Integrity Verification for Multiple Data Copies in Cloud Storage Based on Spatiotemporal Chaos

Aiming to strike for a balance between the security, efficiency and availability of the data verification in cloud storage, a novel integrity verification scheme based on spatiotemporal chaos is proposed for multiple data copies. Spatiotemporal chaos is implemented for node calculation of the binary tree, and the location of the data in the cloud is verified. Meanwhile, dynamic operation can be made to the data. Furthermore, blind information is used to prevent a third-party auditor (TPA) leakage of the users’ data privacy in a public auditing process. Performance analysis and discussion indicate that it is secure and efficient, and it supports dynamic operation and the integrity verification of multiple copies of data. It has a great potential to be implemented in cloud storage services.

Download Full-text

Public Data Integrity Verification Scheme for Secure Cloud Storage

Information ◽

10.3390/info11090409 ◽

2020 ◽

Vol 11 (9) ◽

pp. 409

Author(s):

Yuan Ping ◽

Yu Zhan ◽

Ke Lu ◽

Baocang Wang

Keyword(s):

Cloud Storage ◽

Data Privacy ◽

Data Integrity ◽

Third Party ◽

Divide And Conquer ◽

Data Outsourcing ◽

Verification Scheme ◽

Integrity Verification ◽

Outsourced Data ◽

Public Data

Although cloud storage provides convenient data outsourcing services, an untrusted cloud server frequently threatens the integrity and security of the outsourced data. Therefore, it is extremely urgent to design security schemes allowing the users to check the integrity of data with acceptable computational and communication overheads. In this paper, we first propose a public data integrity verification scheme based on the algebraic signature and elliptic curve cryptography. This scheme not only allows the third party authority deputize for users to verify the outsourced data integrity, but also resists malicious attacks such as replay attacks, replacing attack and forgery attacks. Data privacy is guaranteed by symmetric encryption. Furthermore, we construct a novel data structure named divide and conquer hash list, which can efficiently perform data updating operations, such as deletion, insertion, and modification. Compared with the relevant schemes in the literature, security analysis and performance evaluations show that the proposed scheme gains some advantages in integrity verification and dynamic updating.

Download Full-text

Analysis of Data Security Technology under Cloud

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.687-691.2913 ◽

2014 ◽

Vol 687-691 ◽

pp. 2913-2916

Author(s):

Xiao Kun

Keyword(s):

Data Security ◽

Cloud Storage ◽

Security Threats ◽

Static Characteristics ◽

Dynamic Nature ◽

Security Technology ◽

Integrity Verification ◽

Protection Mechanisms ◽

User Data ◽

Cloud Storage Services

For the data security threats caused by out sourcing model and shared vulnerability, and base on user data in static characteristics of cloud storage services and the dynamic nature of cloud computing, it requires to propose corresponding data security protection mechanisms, in addition, in order to make the mechanism work normally, we propose a program which can be trusted and can be garnered and user can test, offer the recoverability of data and the integrity verification of data and the accountability leak of data.

Download Full-text

Dynamic Provable Data Possession of Multiple Copies in Cloud Storage Based on Full-Node of AVL Tree

International Journal of Digital Crime and Forensics ◽

10.4018/ijdcf.2019010110 ◽

2019 ◽

Vol 11 (1) ◽

pp. 126-137 ◽

Cited By ~ 2

Author(s):

Min Long ◽

You Li ◽

Fei Peng

Keyword(s):

Cloud Storage ◽

High Efficiency ◽

Chaotic Map ◽

Data Block ◽

Search Efficiency ◽

Provable Data Possession ◽

Multiple Data ◽

Multiple Copies ◽

Simulation Results ◽

Avl Tree

This article describes how to protect the security of cloud storage, a provable data possession scheme based on full-nodes of an AVL tree for multiple data copies in cloud storage. In the proposed scheme, a Henon chaotic map is first implemented for the node calculation of the AVL tree, and then the location of the data in the cloud is verified by AVL tree. As an AVL tree can keep the balance even with multiple dynamic operations made on the data in the cloud, it can improve the search efficiency of the data block, and reduce the length of the authentication path. Simulation results and analysis confirm that it can achieve good security and high efficiency.

Download Full-text

Integrity Verification for Cloud Storage

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.687-691.3015 ◽

2014 ◽

Vol 687-691 ◽

pp. 3015-3018

Author(s):

Zhi Yi Shao ◽

Bo Yang

Keyword(s):

Cloud Computing ◽

Cloud Storage ◽

Third Party ◽

Integrity Verification ◽

The Third ◽

The Third Party

In cloud computing, customers outsource their data to the cloud storage, as they no long physically possess the data, how to perform the integrity verification becomes more difficult. Our protocol follows Shacham and Waters’s ideas (2013). We solve the problem of customer’s privacy against both the cloud and the third-party verifier and formally prove that the complex bilinear operations can be removed under the customer’s help. Every step of our improvements is based on rigorous proofs.

Download Full-text

Attributes Based Storage System for Secure De-Duplication of Encrypt Data in Cloud

Journal of Computational and Theoretical Nanoscience ◽

10.1166/jctn.2020.8470 ◽

2020 ◽

Vol 17 (4) ◽

pp. 1937-1942

Author(s):

S. Sivasankari ◽

V. Lavanya ◽

G. Saranya ◽

S. Lavanya

Keyword(s):

Cloud Storage ◽

Storage System ◽

Third Party ◽

Encrypted Data ◽

Storage Cost ◽

Multiple Data ◽

Outsourced Data ◽

Data Owner ◽

Encrypt Data ◽

Cloud Server

These days, Cloud storage is gaining importance among individual and institutional users. Individual and foundations looks for cloud server as a capacity medium to diminish their capacity load under nearby devices. In such storage services, it is necessary to avoid duplicate content/repetitive storage of same data to be avoided. By reducing the duplicate content in cloud storage reduces storage cost. De-duplication is necessary when multiple data owner outsource the same data, issues related to security and ownership to be considered. As the cloud server is always considered to be non trusted, as it is maintained by third party, thus the data stored in cloud is always encrypted and uploaded, thus randomization property of encryption affects de-duplication. It is necessary to propose a serverside de-duplication scheme for handling encrypted data. The proposed scheme allows the cloud server to control access to outsourced data even when the ownership changes dynamically.

Download Full-text

Accountable CP-ABE with Public Verifiability: How to Effectively Protect the Outsourced Data in Cloud

International Journal of Foundations of Computer Science ◽

10.1142/s0129054117400147 ◽

2017 ◽

Vol 28 (06) ◽

pp. 705-723

Author(s):

Gang Yu ◽

Xiaoxiao Ma ◽

Zhenfu Cao ◽

Guang Zeng ◽

Wenbao Han

Keyword(s):

Cloud Storage ◽

Third Party ◽

Access Structures ◽

Public Verifiability ◽

Attribute Based Encryption ◽

Outsourced Data ◽

Identity Based ◽

Commercial Applications ◽

Ciphertext Policy ◽

Cloud Storage Services

Ciphertext-policy attribute-based encryption, denoted by CP-ABE, extends identity based encryption by taking a set of attributes as users’ public key which enables scalable access control over outsourced data in cloud storage services. However, a decryption key corresponding to an attribute set may be owned by multiple users. Then, malicious users are subjectively willing to share their decryption keys for profits. In addition, the authority who issues decryption keys in CP-ABE system is able to generate arbitrary decryption key for any (including unauthorized) user. Key abuses of both malicious users and the authority have been regarded as one of the major obstacles to deploy CP-ABE system in real-world commercial applications. In this paper, we try to solve these two kinds of key abuses in CP-ABE system, and propose two accountable CP-ABE schemes supporting any LSSS realizable access structures. Two proposed accountable CP-ABE schemes allow any third party (with the help of authorities if necessary) to publicly verify the identity of an exposed decryption key, allow an auditor to publicly audit whether a malicious user or authorities should be responsible for an exposed decryption key, and the key abuser can’t deny it. At last, we prove the two schemes can achieve publicly verifiable traceability and accountability.

Download Full-text

Privacy-Preserving Outsourced Auditing Scheme for Dynamic Data Storage in Cloud

Security and Communication Networks ◽

10.1155/2017/4603237 ◽

2017 ◽

Vol 2017 ◽

pp. 1-17 ◽

Cited By ~ 5

Author(s):

Tengfei Tu ◽

Lu Rao ◽

Hua Zhang ◽

Qiaoyan Wen ◽

Jia Xiao

Keyword(s):

Data Storage ◽

Cloud Storage ◽

Data Privacy ◽

Computational Cost ◽

Security Analysis ◽

Data Encryption ◽

Third Party ◽

User Data ◽

Data Auditing ◽

User Focus

As information technology develops, cloud storage has been widely accepted for keeping volumes of data. Remote data auditing scheme enables cloud user to confirm the integrity of her outsourced file via the auditing against cloud storage, without downloading the file from cloud. In view of the significant computational cost caused by the auditing process, outsourced auditing model is proposed to make user outsource the heavy auditing task to third party auditor (TPA). Although the first outsourced auditing scheme can protect against the malicious TPA, this scheme enables TPA to have read access right over user’s outsourced data, which is a potential risk for user data privacy. In this paper, we introduce the notion of User Focus for outsourced auditing, which emphasizes the idea that lets user dominate her own data. Based on User Focus, our proposed scheme not only can prevent user’s data from leaking to TPA without depending on data encryption but also can avoid the use of additional independent random source that is very difficult to meet in practice. We also describe how to make our scheme support dynamic updates. According to the security analysis and experimental evaluations, our proposed scheme is provably secure and significantly efficient.

Download Full-text

Research on Data Security Audit in Cloud Computing for Big Data Environment

CONVERTER ◽

10.17762/converter.243 ◽

2021 ◽

pp. 659-668

Author(s):

Li Shuanbao

Keyword(s):

Cloud Computing ◽

Data Security ◽

Cloud Storage ◽

Data Privacy ◽

Data Encryption ◽

Third Party ◽

Certification Authority ◽

Data Types ◽

The Impact ◽

Data Audit

The modernization of industrial industry cannot be separated from the development of big data.In order to meet this challenge, cloud data integrity audit has been proposed in recent years and received extensive attention. Based on the in-depth study of the impact of different cloud storage data types on the audit scheme, this paper proposes an audit scheme based on Dynamic Hash table.Based on this, this paper explores a variety of cloud storage audit algorithms for different data types to deal with different security challenges.Facing a series of data security problems brought by cloud computing, this paper analyzes the concept, working principle and characteristics of cloud computing, and discusses the data security risks brought by cloud computing from four aspects. At the same time, this paper elaborates the data security strategy from five aspects: data transmission, data privacy, data isolation, data residue and data audit. In this paper, we propose to adopt end-to-end data encryption technology, build private cloud or hybrid cloud, share table architecture, destroy encrypted data related media, and introduce third-party certification authority for data audit.

Download Full-text

Enabling Decentralized and Dynamic Data Integrity Verification for Secure Cloud Storage via T-Merkle Hash Tree Based Blockchain

Mobile Information Systems ◽

10.1155/2021/9977744 ◽

2021 ◽

Vol 2021 ◽

pp. 1-17

Author(s):

Kai He ◽

Chunxiao Huang ◽

Jiaoli Shi ◽

Xinrong Hu ◽

Xiying Fan

Keyword(s):

Cloud Storage ◽

Large Scale ◽

Data Integrity ◽

Third Party ◽

Prototype System ◽

Dynamic Data ◽

Verification Method ◽

Integrity Verification ◽

Dynamic Update ◽

Merkle Hash Tree

Cloud storage provides elastic storage services for enterprises and individuals remotely. However, security problems such as data integrity are becoming a major obstacle. Recently, blockchain-based verification approaches have been extensively studied to get rid of a centralized third-party auditor. Most of these schemes suffer from poor scalability and low search efficiency and even fail to support data dynamic update operations on blockchain, which limits their large-scale and practical applications. In this work, we propose a blockchain-based dynamic data integrity verification scheme for cloud storage with T-Merkle hash tree. A decentralized scheme is proposed to eliminate the restrictions of previous centralized schemes. The data tags are generated by the technique of ZSS short signature and stored on blockchain. An improved verification method is designed to check the integrity of cloud data by transferring computation from a verifier to cloud server and blockchain. Furthermore, a storage structure called T-Merkle hash tree which is built based on T-tree and Merkle hash tree is designed to improve storage utilization of blockchain and support binary search on chain. Moreover, we achieve efficient and secure dynamic update operations on blockchain by an append-only manner. Besides, we extend our scheme to support batch verification to handle massive tasks simultaneously; thus, the efficiency is improved and communication cost is reduced. Finally, we implemented a prototype system based on Hyperledger Fabric to validate our scheme. Security analysis and performance studies show that the proposed scheme is secure and efficient.

Download Full-text

A New Hybrid Automated Security Framework to Cloud Storage System

Cryptography ◽

10.3390/cryptography5040037 ◽

2021 ◽

Vol 5 (4) ◽

pp. 37

Author(s):

Noha E. El-Attar ◽

Doaa S. El-Morshedy ◽

Wael A. Awad

Keyword(s):

Data Storage ◽

Cloud Storage ◽

Data Privacy ◽

High Performance ◽

Storage System ◽

Third Party ◽

File Size ◽

Cloud Data ◽

Security Issues ◽

User Data

The need for cloud storage grows day after day due to its reliable and scalable nature. The storage and maintenance of user data at a remote location are severe issues due to the difficulty of ensuring data privacy and confidentiality. Some security issues within current cloud systems are managed by a cloud third party (CTP), who may turn into an untrustworthy insider part. This paper presents an automated Encryption/Decryption System for Cloud Data Storage (AEDS) based on hybrid cryptography algorithms to improve data security and ensure confidentiality without interference from CTP. Three encryption approaches are implemented to achieve high performance and efficiency: Automated Sequential Cryptography (ASC), Automated Random Cryptography (ARC), and Improved Automated Random Cryptography (IARC) for data blocks. In the IARC approach, we have presented a novel encryption strategy by converting the static S-box in the AES algorithm to a dynamic S-box. Furthermore, the algorithms RSA and Twofish are used to encrypt the generated keys to enhance privacy issues. We have evaluated our approaches with other existing symmetrical key algorithms such as DES, 3DES, and RC2. Although the two proposed ARC and ASC approaches are more complicated, they take less time than DES, DES3, and RC2 in processing the data and obtaining better performance in data throughput and confidentiality. ARC outperformed all of the other algorithms in the comparison. The ARC’s encrypting process has saved time compared with other algorithms, where its encryption time has been recorded as 22.58 s for a 500 MB file size, while the DES, 3DES, and RC2 have completed the encryption process in 44.43, 135.65, and 66.91 s, respectively, for the same file size. Nevertheless, when the file sizes increased to 2.2 GB, the ASC proved its efficiency in completing the encryption process in less time.

Download Full-text