Responsive image
博碩士論文 etd-0516114-164112 詳細資訊
Title page for etd-0516114-164112
論文名稱
Title
安全性雲端儲存快取系統之實作
The implementation of secure cloud storage caching system
系所名稱
Department
畢業學年期
Year, semester
語文別
Language
學位類別
Degree
頁數
Number of pages
83
研究生
Author
指導教授
Advisor
召集委員
Convenor
口試委員
Advisory Committee
口試日期
Date of Exam
2014-07-18
繳交日期
Date of Submission
2014-07-30
關鍵字
Keywords
雲端、快取、資訊安全、雲端儲存空間、雲端儲存閘道器
Cloud, Cache, Data security, Cloud storage, Cloud storage gateway
統計
Statistics
本論文已被瀏覽 5683 次,被下載 41
The thesis/dissertation has been browsed 5683 times, has been downloaded 41 times.
中文摘要
近年來雲端儲存空間盛行,我們習慣將大大小小甚至是重要資料存放在雲端儲存空間上,然而我們所上傳的重要資料都很有可能被雲端儲存服務的公司私下查看,因此對於個人的隱私性以及企業的機密性造成很大的威脅,但是若要自行建立雲端儲存空間,所需耗費的成本卻又十分龐大。
本論文主要探討如何實作一個有隱私性的雲端快取伺服器,該系統主要分為兩個部份,第一部份為本地端的快取伺服器,第二部份則與雲端儲存空間連結,使用者可透過系統將檔案加密後上傳到雲端儲存空間,並且在本地端的伺服器上存放常用的檔案以減少從雲端儲存空間存取檔案的時間。當使用者需要使用檔案時,系統會自動從雲端儲存空間上下載使用者所需的檔案,另外也可分享檔案給其他同於系統內的使用者使用。
透過這樣的系統,我們不再受限於現有雲端儲存空間平台的限制,可以增進重要資料的安全性,同時也可以提昇存取資料的效能,不需要耗費大量的成本,就解決了現有雲端儲存服務的兩大缺點。
Abstract
Cloud storage is very popular in recent years. People usually store their important data in cloud storage. However, the cloud storage provider might secretly access our data. It is really a big threats to personal privacy and confidentially of business information. Even if we want to build our own cloud storage system, it will cost a lot of resources.
This paper will discuss on how to implement a secure cloud storage caching system. The system consists of two main parts: local cache server and the connection between local cache server and cloud storage. Users can encrypt and upload their data to the cloud storage through this system. When they need to access their data, they will using this system to download and decrypt data from cloud storage. Besides, the system will preserve some data in local storage as cache, so it will not necessary that to download files from cloud storage every time. Users can also share their files to other users in the system.
Though systems like this, we will not limit by the disadvantages of cloud storage. We could improve the security of data and the efficiency of accessing data at the same time with low-cost.
目次 Table of Contents
論文審定書 i
致謝 ii
摘要 iii
Abstract iv
目錄 v
圖次 viii
表次 ix
第一章 序論 1
1.1 研究動機與目的 1
1.2 論文架構 2
第二章 背景知識 3
2.1 雲端儲存空間 3
2.1.1 基本介紹 3
2.1.2 Dropbox 3
2.1.3 Amazon Simple Storage Service 4
2.2 加密技術 5
2.2.1 對稱式加密演算法 5
2.2.2 非對稱式加密演算法 11
2.3 網頁開發技術 12
2.3.1 PHP 12
2.3.2 HTML5 12
2.3.3 JavaScript 13
2.3.4 OAuth 14
第三章 系統架構及功能介紹 15
3.1 系統架構 15
3.2 資料庫架構 16
3.3 功能介紹 18
3.3.1 註冊 18
3.3.2 登入 20
3.3.3 上傳 21
3.3.4 下載 22
3.3.5 分享 22
3.3.6 任務排程 23
3.3.7 檔案快取 24
3.4 系統需求 24
3.4.1 軟體需求 24
3.5 硬體需求 25
第四章 實作技術探討 26
4.1 上傳及加密 26
4.1.1 讀取檔案內容 27
4.1.2 加密檔案內容 27
4.1.3 傳送檔案內容 28
4.1.4 完成上傳檔案 29
4.2 下載及解密 32
4.2.2 從Dropbox下載 33
4.2.3 檔案金鑰解密 34
4.2.4 讀取檔案內容 34
4.2.5 解密檔案內容 35
4.2.6 附加至暫存檔案 36
4.2.7 完成下載檔案 37
4.3 分享檔案 37
4.3.1 設定分享檔案 37
4.3.2 下載被分享檔案 38
4.4 快取系統 39
4.5 任務排程 40
第五章 系統分析與比較 42
5.1 Hope Bay ArkExpress 42
5.2 Riverbed SteelStore 43
5.3 簡單比較 43
第六章 結論 45
參考文獻 46
附錄一 51
附錄二 65
參考文獻 References
[1] Amazon Simple Storage Service (S3) - Online Cloud Storage for Data & Files。網址:http://aws.amazon.com/s3/。上網日期:2014-6-10
[2] Advanced Encryption Standard - Wikipedia。網址:http://en.wikipedia.org/wiki/Advanced_Encryption_Standard。上網日期:2014-6-10
[3] Block cipher mode of operation - Wikipedia。網址:http://en.wikipedia.org/wiki/Block_cipher_mode_of_operation。上網日期:2014-6-10
[4] PHP: PDO Manual。網址:http://php.net/manual/en/book.pdo.php。上網日期:2014-6-10
[5] PHP: cURL。網址:http://php.net/manual/en/intro.curl.php。上網日期:2014-6-10
[6] OAuth 2.0 and the Road to Hell。網址:http://hueniverse.com/2012/07/26/oauth-2-0-and-the-road-to-hell/。上網日期:2014-6-10
[7] Hope Bay Technologies。網址:http://www.hopebaytech.com/products/products_arkexpress.html。上網日期:2014-6-10
[8] SteelStore - Cloud Integrated Storage。網址:http://www.riverbed.com/products/cloud-storage/。上網日期:2014-6-10
[9] Dropbox - Core API。網址:https://www.dropbox.com/developers/core。上網日期:2014-6-10
[10] W3C HTML5 FileAPI。網址:http://dev.w3.org/2006/webapi/FileAPI/。上網日期:2014-6-10
[11] XMLHttpRequest。網址:https://dvcs.w3.org/hg/xhr/raw-file/tip/Overview.html。上網日期:2014-6-10
[12] crypto-js - JavaScript implementations of standard and secure cryptographic algorithms。網址:https://code.google.com/p/crypto-js/。上網日期:2014-6-10
[13] Jsencrypt。網址:https://github.com/travist/jsencrypt。上網日期:2014-6-10
[14] PHP: Hypertext Preprocessor。網址:https://php.net/。上網日期:2014-6-10
[15] Iulia Ion, Niharika Sachdeva, Ponnurangam Kumaraguru, and Srdjan Čapkun. 2011. Home is safer than the cloud!: privacy concerns for consumer cloud storage. In Proceedings of the Seventh Symposium on Usable Privacy and Security(SOUPS '11). ACM, New York, NY, USA, Article 13.
[16] Idilio Drago, Marco Mellia, Maurizio M. Munafo, Anna Sperotto, Ramin Sadre, and Aiko Pras. 2012. Inside dropbox: understanding personal cloud storage services. In Proceedings of the 2012 ACM conference on Internet measurement conference (IMC '12). ACM, New York, NY, USA, pp. 481-494.
[17] Huijun Xiong, Xinwen Zhang, Danfeng Yao, Xiaoxin Wu, and Yonggang Wen. 2012. Towards end-to-end secure content storage and delivery with public cloud. In Proceedings of the second ACM conference on Data and Application Security and Privacy (CODASPY '12). ACM, New York, NY, USA, pp. 257-266.
[18] Min-Yu Chen, Chi-Wei Liu, and Min-Shiang Hwang. 2013. SecureDropbox: a file encryption system suitable for cloud storage services. In Proceedings of the 2013 ACM Cloud and Autonomic Computing Conference (CAC '13). ACM, New York, NY, USA, Article 21.
[19] Seny Kamara and Kristin Lauter. 2010. Cryptographic cloud storage. In Proceedings of the 14th international conference on Financial cryptograpy and data security (FC'10), Radu Sion, Reza Curtmola, Sven Dietrich, Aggelos Kiayias, Josep M. Miret, Kazue Sako, and Francesc Sebe (Eds.). Springer-Verlag, Berlin, Heidelberg, pp. 136-149.
[20] Jianying Zhou. 2014. On the security of cloud data storage and sharing. In Proceedings of the 2nd international workshop on Security in cloud computing (SCC '14). ACM, New York, NY, USA, pp. 1-2.
[21] Zhonghua Sheng, Zhiqiang Ma, Lin Gu, and Ang Li. 2011. A privacy-protecting file system on public cloud storage. In Proceedings of the 2011 International Conference on Cloud and Service Computing (CSC '11). IEEE Computer Society, Washington, DC, USA, pp. 141-149.
[22] João Rodrigues, Bernardo Ferreira, and Henrique Domingos. 2013. TMS: a trusted mail repository service using public storage clouds. In Proceedings of the 8th Workshop on Middleware for Next Generation Internet Computing (MW4NextGen '13). ACM, New York, NY, USA, Article 2.
[23] Alysson Bessani, Miguel Correia, Bruno Quaresma, Fernando André, and Paulo Sousa. 2011. DepSky: dependable and secure storage in a cloud-of-clouds. In Proceedings of the sixth conference on Computer systems (EuroSys '11). ACM, New York, NY, USA, pp. 31-46.
[24] Giuseppe Ateniese, Kevin Fu, Matthew Green, and Susan Hohenberger. 2006. Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur. 9, 1 (February 2006), pp. 1-30.
[25] Adi Shamir. 1979. How to share a secret. Commun. ACM 22, 11 (November 1979), pp. 612-613.
[26] Sushmita Ruj, Milos Stojmenovic, and Amiya Nayak. 2012. Privacy Preserving Access Control with Authentication for Securing Data in Clouds. In Proceedings of the 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012) (CCGRID '12). IEEE Computer Society, Washington, DC, USA, pp. 556-563.
[27] Paolo Gasti, Giuseppe Ateniese, and Marina Blanton. 2010. Deniable cloud storage: sharing files via public-key deniability. In Proceedings of the 9th annual ACM workshop on Privacy in the electronic society (WPES '10). ACM, New York, NY, USA, pp. 31-42.
[28] Gansen Zhao, Ziliu Li, Wenjun Li, Hao Zhang, and Yong Tang. 2012. Privacy Enhancing Framework on PaaS. In Proceedings of the 2012 International Conference on Cloud and Service Computing (CSC '12). IEEE Computer Society, Washington, DC, USA, pp. 131-137.
[29] Tanmay Sinha, Vrns Srikanth, Mangal Sain, and Hoon Jae Lee. 2013. Trends and research directions for privacy preserving approaches on the cloud. In Proceedings of the 6th ACM India Computing Convention (Compute '13). ACM, New York, NY, USA, Article 21.
[30] Frederic P. Miller, Agnes F. Vandome, and John McBrewster. 2009.Advanced Encryption Standard. Alpha Press.
[31] NIST Computer Security Division's (CSD) Security Technology Group (STG) (2013). "Block cipher modes". Cryptographic Toolkit. NIST. Retrieved April 12, 2013.
[32] Morris Dworkin. Recommendation for block cipher modes of operation: methods and techniques. NIST Special Publication 800-38A, December 2001.
[33] Barry Leiba. 2012. OAuth Web Authorization Protocol. IEEE Internet Computing 16, 1 (January 2012), pp. 74-77.
[34] Hammer-Lahav, E., Ed., "The OAuth 1.0 Protocol", RFC 5849, April 2010.
[35] Hardt, D., Ed., "The OAuth 2.0 Authorization Framework", RFC 6749, October 2012.
[36] Antonio Garrote Hernández and María N. Moreno García. 2010. A formal definition of RESTful semantic web services. In Proceedings of the First International Workshop on RESTful Design (WS-REST '10), Cesare Pautasso, Erik Wilde, and Alexandros Marinos (Eds.). ACM, New York, NY, USA, pp. 39-45.
[37] Fielding, Roy T.; Taylor, Richard N. (May 2002), "Principled Design of the Modern Web Architecture" (PDF), ACM Transactions on Internet Technology (TOIT) (New York: Association for Computing Machinery) 2 (2): pp. 115–150.
[38] Steve Ward and Mat Hostetter. 2003. Curl: a language for web content. Int. J. Web Eng. Technol. 1, 1 (August 2003), pp. 41-62.
[39] Fette, I. and A. Melnikov, "The WebSocket Protocol", RFC 6455, December 2011.
[40] Yupu Zhang, Chris Dragga, Andrea C. Arpaci-Dusseau, and Remzi H. Arpaci-Dusseau. 2014. ViewBox: integrating local file systems with cloud storage services. In Proceedings of the 12th USENIX conference on File and Storage Technologies (FAST'14). USENIX Association, Berkeley, CA, USA, pp. 119-132.
電子全文 Fulltext
本電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。
論文使用權限 Thesis access permission:自定論文開放時間 user define
開放時間 Available:
校內 Campus: 已公開 available
校外 Off-campus: 已公開 available


紙本論文 Printed copies
紙本論文的公開資訊在102學年度以後相對較為完整。如果需要查詢101學年度以前的紙本論文公開資訊,請聯繫圖資處紙本論文服務櫃台。如有不便之處敬請見諒。
開放時間 available 已公開 available

QR Code