Top

Soft Computing

Published in:

05-01-2018 | Methodologies and Application

Improved secure fuzzy auditing protocol for cloud data storage

Authors: Jindan Zhang, Baocang Wang, Debiao He, Xu An Wang

Published in: Soft Computing | Issue 10/2019

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Nowadays, more and more people prefer to outsource their storage to the cloud; however, due to some accidents, cloud storage service providers may lose some data outsourced by the data owners. Thus a mechanism to ensure the outsourced cloud data remaining intact is needed for smoothly running the cloud storage service. Fuzzy cloud auditing protocol is such a mechanism running between data owners and cloud storage service providers. In these protocols, the data owner fuzzy challenges the cloud storage servers on the randomly chosen data blocks with random values, the servers need to response with corrected aggregated tag proof to pass through the auditing process. Until now, there are many fuzzy cloud auditing protocols with various interesting properties. In 2015, Yuan et al. proposed an auditing scheme supporting publicly integrity checking and dynamic data sharing with multi-user modification, which aims at allowing multiple cloud users to modify data while ensuring the cloud data’s integrity. Also recently Yuan et al. proposed a public proofs of retrievability (POR) in cloud with constant cost, they showed their scheme is the first POR scheme which can simultaneously achieve public verifiability, constant communication and computational costs on users, and prove the security of their scheme. However, in this paper, we show their schemes are not secure, concretely, the tags in their schemes can be easily forged. We also give an improved fuzzy cloud auditing scheme for the data owners.

previous article iMOPSE: a library for bicriteria optimization in Multi-Skill Resource-Constrained Project Scheduling Problem

next article Adaptive differential evolution with multi-population-based mutation operators for constrained optimization

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Ateniese G, Burns RC, Curtmola R, Herring J, Kissner L, Peterson ZNJ, Song D (2007) Provable data possession at untrusted stores. In: Ning P, di Vimercati SDC, Syverson PF (eds) ACM CCS 07. ACM Press, New York, pp 598–609CrossRef

Cash D, Küpçü A, Wichs D (2013) Dynamic proofs of retrievability via oblivious RAM. In: Johansson T, Nguyen PQ (eds) EUROCRYPT 2013, vol 7881. Springer, Heidelberg, LNCS, pp 279–295. https://doi.org/10.1007/978-3-642-38348-9_17

Cristina D, Elena A, Catalin L, Valentin C (2014) A solution for the management of multimedia sessions in hybrid clouds. Int J Space-Based Situat Comput 4(2):77–87CrossRef

Guo S, Xu H (2015) A secure delegation scheme of large polynomial computation in multi-party cloud. Int J Grid Util Comput 6(2):1–7

Halevi S, Harnik D, Pinkas B, Shulman-Peleg A (2011) Proofs of ownership in remote storage systems. In: Chen Y, Danezis G, Shmatikov V (eds) ACM CCS 11, ACM Press, pp 491–500

Juels A, Kaliski BS Jr (2007) PORs: proofs of retrievability for large files. In: Ning P, di Vimercati SDC, Syverson PF (eds) ACM CCS 07. ACM Press, New York, pp 584–597CrossRef

Li Q, Ma J, Li R, Liu X, Xiong J (2016) Secure, efficient and revocable multi-authority access control system in cloud storage. Comput Secur 59(C):45–59CrossRef

Ma R, Xiong J, Lin M, Ye A (2017) Privacy protection-oriented mobile crowdsensing analysis based on game theory. IEEE TrustCom 2017

Meriem T, Mahmoud B, Fabrice K (2014) An approach for developing an interoperability mechanism between cloud providers. Int J Space-Based Situat Comput 4(2):88–99CrossRef

Ning P, di Vimercati SDC, Syverson PF (eds) (2007) ACM CCS 07. ACM Press, New York

Shacham H, Waters B (2008) Compact proofs of retrievability. In: Pieprzyk J (ed) ASIACRYPT 2008, vol 5350. Springer, Heidelberg, LNCS, pp 90–107

Shi E, Stefanov E, Papamanthou C (2013) Practical dynamic proofs of retrievability. In: Sadeghi AR, Gligor VD, Yung M (eds) ACM CCS 13, ACM Press, pp 325–336

Wang H (2013) Proxy provable data possession in public clouds. IEEE Trans Serv Comput 6(4):551–559CrossRef

Wang H (2015) Identity-based distributed provable data possession in multicloud storage. IEEE Trans Serv Comput 8(2):328–340CrossRef

Wang Q, Wang C, Ren K, Lou W, Li J (2012) Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans Parallel Distrib Syst 22(5):847–859CrossRef

Wang B, Baochun L, Hui L (2013a) Public auditing for shared data with efficient user revocation in the cloud. In: Proceedings of the 33th conference on information communications (INFOCOM 13), IEEE, pp 2750–2758

Wang C, Chow S, Wang Q, Ren K, Lou W (2013b) Privacy-preserving public auditing for secure cloud storage. IEEE Trans Comput 62(2):362–375MathSciNetCrossRefMATH

Wang H, He D, Tang S (2016a) Identity-based proxy-oriented data uploading and remote data integrity checking in public cloud. IEEE Trans Inf Forensics Secur 11(6):1165–1176CrossRef

Wang H, Li K, Ota K, Shen J (2016b) Remote data integrity checking and sharing in cloud-based health internet of things. IEICE Trans Inf Syst 99(8):1966–1973CrossRef

Wang Y, Du J, Cheng X, Liu Z, Lin K (2016c) Degradation and encryption for outsourced png images in cloud storage. Int J Grid Util Comput 7(1):22–28CrossRef

Xiong J, Li F, Ma J, Liu X, Yao Z, Chen P (2015) A full lifecycle privacy protection scheme for sensitive data in cloud computing. Peer-to-peer Netw Appl 8(6):1025–1037CrossRef

Xiong J, Zhang Y, Li L, Shen J, Li X, Lin M (2017) ms-PoSW: A multi-server aided proof of shared ownership scheme for secure deduplication in cloud. Concurr Comput Pract Exp. https://doi.org/10.1002/cpe.4252

Yang K, Jia X (2013) An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans Parallel Distrib Syst 24(9):1717–1726CrossRef

Yu Y, Zhang Y, Ni J, Au M, Chen L, Liu H (2014) Remote data possession checking with enhanced security for cloud storage. Future Gener Comput Syst. https://doi.org/10.1016/j.future.2014.10.006

Yu Y, Au MH, Ateniese G, Huang X, Susilo W, Dai Y, Min G (2016a) Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage. IEEE Trans Inf Forensics Secur. https://doi.org/10.1109/TIFS.2016.2615853

Yu Y, Li Y, Ni J, Yang G, Mu Y, Susilo W (2016b) Comments on “public integrity auditing for dynamic data sharing with multi-user modification”. IEEE Trans Inf Forensics Secur 11(3):658–659CrossRef

Yuan J, Yu S (2013) Proofs of retrievability with public verifiability and constant communication cost in cloud. In: Proceedings of the 2013 international workshop on security in cloud computing, cloud computing, pp 19–26

Yuan J, Yu S (2014) Efficient public integrity checking for cloud data sharing with multi-user modification. In: Proceedings of the 33rd conference on information communications (INFOCOM 14) IEEE Press, pp 2121–2129

Yuan J, Yu S (2015a) Pcpor: Public and constant-cost proofs of retrievability in cloud. J Comput Secur 23:403–425CrossRef

Yuan J, Yu S (2015b) Public integrity auditing for dynamic data sharing with multi-user modification. IEEE Trans Inf Forensics Secur 10(8):1717–1726CrossRef

Zheng Q, Xu S (2011) Secure and efficient proof of storage with deduplication. Cryptology ePrint Archive, Report 2011/529. http://eprint.iacr.org/2011/529

Zhu S, Yang X (2015) Protecting data in cloud environment with attribute-based encryption. Int J Grid Util Comput 6(2):91–97CrossRef

Zhu Y, Hu H, Ahn G, Yu M (2012) Cooperative provable data possession for integrity verification in multi cloud storage. IEEE Trans Parallel Distrib Syst 23(12):2231–2244CrossRef

Title: Improved secure fuzzy auditing protocol for cloud data storage
Authors: Jindan Zhang
Baocang Wang
Debiao He
Xu An Wang
Publication date: 05-01-2018
Publisher: Springer Berlin Heidelberg
Published in: Soft Computing / Issue 10/2019
Print ISSN: 1432-7643
Electronic ISSN: 1433-7479
DOI: https://doi.org/10.1007/s00500-017-3000-1

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Other articles of this Issue 10/2019

Supplier’s strategy: align with the dominant entrant retailer or the vulnerable incumbent retailer?

iMOPSE: a library for bicriteria optimization in Multi-Skill Resource-Constrained Project Scheduling Problem

-filters and prime -filter spaces in residuated lattices

A fuzzy genetic approach for velocity estimation in wind-tunnel

Adaptive differential evolution with multi-population-based mutation operators for constrained optimization

Finding suitable membership functions for fuzzy temporal mining problems using fuzzy temporal bees method

Premium Partner