The Study of Secure Peer-to-Peer Cloud File Storage Systems Achieving Integrity, Confidentiality, and Partial Filename Queries

In the project, we propose a system management call balance ring, which is applied in file storage system and make each system storage data averagely. We apply the lookup service, similar to Chord’s, in the part "data distribution and retrieval" of our system. No matter Chord, CFS, or our system is used, we have to know the index of a block before searching a specific block, so that we can find the block through the index. We also propose some block index methods to be used in our system. These block index methods can also be used in network file systems such as Chord and CFS. It solves the block index problems that Chord system and CFS system do not solve yet. In our system, we also consider the security problem, including data privacy and integrity. We do not use the method, such Chord or CFS, which directly put the file plaintext in untrusted servers. It can prevent data being stolen, modified and even destroyed. If the stored block in stolen, attacks do not know any plain information about files. If achieves data privacy. If the file is modified by attacks, we can aware the data has been modified by the judgment of system. It achieves data integrity. Even if data is deleted or destroyed maliciously, we also have protecting policy to rescue the data. Moreover, in the aspect of cryptography system, we only use symmetric cryptography and hash function. Compared to CFS system, the speed performance is enhanced because no asymmetric cryptography system is used. The proposed approach supports complex queries and guarantees result quality. The P2P overlays can be classified as either unstructured or structured. Unstructured P2P overlays, such as Gnutella and Freenet, do not embed a logical and deterministic structure to organize peer nodes. Structured P2P systems, such as CAN, Chord, Yapper and Tapestry, utilize a Distributed Hash Table (DHT) to direct searches to specific node(s) holding the requested data. However, due to the hash characteristic, DHT-based systems can only support keyword searches. In the proposed approach, the filename of published files are first translated to form the index sequences that can be mapped into a set of keys in a structured P2P system. During query processing, a query is transformed into one or several query phrase(s) and each query phrase is then mapped into a key in the P2P system structure. By using the key, a user can locate the node responsible for the key. There are some advantages in our work. First, all kinds of file types can be collected. And second, the recall of a query can be guaranteed. In our system, if one of the servers suddenly stops working, we can recover the whole data and redistribute data blocks. If his or her own host destroys unexpectedly, he or she can find the whole backup encrypted data and recovery the whole data from any one computer. Besides that, we also consider the characters of each node, such as availability, capability and trustiness, to decide the file-storage allotment and its specific deal for each node. For example, we decide the amount of data distribution and the method of data stored through the properties of different servers. Of course we consider the method of addition, deletion and update of one new or existed file. We also propose the manner to deal with files when each node joins or leaves.

Project ID:PB10207-1915
External Project ID:NSC102-2221-E182-038