CIFS ( Common Internet File System) , the core protocol of the network storage in application layer, is the communication protocol for data storage applied in NAS (network attached storage). Cloud storage is a novel form of network storage, and both the enterprise and individual users begin to use cloud storage as their network storage media. Along with the widespread use, the security issues of the cloud storage catch the eyes of users, such as data leakage and data tampering. In this paper, based on the cloud storage service of Amazon S3, we design and implement a CIFS-based cloud storage security gateway system (CSSGS). With the CSSGS, users are able to utilise the cloud storage service of Amazon S3 in their habits the same as accessing NAS. It also encrypts/decrypts all the users data before uploading/downloading to/from Amazon S3, hence the information leakage during the process of data communication and storage is prevented effectively. It also offers the integrity checking on files downloaded from S3 to examine the consistency of the contents with the uploaded one for data tempering prevention.%CIFS(Common Internet File System)协议是网络存储在应用层的核心协议,是应用于网络附加存储NAS(Network Attached Storage)进行数据存储的通信协议.云存储是一种新型的网络存储形式,企业和个人用户都开始使用云存储作为其网络存储媒介.随着云存储的广泛使用,云存储中数据的安全问题,如数据泄漏和数据篡改,也成了用户广泛关注的问题.基于Amazon S3的云存储服务,设计并实现一款基于CIFS协议的云存储安全网关系统CSSGS (Cloud Storage Security Gateway System).通过该网关,用户能够以访问NAS的访问习惯,使用Amazon S3云存储服务;该网关还对用户上传至Amazon S3的数据进行加密保护,可以有效防止数据在传输和存储过程中的泄漏;同时该网关还对从S3下载的文件进行完整性校验,检测其内容与上传时是否一致,以防止被篡改.
展开▼
