nach oben

Cluster Computing

Erschienen in:

06.11.2019

An identity-based online/offline secure cloud storage auditing scheme

verfasst von: Reyhaneh Rabaninejad, Maryam Rajabzadeh Asaar, Mahmoud Ahmadian Attari, Mohammad Reza Aref

Erschienen in: Cluster Computing | Ausgabe 2/2020

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Cloud storage has significantly reduced data management costs for data owners. However, loss of physical control over the data after outsourcing, triggers some security concerns such as data integrity. Provable Data Possession (PDP) protocols, enable data owners to audit the integrity of their outsourced data without the need to retrieve the file from cloud server. However, most existing PDP schemes require resource-constrained users to perform costly operations for generating metadata on file blocks. In online/offline PDP mechanisms introduced most recently, the user’s computation is divided into online/offline phases, where the costly operations are allowed to be carried out in the offline phase. The users only require to perform lightweight operations in the real-time online phase. In this paper, we propose an identity-based (ID-based) online/offline PDP protocol which not only has lightweight computations at the users side, but also removes the complex certificate management/verification costs caused by expensive Public Key Infrastructure. The proposed scheme is based on an ID-based online/offline signature designed in this paper. The protocol is proven to be secure against a malicious cloud server in the random oracle model. We also prove the privacy preserving property of the protocol in the sense that it leaks no information of the outsourced data to the public verifier during the protocol execution. Moreover, our mechanism supports batch verification of multiple auditing tasks and fully dynamic data operations, efficiently. Experimental results demonstrate fine efficiency of our scheme in comparison to the recent proposals.

Vorheriger Artikel Fusion of medical images using deep belief networks

Nächster Artikel Alzheimer’s disease detection using skeleton data recorded with Kinect camera

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Cloud Security Alliance. Top threats to cloud computing. http://www.cloudsecurityalliance.org (2010). Accessed 25 Oct 2019

Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proceedings of the 14th ACM conference on computer and communications security, ACM 2007, pp. 598–609. ACM. Alexandria, Virginia, USA, Oct 29–Nov 02 (2007)

Juels, A., Kaliski, B. S. Jr: Pors: proofs of retrievability for large files. In: Proceedings of the 14th ACM conference on computer and communications security, pp. 584–597ACM (2007)

Shacham, H., Waters, B.: Compact proofs of retrievability. In: Proceedings of the international conference on the theory and application of cryptology and information security, pp. 90–107. Springer (2008)

Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. In: Proceedings of the advances in cryptology– ASIACRYPT 2001, vol. 2248, pp. 514–532. Springer, Gold Coast, Australia, Dec 9–13 (2001)

Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)CrossRef

Yuan, J., Yu, S.: Pcpor: public and constant-cost proofs of retrievability in cloud. J. Comput. Secur. 23(3), 403–425 (2015)CrossRef

Liu, J., Huang, K., Rong, H., Wang, H., Xian, M.: Privacy-preserving public auditing for regenerating-code-based cloud storage. IEEE Trans. Inf. Forensics Secur. 10(7), 1513–1528 (2015)CrossRef

Wu, L., Wang, J., Kumar, N., He, D.: Secure public data auditing scheme for cloud storage in smart city. Pers. Ubiquit. Comput. 21(5), 949–962 (2017)CrossRef

10.

Cash, D., Küpçü, A., Wichs, D.: Dynamic proofs of retrievability via oblivious ram. J. Cryptol. 30(1), 22–57 (2017)MathSciNetCrossRef

11.

Zang, L., Yu, Y., Xue, L., Li, Y., Ding, Y., Tao, X.: Improved dynamic remote data auditing protocol for smart city security. Pers. Ubiquit. Comput. 21(5), 911–921 (2017)CrossRef

12.

Shen, J., Shen, J., Chen, X., Huang, X., Susilo, W.: An efficient public auditing protocol with novel dynamic structure for cloud data. IEEE Trans. Inf. Forensics Secur. 12(10), 2402–2415 (2017)CrossRef

13.

Li, Y., Yu, Y., Yang, B., Min, G., Wu, H.: Privacy preserving cloud data auditing with efficient key update. Future Gener. Comput. Syst. 78, 789–798 (2018)CrossRef

14.

Yang, C.-Y., Huang, C.-T., Wang, Y.-P., Chen, Y.-W., Wang, S.-J.: File changes with security proof stored in cloud service systems. Pers. Ubiquit. Comput. 22(1), 45–53 (2018)CrossRef

15.

Rabaninejad, R., Ahmadian Attari, M., Rajabzadeh Asaar, M., Aref, M. R.: A lightweight auditing service for shared data with secure user revocation in cloud storage. IEEE Trans. Serv. Comput. (2019). https://doi.org/10.1109/TSC.2019.2919627 CrossRef

16.

Rabaninejad, R., Attari, M.A., Asaar, M.R., Aref, M.R.: Comments on a lightweight cloud auditing scheme: Security analysis and improvement J. Netw. Comput. Appl. 139, 49–56 (2019)CrossRef

17.

Zhao, J., Xu, C., Li, F., Zhang, W.: Identity-based public verification with privacy-preserving for data storage security in cloud computing. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 96(12), 2709–2716 (2013)CrossRef

18.

Gentry, C., Ramzan, Z.: Identity-based aggregate signatures. In: Proceedings of the international workshop on public key cryptography, pp. 257–273. Springer (2006)

19.

Wang, H., Wu, Q., Qin, B., Domingo-Ferrer, J.: Identity-based remote data possession checking in public clouds. IET Inf. Secur. 8(2), 114–121 (2013)CrossRef

20.

Wang, H.: Identity-based distributed provable data possession in multicloud storage. IEEE Trans. Serv. Comput. 8(2), 328–340 (2015)CrossRef

21.

Yu, Y., Xue, L., Au, M.H., Susilo, W., Ni, J., Zhang, Y., Vasilakos, A.V., Shen, J.: Cloud data integrity checking with an identity-based auditing mechanism from rsa. Future Gener. Comput. Syst. 62, 85–91 (2016)CrossRef

22.

Yu, Y., Au, M.H., Ateniese, G., Huang, X., Susilo, W., Dai, Y., Min, G.: Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage. IEEE Trans. Inf. Forensics Secur. 12(4), 767–778 (2017)CrossRef

23.

Wang, Y., Wu, Q., Wong, D. S., Qin, B., Chow, S. S., Liu, Z., Tan, X.: Securely outsourcing exponentiations with single untrusted program for cloud storage. In: Proceedings of the European symposium on research in computer security, pp. 326–343, Springer (2014)

24.

Shen, W., Yu, J., Xia, H., Zhang, H., Lu, X., Hao, R.: Light-weight and privacy-preserving secure cloud auditing scheme for group users via the third party medium. J. Netw. Comput. Appl. 82, 56–64 (2017)CrossRef

25.

Li, J., Zhang, L., Liu, J.K., Qian, H., Dong, Z.: Privacy-preserving public auditing protocol for low-performance end devices in cloud. IEEE Trans. Inf. Forensics Secur. 11(11), 2572–2583 (2016)CrossRef

26.

Wang, Y., Wu, Q., Qin, B., Tang, S., Susilo, W.: Online/offline provable data possession. IEEE Trans. Inf. Forensics Secur. 12(5), 1182–1194 (2017)CrossRef

27.

Merkle, R.C.: Protocols for public key cryptosystems. In: Proceedings of the IEEE symposium on security and privacy, pp. 122–122, IEEE (1980)

28.

Bao, F., Deng, R. H., Zhu, H.: Variations of diffie-hellman problem. In: Proceedings of the international conference on information and communications security. pp. 301–312, Springer (2003)

29.

Krawczyk, H., Rabin, T.: Chameleon signatures. In: Proceedings of the symposium on network and distributed systems security (NDSS’ 00), pp. 143–154, Internet Society (2000)

30.

Yu, Y., Ni, J., Au, M.H., Mu, Y., Wang, B., Li, H.: Comments on a public auditing mechanism for shared cloud data service. IEEE Trans. Serv. Comput. 8(6), 998–999 (2015)CrossRef

31.

Hess, F.: Efficient identity based signature schemes based on pairings. In: Proceedings of the international workshop on selected areas in cryptography, pp. 310–324. Springer (2002)

32.

Wang, C., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for data storage security in cloud computing. In: Proceedings of the IEEE Infocom 2010, pp. 1–9. IEEE (2010)

33.

Shamus Software Ltd., Miracl library. http://www.shamus.ie/index.php?page=home. Accessed 25 Oct 2019

Titel: An identity-based online/offline secure cloud storage auditing scheme
verfasst von: Reyhaneh Rabaninejad
Maryam Rajabzadeh Asaar
Mahmoud Ahmadian Attari
Mohammad Reza Aref
Publikationsdatum: 06.11.2019
Verlag: Springer US
Erschienen in: Cluster Computing / Ausgabe 2/2020
Print ISSN: 1386-7857
Elektronische ISSN: 1573-7543
DOI: https://doi.org/10.1007/s10586-019-03000-5

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2020

Improving resource allocation in software-defined networks using clustering

Hybrid dual-objective parallel genetic algorithm for heterogeneous multiprocessor scheduling

Approaches of enhancing interoperations among high performance computing and big data analytics via augmentation

Cloud datacenter workload estimation using error preventive time series forecasting models

Correction to: Artificial neural networks based techniques for anomaly detection in Apache Spark

General spin-up time distribution for energy-aware IaaS cloud service models

Premium Partner