摘要
目前电子数据的安全存储主要依赖加密技术,数据通常只用一个密钥进行加密,并且密钥的管理过于集中,无法应对内部人员的密钥泄漏问题。设计了一种数据存储系统模型,包括访问控制子模型,用于数据的安全存储。一份完整的数据被分割成数份后加密存储在多个存储服务器上,一个或多个服务受到攻击时,攻击者无法从这些数据分片还原出完整的数据明文,从而达到安全存储的目的。最后将分析该模型的安全性能以及存储效率。
The current mechanism of safe storage for electronic data mainly depends on the cryptography. Basically,the data are encrypted by a single key and the management is centralized.This schema cannot prevent the key leaking problem from inner staff.In the paper,a new system model of data safe storage in-cluding access control sub-model was proposed.A set of data was separated into several pieces and stored respectively on multiple servers after encryption.Provided that one or some servers were attacked and some pieces of original data were leaked,the attacker could not recover the plaintext from those pieces.There-fore,the goal of safe storage was reached.At the end of paper,the security performance and the storage ef-ficiency of this model were analyzed.
出处
《南昌大学学报(理科版)》
CAS
北大核心
2014年第3期301-306,共6页
Journal of Nanchang University(Natural Science)
基金
国家自然科学基金资助项目(61073114)
关键词
电子数据
分离存储
安全恢复
electronic data
separate storage
safe recovery
