A policy-based de-duplication mechanism for encrypted cloud storage

De-duplication reduces the amount of data need to be transferred, stored, and managed, which is incentive for both cloud providers and users in the cloud storage. On the other hand, as user data are outsourced to cloud providers, encryption becomes a necessary before updating data into the cloud. However, data de-duplication and data encryption are greatly opposed to each other. In order to solve the above conflict, a policy-based de-duplication scheme is proposed in this paper. It proposes a proxybased and policy-driven de-duplication mechanism to enable different trust relations among cloud storage providers, de-duplication modules and different security requirements. A key management scheme to access and decrypt the shared de-duplicated data chunks is also proposed in this paper based on Proxy Re-encryption algorithms. Security analysis is given afterwards to prove the security characteristics of the proposed mechanism.