中文摘要：

为了提高对象存储系统的安全性,根据对象存储系统的特点,提出了一套基于椭圆曲线密码体制（ECC）的安全机制.在直接涉及数据存取安全的客户端与对象存储设备（OSD）之间,通过采用双向身份认证、会话密钥协商等安全措施,避免了中间人攻击等多类网络攻击,同时降低了系统对通信信道安全性能的要求.该安全机制不仅保证了对象存储系统的高安全性,而且简化了密钥管理.

英文摘要：

In consideration of the feature of the object-based storage system, a set of elliptic curves cryptosystems （ECC） based security mechanism was proposed to improve its security. By setting mutual authentication and key agreement between the client and the object storage device （OSD）, which affects the data access security directly, the man-in-the-middle attack and other network attacks could be prevented, and the demand for communication channel security of the storage system was reduced at the same time. It is remarkable that the mechanism proposed can realize the high security of the ob- ject-based storage system and make the key management simpler.