云环境下保护用户隐私的身份认证方案研究与实现.doc

摘要 云计算为我们提供了一个开放、按需服务、可扩展的应用平台和商业模式，云服务提供者并非完全可信，用户在使用云服务时，首要考虑的问题就是自己的信息是否会被泄露，另外出于某些隐私的考虑，用户不希望云服务提供者掌握用户的全部信息，例如在基于云的位置服务，用户不希望云服务提供者看到自己去过那些地方，在某些地方的停留时间等等。因此，为了在云环境下保护用户的隐私，就必须建立一个完整的、安全的保护用户隐私的匿名认证系统。 论文主要研究了保护用户隐私的身份认证技术，主要工作如下： 分析现有的基于无线通信环境下的位置隐私匿名认证方案，指出该方案中存在没有完全实现用户的匿名、拒绝服务攻击、假冒攻击这些缺点，利用拉格朗日插值法提出了一个新的解决方案，通过安全性表明，该方案在安全上不仅完全实现了原方案的安全性，而且也克服了原方案中存在的不足，并且通过性能分析，该方案在客户端和服务端的计算量要少于原方案，提高了性能。 基于新提出的方案，本文利用Hadoop开源的分布式架构模拟了一个云环境，将新方案的实施过程在该环境下进行了系统设计，并验证了该系统的可行性。 关键字：云存储；匿名认证；双向认证；隐私保护；同态哈希函数 ABSTRACT Cloud computing provides us with an open, on-demand services, scalable application platform and business model, the cloud service provider is not completely trusted users in the use of cloud services, the primary consideration of the question is whether their information will be leaked In addition, for some privacy considerations, the user does not want to cloud service providers to master all of the user information, such as cloud-based location services, users do not want to see their cloud service providers have been to those places, in some places residence time and so on. Therefore, in order to protect the users privacy in a cloud environment, it is necessary to build a complete and secure protection of user privacy anonymous authentication scheme. Protect user privacy authentication service to provide safe and effective user access authentication, user authentication through the use of this mechanism, not only can achieve anonymous authentication, you can also verify the identity of the service providers legitimacy, to achieve mutual authentication. For some shortcomings of existing location-based privacy protection certification programs exist under the wireless network, the article mainly about the work done: Analysis of existing anonymous authentication scheme based on location privacy of wireless communication environment, noted the existence of the program is not fully implemented in the users anonymity, denial of service attacks, spoofing att