雲端應用蓬勃發展，客製化的服務需求不斷增加，隱私權的問題也日漸重要。尤其Google Drive、Dropbox或Mega等，都是由一間公司或組織來進行管理與維護，因此產生了容易被攻擊、昂貴的仲介費用和喪失個人資料的自主權等議題。本研究提出以區塊鏈元數據分離之匿名雲端儲存系統(Anonymous Metadata Separated Cloud Storage System, AMSC)，來改善上述雲端儲存服務的缺失。
　　本研究利用區塊鏈的匿名性和難竄改之特性，來改善雲端儲存服務的缺點。所提出之系統由區塊鏈(底層)、智能合約(中介層)、雲端儲存服務(應用層)和檔案擁有者(應用層)所組成，運用點對點通訊的網路特性使得所有應用層的權利平等化。使用者可以在本地端產生檔案的元數據以及自己的公私鑰，並將自己的身份和元數據上傳到區塊鏈，而雲端服務只需讀取區塊鏈上的資訊，並利用該檔案的創建時間以及以Elliptic Curve Digital Signature Algorithm (ECDSA)驗證使用者的數位簽名，即可快速判別檔案擁有者的身份，達到防止侵權行為的目的。
　　本研究針對三大架構(純區塊鏈技術、混和區塊鏈和快取機制、資料庫技術)進行上傳檔案和下載檔案效能壓力測試，其指標包含吞吐量、延遲時間隨時間變化以及反應時間區間統計。分析結果顯示，含有快取的架構相較於最初始的純區塊鏈技術效能成長約5倍，同時達到0.53倍的資料庫技術效能(相差大約23ms~37ms)。經過效能分析證實了本研究所提出架構具有商業化的可行性。

Problems regarding privacy have arisen in recent years due to the rapid development of cloud computing technology. Services such as Google Drive, Dropbox, and Mega are all respectively managed and maintained by a company or organization, which costs heavier agency fees and make them easy targets for cyber attacks. This research aims to improve cloud storage services by using the Anonymous Metadata Separated Cloud Storage System (AMSC).
AMSC improves cloud storage systems by utilizing the anonymity and immutability of blockchain. The system allows users to access block chain data via smart contracts, and recognize all users within the application layer equally because it is established on a peer-to-peer network. Users can use a local computer to generate and upload metadata of files and personal key pairs to the blockchain, enabling cloud storage services to read the information on it. The prevention of unauthorized use and sharing of files can be achieved by the verification process of matching creation time of the files and digital signature generated by ECDSA.
This study stress tests the performance of uploading and downloading files regarding the three architectures have been mentioned (pure blockchain technology, hybrid blockchain technology with cache, database technology), and record throughput, latency time, and response time for analysis. The analyzed results show the clear superiority of the hybrid blockchain technology relative to the pure blockchain technology with a 500% increase in performance, which is 53.19% of the database technology performance. Through the analysis of performances, this study provides substantiated evidence to claim that the architecture suggested by this study is viable.

[1] M. Srivastava, "Algorithm to prevent back end database against SQL injection attacks," of the 2014 International Conference on Computing for Sustainable Global Development (INDIACom), New Delhi, pp. 754-757, 2014.
[2] F. Alsubaei, A. Abuhussein and S. Shiva, "Quantifying security and privacy in Internet of Things solutions," of the NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium, pp. 1-6, 2018.
[3] N. Zhumabekuly Aitzhan and D. Svetinovic, "Security and Privacy in Decentralized Energy Trading through Multi-signatures, Blockchain and Anonymous Messaging Streams," of the IEEE Transactions on Dependable and Secure Computing, 2016.
[4] Blockchain-certificates made by Massachusetts Institute of Technology(https://github.com/Blockchain-certificates).
[5] J. Singh and J. D. Michels, "Blockchain as a Service (BaaS): Providers and Trust," of the 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pp. 67-74, 2018.
[6] B. C. Florea, "Blockchain and Internet of Things data provider for smart applications," of the 2018 7th Mediterranean Conference on Embedded Computing (MECO), pp. 1-4, 2018.
[7] X. Liang, S. Shetty, D. Tosh, C. Kamhoua, K. Kwiat and L. Njilla, "ProvChain: A Blockchain-Based Data Provenance Architecture in Cloud Environment with Enhanced Privacy and Availability," of the 2017 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGRID), pp. 468-477, 2017.
[8] Y. Niu, L. Wei, C. Zhang, J. Liu and Y. Fang, "An anonymous and accountable authentication scheme for Wi-Fi hotspot access with the Bitcoin Blockchain," of the 2017 IEEE/CIC International Conference on Communications in China (ICCC)), pp. 1-6, 2017.
[9] L. Wu, X. Du, W. Wang and B. Lin, "An Out-of-band Authentication Scheme for Internet of Things Using Blockchain Technology," of the 2018 International Conference on Computing, Networking and Communications (ICNC), pp. 769-773, 2018.
[10] Y. S. Martin and A. Kung, "Methods and Tools for GDPR Compliance Through Privacy and Data Protection Engineering," of the 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) , pp. 108-111, 2018.
[11] M. Takemiya and B. Vanieiev, "Sora Identity: Secure, Digital Identity on the Blockchain," of the 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC), pp. 582-587, 2018.
[12] L. M. Bach, B. Mihaljevic and M. Zagar, "Comparative analysis of blockchain consensus algorithms," of the 2018 41st International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), pp. 1545-1550, 2018.
[13] G. S. Veronese, M. Correia, A. N. Bessani, L. C. Lung and P. Verissimo, "Efficient Byzantine Fault-Tolerance," of the IEEE Transactions on Computers, vol. 62, pp. 16-30, 2013.
[14] H. Sukhwani, J. M. Martínez, X. Chang, K. S. Trivedi and A. Rindos, "Performance Modeling of PBFT Consensus Process for Permissioned Blockchain Network (Hyperledger Fabric)," of the 2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS), Hong Kong, pp. 253-255, 2017.
[15] M. Ghareeb, M. Rammal, A. Nahle, M. Raad and A. Bazzi, "Pl-to-PI: A solution towards secure peer to peer communication network," of the 2017 Sensors Networks Smart and Emerging Technologies (SENSET), Beirut, 2017, pp. 1-4.
[16] Satoshi Nakamoto, "Bitcoin: A Peer-to-Peer Electronic Cash System," of the Bitcoin Organization, 2008.
[17] Michael Crosby, Nachiappan, Pradhan Pattanayak, Sanjeev Verma, Vignesh Kalyanaraman, "Blockchain Technology Beyond Bitcoin", Sutardja Center for Entrepreneurship & Technology, 2015.
[18] S. Pongnumkul, C. Siripanpornchana and S. Thajchayapong, "Performance Analysis of Private Blockchain Platforms in Varying Workloads," of the 2017 26th International Conference on Computer Communication and Networks (ICCCN), Vancouver, pp. 1-6, 2017.
[19] B. Gipp, C. Breitinger, N. Meuschke and J. Beel, "CryptSubmit: Introducing Securely Timestamped Manuscript Submission and Peer Review Feedback Using the Blockchain," of the 2017 ACM/IEEE Joint Conference on Digital Libraries (JCDL), pp. 1-4, 2017.
[20] Thomas Hardjono and Ned, "Smith.Cloud-Based Commissioning of Constrained Devices using Permissioned Blockchains" of the 2nd ACM International Workshop on IoT Privacy, Trust, and Security, pp. 29-36, 2016.
[21] Andersen, Michael P and Kolb, John and Chen, Kaifei and Fierro, Gabriel and Culler, David E. and Popa, Raluca Ada, "WAVE: A Decentralized Authorization System for IoT via Blockchain Smart Contracts", EECS Department, University of California, Berkeley, 2017.
[22] Ethereum Blockchain App Platform (https://ethereum.org/)
[23] Ethereum White Paper (https://github.com/ethereum/wiki/wiki/White-Paper)
[24] Y. B. Kim, E. Hemberg and U. M. O'Reilly, "Collision frequency locality-sensitive hashing for prediction of critical events," of the 2017 39th Annual International Conference of the IEEE Engineering in Medicine and Biology Society (EMBC), pp. 3088-3093, 2017.
[25] L. Qi, X. Zhang, W. Dou and Q. Ni, "A Distributed Locality-Sensitive Hashing-Based Approach for Cloud Service Recommendation from Multi-Source Data," of the IEEE Journal on Selected Areas in Communications, pp. 2616-2624, 2017.