Your Data Security is the priority of MEMO
在信息技术领域,数据安全一直是一个严重的问题。在传统方法中,它在云计算环境中变得更加危险,因为数据存储在多个位置,甚至在全球范围内。用户对云技术最大的关注点是数据安全和隐私保护。尽管学术界和工业界已经研究了许多关于云计算主题的技术,但数据安全和隐私保护对于云计算技术在政府、行业和企业的未来发展变得越来越重要。此外,当数据移动到云端时,用户会失去对云端的控制,云数据可能不安全,并且容易受到大量攻击。云存储安全具有广泛的影响力,公众对用户隐私的关注正在扩大。
然而,目前的云存储系统存在一些弊端,例如集中式数据存储会危及服务器安全,并且需要受信任的第三方,这使得用户隐私保护成为一场噩梦。在当今分散的云计算中,许多数据中心的数据不是分布式的。因此,数据安全性、完整性和可用性都会受到损害。近年来,世界各地的知名媒体一直在报道围绕云存储的安全风险,例如消费者的文件在iCloud上被泄露。例如,2009 年,在线书签服务发生重大数据故障,导致客户书签完全丢失。此外,在 2008 年,一家名为“The Linkup”的云公司拥有超过 20,000 名付费用户,由于毁灭性的系统崩溃,他们丢失了大部分数据。在这次灾难性的系统故障之后,The Linkup 倒闭了。他们把自己的麻烦归咎于他们的存储合作伙伴,但他们无力阻止客户的损失。
不幸的是,集中式系统中目前没有合适的云数据安全解决方案。随着云计算和大数据技术的进步,越来越多的企业和个人选择将其数据存储在云上。云中的大多数数据(例如个人医疗记录和公司内部数据)都容易受到攻击。云计算以其众多潜在优势而闻名,许多公司计划和数据正在迁移到公共云或混合云。但是,一些公司,尤其是大型企业,不会将关键业务软件转移到云中。就规模而言,云计算市场仍远低于预期。云计算安全问题,特别是数据安全和隐私保护问题,仍然是消费者采用云计算服务的主要障碍。云提供商的数据管理员可以轻松操作敏感数据。资源有限的小型企业可能会发现,将数据委托给云提供商比将其保留在本地更安全。另一方面,云提供商无法在消费者敏感数据、贸易政策、公司战略、价格信息或任何其他机密信息方面为大型企业提供足够的保护。
基于区块链的存储系统中的数据安全技术
近年来,区块链、新的去中心化基础设施和分布式计算范式得到了深入的研究和应用。在这个没有任何中央机构帮助的惊人系统中,每个人都可以构建自己的区块链身份,这与他们的现实生活身份完全分开。因此,帐户管理是匿名完成的,并且用户的身份是隐藏的,从而提供了更高级别的隐私。与以前的系统不同,以前的系统要求一个人在网络中注册他们的个人信息(如全名和银行账户详细信息),区块链可以防止一个人的真实身份被泄露,直到他们放弃他们的私钥。
区块链机制的工作原理是将用户的文件划分为多个相同大小的块,对这些文件块进行加密,使用数字签名算法对它们进行签名,然后使用这种架构将它们上传到 P2P 网络。下一步,它利用区块链技术在需要云存储的用户和有空闲空间的用户之间创建交易机制。此外,在这种架构中,系统选择了一种随机文件副本放置方法,以便用户可以快速从云端获取文件并减轻 P2P 网络的负载。最后,Merkle 哈希树将用作验证工具,以确保文件的完整性。
去切和防篡改是区块链技术的两个优势。它可以在分布式系统中实现基于去中心化信用的点对点通信和协作,其中节点不需要使用数据加密、时间戳、分布式共识和其他方法相互信任。它为集中式机制中的数据存储过于昂贵、低效和不安全的问题提供了解决方案。提供了两种基于区块链的加密方法,每种方法都使用加密技术来传递只能由目标节点解密的秘密信息。即使传输被恶意节点拦截,由于没有密钥,因此无法获取信息内容。在这种方法中,确保了传输信息的隐私和安全。提出了一种快速实现共识区块链系统的概念,它允许节点快速评估传输信息来源的合法性及其准确性。因此,源节点被确认为可信节点,而不是敌对节点。该解决方案基于基于块的去中心化策略来保护个人数据。因此,数据不会由第三方以阻止第三方使用个人数据的方式持有。
区块链为用户提供了以下数据安全的好处;
1. 在通过区块链发送之前,每个数据都必须加密。只有拥有解密密钥的人才能访问文件的内容。尽管一些集中式存储网络提供加密,但由于去中心化区块链上的文件被分成更小的分片(部分),并且分片分布在不同的存储提供商之间,我们可以确信,与基于云的存储系统不同,即使是恶意节点也无法完全解密文件并访问其数据。
2. The data transfer process can be treated as a transaction on the blockchain, which can be recorded in a block. It enables secure data storage in an online ledger where participants can share and confirm information without the need for a central authority. Through consensus agreements, all members collaborate to maintain the shared database.
3. This system employs the asymmetric digital signature technique to encrypt transactions with node ID as the public key to prevent malicious attacks such as Ack flooding and hostile nodes. The validation node verifies the transactions that are entered into the blockchain system. To some extent, this eliminates a lot of duplicate data.
4. Storage providers must prove that the data has not been manipulated. Even if the file is manipulated, the altered part can be easily accessed via the Merkle root. All transactions are stored in blocks, and the transaction blocks are mapped to a hash value called Merkle tree, allowing it to rapidly follow the transaction's origins and give convenient system analysis.
5. Only the permitted members of a private blockchain can read or write, and there is no need to rely on a trusted middleman. Without the need for extra resources, the blockchain network will be scalable to handle billions of devices. To the centralized storage and service system, this will be a significant change and shock. The robustness of blockchains is superior.
MEMO’s data security architecture
The MEMO can be used in a variety of situations, which is more inclusive and adaptable to a variety of data types. Memo ensures complete user privacy by utilizing encryption technologies and decentralized approaches. To strengthen the system's credibility, MEFS employs both dependability and time-consuming proofs, and to eliminate manipulation and single-point failure, it additionally employs random beacons and the BFT protocol to validate proofs. Apart from blockchain storage, the consensus procedure is completed off-chain to minimize logistical concerns with the transactions. This method not only provides data security and reliability but also allows for some flexibility. Users can customize the storage time to match their demands. They can also modify or create data traces, as well as delete data that is only available to users. The files in the MEFS system are encrypted at the source client, then segmented using a combination of multiple copies and erasure redundancy codes before being stored in the network's nodes. To put it another way, the data in the storage node is incomplete, but it is encrypted with asymmetric encryption technology. Data can only be decrypted by the individual who has the private key.
The MEMO also implements an access control mechanism. Only data kept in edge devices is accessible to users, keepers, and providers. The keeper can only read and write data, whereas the provider can only read and write data with the user's or keeper's permission. Memo uses zero-knowledge proof, homomorphic encryption, secure multi-party computing, and other privacy computing technologies in the data storage status verification process. This method maximizes user privacy protection while also allowing for third-party verification.
Data repair generated by node failures has a significant impact on data reliability, availability, and serviceability (RAS) in erasure-coded data centers. In comparison to the recovery phase of data restoration, which has been extensively researched and optimized, the failure identification step of data repair has received less attention. Furthermore, in a standard failure identification approach, all chunks have the same identification time threshold, resulting in a loss of opportunity to enhance the RAS further. MEMO proposes RAFI, a unique risk-aware failure identification technique, to address this issue. RAFI uses multiple time criteria to identify chunk failures in stripes with varying numbers of failed chunks. A shorter identification time is used for pieces in a high-risk stripe (a stripe with numerous failed chunks), enhancing overall data dependability and availability. A longer identification time is used for pieces in a low-risk stripe (one with only a few failed chunks), decreasing repair network traffic. As a result, the RAS can be enhanced at the same time.
In this brief discussion, I focus on the application of blockchain technology in cloud data security after analyzing threats in the cloud environment. Data storage and retrieval in cloud storage is one of the most important and contentious concerns of the time. Blockchain is a game-changing technology with peer-to-peer and decentralized capabilities that potentially disrupt a wide range of sectors. Traditional storage systems have several flaws that blockchain-based storage systems can address. Within the blockchain, MEMO is incorporating novel techniques for the most secure storage system, that will be helpful to the quick data store and transfer, scalable, affordable, and reliable.