CN102710661A - Cloud storage and aggregation architecture and data storage and aggregation method by using same - Google Patents
Cloud storage and aggregation architecture and data storage and aggregation method by using same Download PDFInfo
- Publication number
- CN102710661A CN102710661A CN2012102116111A CN201210211611A CN102710661A CN 102710661 A CN102710661 A CN 102710661A CN 2012102116111 A CN2012102116111 A CN 2012102116111A CN 201210211611 A CN201210211611 A CN 201210211611A CN 102710661 A CN102710661 A CN 102710661A
- Authority
- CN
- China
- Prior art keywords
- data
- storage
- cloud
- polymerization
- aggregate server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses cloud storage and aggregation architecture and a data storage and aggregation method by using the same. The cloud storage and aggregation architecture comprises users for partitioning data or encrypting the data through aggregation servers, independent storage clouds for storing and locally aggregating the data, third-party credible servers for performing key distribution on the storage clouds and data aggregation servers for performing total aggregation on the received data and decrypting results. By the cloud storage and aggregation architecture and the data storage and aggregation method by using the same, the security of the data in the storage clouds of the user is guaranteed, and the user cannot know the data condition of the storage clouds when the aggregation servers aggregate the data.
Description
Technical field
The invention belongs to computer realm, relate to network data existence technology, specifically relate to a kind of cloud storage and polymerization framework and storage and polymerization.
Background technology
At present, the storage of the cloud of data all becomes more and more important with data aggregation technique in scientific research and practical application.And in the data cloud storage is used, inevitably can run into the challenge of privacy leakage problem.Traditionally, when the personal user stored sensitive information on home server, the personal user must believe that hardware of server and software are safe and reliable.At the protected data secure context, existed many mature technique, such as access control, intrusion detection and data access strategy or the like.Yet these technology that exist at present all can not guarantee the immunity that is perfectly safe and invades of database.The limit access document problem of going beyond one's commission that is exposed such as Google Docs.
Summary of the invention
In order to solve above-mentioned deficiency to data safeguard protection and data aggregation technique; The invention provides a kind of cloud storage and polymerization framework and storage and polymerization; Can not only guarantee the safety of data and user's privacy, and can easily let the data aggregate server carry out data aggregate through the storage cloud.
Technical solution of the present invention is following:
A kind of cloud storage and polymerization framework are characterized in, comprising: user, a plurality of cloud, third party's trusted servers and data aggregate server independently stored mutually, wherein:
Described user is used for data are cut apart or through aggregate server data encrypted;
Described storage cloud is used for data are stored and local polymerization;
Described third party's trusted servers is used for the storage cloud is carried out encryption key distribution; With
Described aggregate server is used for the data that receive are carried out total polymerization and/or data are encrypted.
A kind of storage and polymerization that utilizes cloud storage and polymerization framework is characterized in that this method comprises the steps:
Third party's trusted servers is carried out encryption key distribution to the storage cloud, and each storage cloud obtains a key, and all keys are added up and are zero;
When the storage data, the user is divided into a plurality of data blocks with data, and data block is stored in respectively on the different storage clouds; Each stores the data block that cloud obtains each user; Each storage cloud is mutually independent, and do not allow mutual communication to conspire to survey user's data information, so complete user data all can't be learnt in each high in the clouds.
When aggregated data, aggregate server is sent request to each storage cloud, and aggregate server produces non-singular matrix simultaneously, and sends to each storage cloud;
The storage cloud all need the data block of syndication users in local polymerization, then local polymerization result is carried out data conversion through non-singular matrix after, send to aggregate server;
The total polymerization that aggregate server is carried out the data that receive.
A kind of storage and polymerization that utilizes cloud storage and polymerization framework is characterized in that this method comprises the steps:
Third party's trusted servers is carried out encryption key distribution to the storage cloud, and each storage cloud obtains a key, and all keys are added up and are zero;
When the storage data, the user carries out homomorphic cryptography through the PKI of aggregate server to data, is stored in then on any storage cloud; The storage cloud can't be known the private key of aggregate server, so can't learn user's clear data.
When aggregated data, aggregate server is sent request to each storage cloud;
The storage cloud needs the data block of syndication users to carry out this locality to all to connect and to take advantage of operation, and takes advantage of operating result to send to aggregate server this locality company;
Aggregate server connects the data that receive takes advantage of polymerization, just takes advantage of the polymerization result deciphering to connecting then.
Compared with prior art, the invention has the beneficial effects as follows to guarantee the user in the data security of storage cloud, can guarantee when aggregate server is carried out polymerization to data, can't learn the data cases of storing high in the clouds again.
Description of drawings
Fig. 1 is the structural representation of cloud storage of the present invention and polymerization framework.
Embodiment
Below in conjunction with accompanying drawing and embodiment the present invention is further specified, but should not limit protection scope of the present invention with this.
First kind of scheme: in Fig. 1, the user on the left side is stored in a plurality of different storage high in the clouds (mid portion) after cutting apart user's data through the user.Each storage cloud obtains a user's data piece.Each storage cloud is mutually independent, and do not allow mutual communication to conspire to survey user's data information, so complete user data all can't be learnt in each high in the clouds.
Aspect data aggregate: in this framework, have a believable third-party server of independence (right-hand component) to be each storage high in the clouds distributing key (r
1, r
2..., r
n).Each storage cloud obtains a key, and is that all keys are added up and be zero, uses c
ImRepresent each private key.
Wherein n representes to store the number of cloud.
The first step: when aggregate server needs polymerization, send a request and store cloud to each, and non-singular matrix of data aggregate server generation, dimension is m, x
IjBe the entry of a matrix element.
Issue each storage cloud then, all participate in the user data block of polymerization to the storage cloud in local polymerization earlier.
Wherein k is local user's number of participating in polymerization, u
iIt is user's data.
Store cloud then the data result R of local polymerization
iResolve into the m+1 branch.
c
i0+c
i1+c
i2+…+c
im?←R
i
Through non-singular matrix data are carried out conversion to local polymerization result then.
Again the data y after the conversion
I1, y
I2..., y
ImSend to the data aggregate server, the final data aggregate server all conversion after data add with:
Obtained by solving the equations
put all the solutions together to get the final result is polymerized
In the process of data aggregation server can not detect personal data.
Second kind of scheme: in Fig. 1, user's data is not cut apart, but encrypts through the PKI of aggregate server, and AES is the Paillier homomorphic cryptography.Store any storage cloud after encrypting into, the storage cloud can't be known the private key of aggregate server, so can't learn user's clear data.User's enciphered data is designated as P (u
i).U wherein
iClear data for each user.
Aspect data aggregate: in this framework, have a believable third-party server of independence (right-hand component) to be each storage cloud distributing key (sk
1, sk
2..., sk
n).Each storage cloud obtains a key, and is that all keys are added up and be zero.
Wherein n is the number of storage cloud.
When aggregate server is carried out polymerization, send a request to all storage clouds, each storage cloud carries out this locality to the user who participates in the polymerization computing earlier and even takes advantage of operation after the request that receives the aggregate server transmission.Operating result is designated as A
I
Wherein k is for participating in local user's number of computing, and H is a hash function, and t is current timestamp, R
iTake advantage of result, A for connecting
iBe the storage cloud encrypted result behind the joining day stamp.
Store cloud then A
iSend to aggregate server, when aggregate server is received the A that all storage clouds are sent
iAfterwards, aggregate server is carried out following company and is taken advantage of polymerization:
Because operating process is the Paillier homomorphic cryptography, so the result that aggregate server is directly deciphered to the end to Res ':
Wherein m is all numbers of users of participating in the polymerization computing, and Res is final polymerization result.
Claims (3)
1. a cloud is stored and the polymerization framework, it is characterized in that, comprising: user, a plurality of cloud, third party's trusted servers and aggregate server of independently storing mutually, wherein:
Described user is used for data are cut apart or through aggregate server data encrypted;
Described storage cloud is used for data are stored and local polymerization;
Described third party's trusted servers is used for the storage cloud is carried out encryption key distribution;
Described aggregate server is used for the data that receive are carried out total polymerization and the result is deciphered.
2. a storage and a polymerization that utilizes described cloud storage of claim 1 and polymerization framework is characterized in that this method comprises the steps:
Third party's trusted servers is carried out encryption key distribution to the storage cloud, and each storage cloud obtains a key, and all keys are added up and are zero;
When the storage data, the user is divided into a plurality of data blocks with data, and data block is stored in respectively on the different storage clouds;
Each stores the data block that cloud obtains each user;
When aggregated data, aggregate server is sent request to each storage cloud, and aggregate server produces non-singular matrix simultaneously, and sends to each storage cloud;
The storage cloud all need the data block of syndication users in local polymerization, then local polymerization result is carried out data conversion through non-singular matrix after, send to aggregate server;
The total polymerization that aggregate server is carried out the data that receive.
3. a storage and a polymerization that utilizes described cloud storage of claim 1 and polymerization framework is characterized in that this method comprises the steps:
Third party's trusted servers is carried out encryption key distribution to the storage cloud, and each storage cloud obtains a key, and all keys are added up and are zero;
When the storage data, the user carries out homomorphic cryptography through the PKI of aggregate server to data, is stored in then on any storage cloud;
When aggregated data, aggregate server is sent request to each storage cloud;
The storage cloud needs the data block of syndication users to carry out this locality to all to connect and to take advantage of operation, and takes advantage of operating result to send to aggregate server this locality company;
Aggregate server connects the data that receive takes advantage of polymerization, just takes advantage of the polymerization result deciphering to connecting then.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210211611.1A CN102710661B (en) | 2012-06-25 | 2012-06-25 | Cloud storage and aggregation architecture and data storage and aggregation method by using same |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210211611.1A CN102710661B (en) | 2012-06-25 | 2012-06-25 | Cloud storage and aggregation architecture and data storage and aggregation method by using same |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102710661A true CN102710661A (en) | 2012-10-03 |
CN102710661B CN102710661B (en) | 2014-10-15 |
Family
ID=46903215
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210211611.1A Expired - Fee Related CN102710661B (en) | 2012-06-25 | 2012-06-25 | Cloud storage and aggregation architecture and data storage and aggregation method by using same |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102710661B (en) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104135534A (en) * | 2014-08-13 | 2014-11-05 | 宇龙计算机通信科技(深圳)有限公司 | Methods for uploading, processing and acquiring sensing data, terminals and servers |
CN103036884B (en) * | 2012-12-14 | 2015-09-16 | 中国科学院上海微系统与信息技术研究所 | A kind of data guard method based on homomorphic cryptography and system |
CN105006128A (en) * | 2015-07-17 | 2015-10-28 | 上海电力学院 | Data acquisition method of smart electric network |
CN109361510A (en) * | 2018-11-07 | 2019-02-19 | 西安电子科技大学 | A kind of information processing method that supporting overflow checking and big integer arithmetic and application |
CN110557361A (en) * | 2019-03-14 | 2019-12-10 | 深圳市丰浩达工程项目管理有限公司 | Method and system for dynamically managing overall process cost |
CN110691071A (en) * | 2019-09-11 | 2020-01-14 | 湖北工业大学 | Mass data processing system and method with privacy protection function |
CN111931253A (en) * | 2020-09-15 | 2020-11-13 | 腾讯科技(深圳)有限公司 | Data processing method, system, device and medium based on node group |
CN116388987A (en) * | 2023-06-06 | 2023-07-04 | 北京原语科技有限公司 | Privacy data aggregation method |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100332530A1 (en) * | 2009-06-26 | 2010-12-30 | Microsoft Corporation | Islands of data |
CN102045356A (en) * | 2010-12-14 | 2011-05-04 | 中国科学院软件研究所 | Cloud-storage-oriented trusted storage verification method and system |
CN102318263A (en) * | 2009-02-16 | 2012-01-11 | 微软公司 | Trusted cloud computing and services framework |
CN102428686A (en) * | 2009-05-19 | 2012-04-25 | 安全第一公司 | Systems and methods for securing data in the cloud |
-
2012
- 2012-06-25 CN CN201210211611.1A patent/CN102710661B/en not_active Expired - Fee Related
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102318263A (en) * | 2009-02-16 | 2012-01-11 | 微软公司 | Trusted cloud computing and services framework |
CN102428686A (en) * | 2009-05-19 | 2012-04-25 | 安全第一公司 | Systems and methods for securing data in the cloud |
US20100332530A1 (en) * | 2009-06-26 | 2010-12-30 | Microsoft Corporation | Islands of data |
CN102045356A (en) * | 2010-12-14 | 2011-05-04 | 中国科学院软件研究所 | Cloud-storage-oriented trusted storage verification method and system |
Non-Patent Citations (1)
Title |
---|
WEIWEI JIA等: "SDSM: A Secure Data Service Mechanism in Mobile Cloud Computing", 《COMPUTER COMMUNICATIONS WORKSHOPS(INFOCOM WKSHPS),2011 IEEE CONFERENCE ON》, 15 April 2011 (2011-04-15) * |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103036884B (en) * | 2012-12-14 | 2015-09-16 | 中国科学院上海微系统与信息技术研究所 | A kind of data guard method based on homomorphic cryptography and system |
CN104135534A (en) * | 2014-08-13 | 2014-11-05 | 宇龙计算机通信科技(深圳)有限公司 | Methods for uploading, processing and acquiring sensing data, terminals and servers |
CN104135534B (en) * | 2014-08-13 | 2018-02-13 | 宇龙计算机通信科技(深圳)有限公司 | Upload, processing and the acquisition methods of perception data, terminal and server |
CN105006128A (en) * | 2015-07-17 | 2015-10-28 | 上海电力学院 | Data acquisition method of smart electric network |
CN109361510A (en) * | 2018-11-07 | 2019-02-19 | 西安电子科技大学 | A kind of information processing method that supporting overflow checking and big integer arithmetic and application |
CN109361510B (en) * | 2018-11-07 | 2021-06-11 | 西安电子科技大学 | Information processing method supporting overflow detection and large integer operation and application |
CN110557361A (en) * | 2019-03-14 | 2019-12-10 | 深圳市丰浩达工程项目管理有限公司 | Method and system for dynamically managing overall process cost |
CN110557361B (en) * | 2019-03-14 | 2022-04-26 | 深圳市丰浩达工程项目管理有限公司 | Method and system for dynamically managing overall process cost |
CN110691071A (en) * | 2019-09-11 | 2020-01-14 | 湖北工业大学 | Mass data processing system and method with privacy protection function |
CN111931253A (en) * | 2020-09-15 | 2020-11-13 | 腾讯科技(深圳)有限公司 | Data processing method, system, device and medium based on node group |
CN116388987A (en) * | 2023-06-06 | 2023-07-04 | 北京原语科技有限公司 | Privacy data aggregation method |
CN116388987B (en) * | 2023-06-06 | 2023-08-25 | 北京原语科技有限公司 | Privacy data aggregation method |
Also Published As
Publication number | Publication date |
---|---|
CN102710661B (en) | 2014-10-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102710661B (en) | Cloud storage and aggregation architecture and data storage and aggregation method by using same | |
Chandu et al. | Design and implementation of hybrid encryption for security of IOT data | |
Guo et al. | Chaotic maps-based password-authenticated key agreement using smart cards | |
CN103618728B (en) | A kind of encryption attribute method at more mechanism centers | |
CN103401871B (en) | A kind of ciphertext method for sequencing towards homomorphic cryptography and system | |
CN111586000B (en) | Full-proxy homomorphic re-encryption transmission system and operation mechanism thereof | |
CN103581175B (en) | A kind of safe data aggregation method | |
CN105743888A (en) | Agent re-encryption scheme based on keyword research | |
CN104038341A (en) | Identity-based cross-system proxy re-encryption method | |
CN102780698A (en) | User terminal safety communication method in platform of Internet of Things | |
Sasi et al. | A general comparison of symmetric and asymmetric cryptosystems for WSNs and an overview of location based encryption technique for improving security | |
Liu et al. | A CCA-secure multi-conditional proxy broadcast re-encryption scheme for cloud storage system | |
CN104486307A (en) | Decentralized key management method based on homomorphic encryption | |
CN105227566A (en) | Cipher key processing method, key handling device and key handling system | |
CN103475472A (en) | Method for NTRU-type fully-homomorphic encryption on LWE circle | |
CN104917617A (en) | Confounding method of encrypted group signatures | |
CN104967693A (en) | Document similarity calculation method facing cloud storage based on fully homomorphic password technology | |
CN104038493B (en) | Bilinear pairing-free cloud storage data security audit method | |
CN108111295A (en) | A kind of homomorphic encryption algorithm based on similar modul | |
CN103607278A (en) | Safe data cloud storage method | |
CN103684742A (en) | Circulant matrix transformation based and ciphertext computation supportive encryption method | |
CN113141247B (en) | Homomorphic encryption method, homomorphic encryption device, homomorphic encryption system and readable storage medium | |
Lan et al. | A New Security Cloud Storage Data Encryption Scheme Based on Identity Proxy Re-encryption. | |
CN107864040A (en) | A kind of intelligent grid big data information management system based on safe cloud computing | |
CN105978689A (en) | Anti-key-exposure cloud data safe sharing method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20141015 Termination date: 20170625 |