A scheme of data confidentiality and fault-tolerance in cloud storage

The off-premises storage paradigm that comes with cloud storage has incurred great concerns on the security of data, especially the integrity and confidentiality of data. The untrusted cloud providers´ complete control over data may endanger data confidentiality, at the same time the invaders or accident of storage device may also damage the availability of data. Our research is mainly concentrated on the confidentiality of data, the recovery of loss data and the repair of error data. We provide a security scheme for the data stored in a remote cloud storage system, and the scheme is based on symmetric encryption technology and erasure codes. Boot password is adopted to avoid the problem of key preservation and management which is used in traditional symmetric encryption technology and tornado code is introduced as the basis for the redundant system to overcome the lost data recovery issues. To the end, keyed-Hash which adds additional error correction function to the tornado code is brought forth to solve the problem of tampering of data. The simulation results show that the scheme is efficient in recovering loss data and provide good resistance to the Byzantine faults, meanwhile it has high computing efficiency, especially when processing a big file.