Security and privacy are critical for cloud storage because extensive privacy information, such as person al d a ta, is involved in services. The important progress has been focused on the are a of secure cloud storage recently, including data deduplication , oblivious storage, data encryption and ciphertext searching, and data integrit y audit. First, the secure data deduplication is discussed for cloud sto rage to ad dress multiple types of attacks, for instance, identifying files attacks, which reduces the overhead to cloud servers and brings benefit to end users. The recent prog ress is also investigated on the oblivious storage, which introduces the partiti o n based framework and asynchronicity to reduce the computation overhead, pro vidi n g privacy protection and scalability for cloud storage. Then, inspired by tradit ional encryption techniques, the cloud encryption and ciphertext sea rching are considered, such as the ciphertext policy attribute based encryptio n that provides s earch services for encrypted data and avoids privacy leakage. With key exposure resistance, data integrity audit system provides security, efficiency and verifi ability for cloud storage. In summary, the advanced research of above security techniques are discussed, and the future research on improvin g the security and privacy of commercial cloud storage systems is explored.