中文摘要：

随着云计算等在线计算服务的普及，用户数据隐私保护正在成为一个重要挑战．当用户数据上传到了云服务器端，用户就不再能够保证数据是受到保护的，并且能够被彻底销毁．为了向用户提供一种可靠的数据保护与销毁的途径，我们借助可信计算技术作为硬件上的可信计算基础，借助虚拟机监控器作为软件上的可信计算基础．可信的虚拟机监控器负责保护用户的敏感数据，并按照用户命令对数据进行彻底销毁．即使云服务器的全权管理员也无法绕过保护机制得到受保护的敏感数据．提出了Dissolver系统的设计与实现．Dissolver保证了用户数据在服务器端整个生命周期中的隐私性，并且在用户指定时间彻底销毁．性能测试显示数据Dissolver原型系统的性能开销能够控制在合理范围之内．

英文摘要：

Data privacy protection is one of the primary concerns and major challenges for online services, such as cloud computing and outsourced data center. The concern is getting serious with the computing practices shifting towards cloud computing. Once user data is uploaded, end users are hard to guarantee that the data is protected and can be completely destructed by any means. Users can only rely on blind trust on the online service vendors. However, the privacy of user data can be compromised in multiple ways including careless operations of cloud administrators, bugs and vulnerabilities inside cloud infrastructure and even malicious cloud vendors. In this research, we seek to provide users with a concrete way to protect or destroy uploaded data. We utilize the technique of trusted computing as the trusted root in the hardware layer, and the hypervisor as the trusted agent in the software layer. The trusted hypervisor is responsible for protecting sensitive user data or destructing them at user＇s command. Even administrators of the cloud cannot bypass the protection. This paper presents Dissolver, a novel system that keeps the data privacy in the whole life-time and ensures the destruction at the user＇s command. Performance evaluation shows that the prototype system imposes reasonably low runtime overhead.