮电子信息产业股份有限公司 Method for achieving client of access object storage cluster based on fuse
CN104408381B (en) * 2014-11-27 2017-04-12 大连理工大学 Protection method of data integrity in cloud storage
CN104539602B (en) * 2014-12-22 2017-12-26 北京航空航天大学 A kind of safety key managing method being applied in cloud storage
CN105812436A (en) * 2014-12-31 2016-07-27 中国移动通信集团公司 Heterogeneous storage operation method and device
CN104601563B (en) * 2015-01-06 2017-09-15 南京信息工程大学 The method of the sharable content object cloud storage data property held based on MLE
CN107113314A (en) * 2015-01-19 2017-08-29 诺基亚技术有限公司 Method and apparatus for the isomeric data storage management in cloud computing
CN104601579A (en) * 2015-01-20 2015-05-06 成都市酷岳科技有限公司 Computer system for ensuring information security and method thereof
CN106302316A (en) * 2015-05-15 2017-01-04 中兴通讯股份有限公司 Cipher management method and device, system
CN105100248A (en) * 2015-07-30 2015-11-25 国家电网公司 Cloud storage security realization method based on data encryption and access control
CN105141593A (en) * 2015-08-10 2015-12-09 刘澄宇 Private cloud platform secure computation method
CN106469124A (en) * 2015-08-20 2017-03-01 深圳市中兴微电子技术有限公司 A kind of memory access control method and device
CN105224880B (en) * 2015-08-31 2019-06-18 安一恒通(北京)科技有限公司 Information collecting method and device
CN105208017B (en) * 2015-09-07 2019-01-04 四川神琥科技有限公司 A kind of memorizer information acquisition methods
CN105187204A (en) * 2015-09-29 2015-12-23 北京元心科技有限公司 Encryption method and decryption method for file, and encryption and decryption system
CN105554127B (en) * 2015-12-22 2019-04-26 内蒙古农业大学 The private clound back mechanism of the safe cryptographic means of multi-layer data
CN105868647A (en) * 2016-03-28 2016-08-17 乐视控股(北京)有限公司 File signing system and method
CN106095954B (en) * 2016-06-14 2019-05-24 上海棉联电子商务有限公司 Data base management method for enterprise supply chain
CN105989311B (en) * 2016-07-04 2018-11-27 南京金佰达电子科技有限公司 A kind of high security external storage method based on document level
CN106611128A (en) * 2016-07-19 2017-05-03 四川用联信息技术有限公司 Secondary encryption-based data validation and data recovery algorithm in cloud storage
CN106330452A (en) * 2016-08-13 2017-01-11 深圳市樊溪电子有限公司 Security network attachment device and method for block chain
CN106055993A (en) * 2016-08-13 2016-10-26 深圳市樊溪电子有限公司 Encryption storage system for block chains and method for applying encryption storage system
CN106131048A (en) * 2016-08-13 2016-11-16 深圳市樊溪电子有限公司 A kind of non-trusted remote transaction file security for block chain stores system
CN106407681B (en) * 2016-09-19 2019-03-26 南京工业大学 A kind of cloud system environment individual health record storage access method
CN106411884A (en) * 2016-09-29 2017-02-15 郑州云海信息技术有限公司 Method and device for data storage and encryption
CN106790148B (en) * 2016-12-28 2019-05-17 优刻得科技股份有限公司 Prevent access, output checking method and the device, auditing system of leakage of data
CN107359990A (en) * 2017-08-03 2017-11-17 北京奇艺世纪科技有限公司 A kind of secret information processing method, apparatus and system
CN108499084A (en) * 2018-04-09 2018-09-07 杨娟 System for body-building or training

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7181761B2 (en) * 2004-03-26 2007-02-20 Micosoft Corporation Rights management inter-entity message policies and enforcement
US7818255B2 (en) * 2006-06-02 2010-10-19 Microsoft Corporation Logon and machine unlock integration
US20100250937A1 (en) * 2007-03-05 2010-09-30 Vidoop, Llc Method And System For Securely Caching Authentication Elements

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104580487A (en) * 2015-01-20 2015-04-29 成都信升斯科技有限公司 Mass data storage system and processing method

Also Published As

Publication number Publication date
CN102014133A (en) 2011-04-13

Similar Documents

Publication Publication Date Title
Goh et al. SiRiUS: Securing Remote Untrusted Storage.
US7428751B2 (en) Secure recovery in a serverless distributed file system
CN1939028B (en) Protection from the plurality of data storage devices to access the network
JP5860815B2 (en) System and method for enforcing computer policy
Li et al. A hybrid cloud approach for secure authorized deduplication
US8689015B2 (en) Portable secure data files
US9425958B2 (en) System, method and apparatus for cryptography key management for mobile devices
CN102687133B (en) Containerless data for trustworthy computing and data services
US8788815B1 (en) System and method for controlling access to decrypted data
US8331560B2 (en) Distributed scalable cryptographic access control
US8856530B2 (en) Data storage incorporating cryptographically enhanced data protection
US8719572B2 (en) System and method for managing authentication cookie encryption keys
Kher et al. Securing distributed storage: challenges, techniques, and systems
Halcrow eCryptfs: An enterprise-class encrypted filesystem for linux
US9037856B2 (en) System and method for distributed deduplication of encrypted chunks
US8997197B2 (en) Encryption-based data access management
KR20120093375A (en) Content control method using certificate revocation lists
EP1913509B1 (en) System, method and apparatus to obtain a key for encryption/decryption/data recovery from an enterprise cryptography key management system
WO2009107351A1 (en) Information security device and information security system
US9342701B1 (en) Digital rights management system and methods for provisioning content to an intelligent storage
US9424400B1 (en) Digital rights management system transfer of content and distribution
JP2008524753A (en) Memory system with multipurpose content control
Harrington et al. Cryptographic access control in a distributed file system
CN101159556B (en) Group key server based key management method in sharing encryption file system
Miller et al. Strong security for distributed file systems

Legal Events

Date Code Title Description
C06 Publication
C10 Request of examination as to substance
C14 Granted