李治军,卢新

• 1:61705部队

摘要(Abstract)：

针对云环境下多租户私有数据隔离存储、访问与数据共享的安全问题，基于云平台下的Hadoop存储架构，建立了基于标记认证的租户数据安全防护方法。针对多租户私有数据的隔离存储与访问安全问题，通过引入安全标记参与存储和认证访问，提出了基于动态口令和安全标记双重认证的一致性哈希(Hash)改进算法，实现了租户私有数据安全、高效的隔离存储及访问；针对租户共享数据的安全问题，通过引入共享标记代替共享数据进行代理重加密，提出了基于标记的代理重加密数据共享方案，实现了租户共享数据安全认证下的秘密共享。通过安全性和实例化理论分析证明了该方法在云环境下的可行性和可靠性。

关键词(KeyWords)： 云计算安全;一致性Hash算法;动态口令认证;安全标记认证;代理重加密

Abstract:

Keywords:

基金项目(Foundation):

作者(Author): 李治军,卢新

DOI: 10.16508/j.cnki.11-5866/n.2024.06.006

参考文献(References)：

• [1] 张立强，吕建荣，严飞，等.可信云计算研究综述[J].郑州大学学报(理学版),2022,54(4):1-11.ZHANG L Q,Lü J R,YAN F,et al.Research on trusted cloud computing technologies[J].Journal of Zhengzhou University(Natural Science Edition),2022,54(4):1-11.(in Chinese)
• [2] 周倩，戴华，盛文杰，等.云环境下可验证关键词密文检索研究综述[J].计算机科学，2022,49(10):272-278.ZHOU Q,DAI H,SHENG W J,et al.Research on verifiable keyword search over encrypted cloud data:a survey[J].Computer Science,2022,49(10):272-278.(in Chinese)
• [3] 唐彬，吴晓光.金融业大数据安全问题[J].中国金融，2017(23):77-78.TANG B,WU X G.Big data security in the financial industry[J].China Finance,2017(23):77-78.(in Chinese)
• [4] 王英，马海群.数据要素视角下公共数据安全保障的若干问题研究[J].现代情报，2024,44(8):4-12.WANG Y,MA H Q.Several problems on public data security guarantee from perspective of data elements[J].Modern Information,2024,44(8):4-12.(in Chinese)
• [5] HU X,TOUEG S.On implementing SWMR registers from SWSR registers in systems with Byzantine failures[J].Distributed Computing,2024,37(2):145-175.
• [6] ASKI V J,DHAKA V S,KUMAR S,et al.Advances on networked ehealth information access and sharing:status,challenges and prospects[J].Computer Networks,2022,204:108687.
• [7] INDU I,ANAND P M R,BHASKAR V.Identity and access management in cloud environment:mechanisms and challenges[J].Engineering Science and Technology:an International Journal,2018,21(4):574-588.
• [8] 王海涛，王丹.基于OpenStack云计算平台的身份认证系统设计[J].保密科学技术，2023(10):51-55.WANG H T,WANG D.Design of identity authentication system based on OpenStack cloud computing platform[J].Secrecy Science and Technology,2023(10):51-55.(in Chinese)
• [9] 张富成.面向云存储的身份认证和数据安全存储机制研究[D].长沙：国防科技大学，2021.ZHANG F C.Research on identity authentication and data security storage mechanism for cloud storage[D].Changsha:National University of Defense Technology,2021.(in Chinese)
• [10] 朱智强，林韧昊，胡翠云.基于数字证书的openstack身份认证协议[J].通信学报，2019,40(2):188-196.ZHU Z Q,LIN R H,HU C Y.Openstack authentication protocol based on digital certificate[J].Journal on Communications,2019,40(2):188-196.(in Chinese)
• [11] 冒海波.云环境下数据安全防护体系的研究与应用[D].镇江：江苏科技大学，2017.MAO H B.Research and application of data security protection system in cloud environment[D].Zhenjiang:Jiangsu University of Science and Technology,2017.(in Chinese)
• [12] 王冬青.云服务数据私密性度量方法的研究[D].北京：北京邮电大学，2019.WANG D Q.Research on data privacy measurement method for cloud services[D].Beijing:Beijing University of Posts and Telecommunications,2019.(in Chinese)
• [13] SUN P J.Security and privacy protection in cloud computing:discussions and challenges[J].Journal of Network and Computer Applications,2020,160(15):102642.
• [14] BLAZE M,BLEUMER G,STRAUSS M.Divertible protocols and atomic proxy cryptography[C]// Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics).Heidelberg,Berlin:Springer Verlag,1998,1403:127-144.
• [15] ATENIESE G,FU K,GREEN M,et al.Improved proxy re-encryption schemes with applications to secure distributed storage[J].ACM Transactions on Information and System Security,2006,9(1):1-30.
• [16] MA C X,ZHAO M X,ZHAO Y P.An overview of Hadoop applications in transportation big data[J].Journal of Traffic and Transportation Engineering(English Edition),2023,10(5):900-917.
• [17] SANDHU A K.Big data with cloud computing:discussions and challenges[J].Big Data Mining and Analytics,2022,5(1):32-40.
• [18] SAKTHI V D,VALARMATHI V,SURYA V,et al.Bigdata clustering and classification with improved fuzzy based deep architecture under MapReduce framework[J].Intelligent Decision Technologies,2024,18(2):1511-1540.
• [19] AGYEKUM K O B O,XIA Q,SIFAH E B,et al.A proxy re-encryption approach to secure data sharing in the internet of things based on blockchain[J].IEEE Systems Journal,2022,16(1):1685-1696.