Abstract:
Nowadays, many researchers and IT companies pay close attention to cloud storage. A lot of applications use cloud storage to store data. But many people and companies worry about the security and privacy problem of cloud storage. Cloud storage platform is prone to compromise or abuse from adversaries including the cloud administrators. The security and privacy problem of cloud storage is the security and privacy problem of distributed file system, which is the core of cloud storage. With SSL secure connection and secure virtual machine monitor (Daoli), the security and privacy of the user’s data can be protected in the distributed file system, even facing a total compromise of the distributed file system or the operating system. With secure virtual machine monitor, conventional attacks and attacks from cloud administrators can be prevented. Two schemes for different application scenarios are put forward. In one scheme, every chunk of user’s file is protected, so the privacy of every chunk is guaranteed. In another method, only the whole file is protected, and the privacy of the whole file is guaranteed not all chunks. The overhead of the addition of SSL secure connection and secure virtual machine monitor are evaluated. In consideration of the privacy of user’s data, the overhead can be tolerated.