The current method of cloud storage data protection for user privacy is lack of the protection for keys. In order to solve this problem, a key management mechanism based on trusted module for cloud storage user was proposed. By introducing the trusted hardware module, a secure and efficient key backup and restore mechanism was established based on the basic principles of cryptography without a certificate to generate and store the user key information. Meanwhile, the efficiency of data protection was improved based on the theory of data segmentation. The implementation of key management based on trusted hardware module was described and detailed analysis focusing on security and efficiency was carried out. The experimental results showed that the mechanism can effectively protect the security of the users’ privacy data.
