Dynamic Outsourced Proofs of Retrievability Enabling Auditing Migration for Remote Storage Security

Remote data auditing service is important for mobile clients to guarantee the intactness of their outsourced data stored at cloud side. To relieve mobile client from the nonnegligible burden incurred by performing the frequent data auditing, more and more literatures propose that the execution of such data auditing should be migrated from mobile client to third-party auditor (TPA). However, existing public auditing schemes always assume that TPA is reliable, which is the potential risk for outsourced data security. Although Outsourced Proofs of Retrievability (OPOR) have been proposed to further protect against the malicious TPA and collusion among any two entities, the original OPOR scheme applies only to the static data, which is the limitation that should be solved for enabling data dynamics. In this paper, we design a novel authenticated data structure called bv23Tree, which enables client to batch-verify the indices and values of any number of appointed leaves all at once for efficiency. By utilizing bv23Tree and a hierarchical storage structure, we present the first solution for Dynamic OPOR (DOPOR), which extends the OPOR model to support dynamic updates of the outsourced data. Extensive security and performance analyses show the reliability and effectiveness of our proposed scheme.

Download Full-text

An effective, secure and efficient tagging method for integrity protection of outsourced data in a public cloud storage

PLoS ONE ◽

10.1371/journal.pone.0241236 ◽

2020 ◽

Vol 15 (11) ◽

pp. e0241236 ◽

Cited By ~ 1

Author(s):

Reem ALmarwani ◽

Ning Zhang ◽

James Garside

Keyword(s):

Cloud Storage ◽

Security Analysis ◽

Third Party ◽

Public Cloud ◽

Data Confidentiality ◽

Public And Private ◽

Outsourced Data ◽

Integrity Protection ◽

And Performance ◽

Constrained Devices

Data Integrity Auditing (DIA) is a security service for checking the integrity of data stored in a PCS (Public Cloud Storage), a third-party based storage service. A DIA service is provided by using integrity tags (hereafter referred to tags). This paper proposes a novel tagging method, called Tagging of Outsourced Data (TOD), for generating and verifying tags of files. TOD has a number of unique properties: (i) it supports both public and private verifiability, and achieves this property with a low level of overhead at the user end, making it particularly attractive to mobile users with resource-constrained devices, (ii) it protects data confidentiality, supports dynamic tags and is resilient against tag forgery and tag tampering (i.e. by authorised insiders) at the same time in more secure and efficient, making the method more suited to the PCS environment, (iii) it supports tags deduplication, making it more efficient, particularly for the user who has many files with data redundancy. Comprehensive security analysis and performance evaluation have been conducted to demonstrate the efficacy and efficiency of the approach taken in the design.

Download Full-text

PMAB: A Public Mutual Audit Blockchain for Outsourced Data in Cloud Storage

Security and Communication Networks ◽

10.1155/2021/9993855 ◽

2021 ◽

Vol 2021 ◽

pp. 1-11

Author(s):

Hanzhe Yang ◽

Ruidan Su ◽

Pei Huang ◽

Yuhan Bai ◽

Kai Fan ◽

...

Keyword(s):

Cloud Storage ◽

Service Providers ◽

Low Cost ◽

Cloud Service ◽

Third Party ◽

Rigorous Analysis ◽

Security Issues ◽

Outsourced Data ◽

Audit Data ◽

And Performance

With the rapid growth of data, limited by the storage capacity, more and more IoT applications choose to outsource data to Cloud Service Providers (CSPs). But, in such scenarios, outsourced data in cloud storage can be easily corrupted and difficult to be found in time, which brings about potential security issues. Thus, Provable Data Possession (PDP) protocol has been extensively researched due to its capability of supporting efficient audit for outsourced data in cloud. However, most PDP schemes require the Third-Party Auditor (TPA) to audit data for Data Owners (DOs), which requires the TPA to be trustworthy and fair. To eliminate the TPA, we present a Public Mutual Audit Blockchain (PMAB) for outsourced data in cloud storage. We first propose an audit chain architecture based on Ouroboros and an incentive mechanism based on credit to allow CSPs to audit each other mutually with anticollusion (any CSP is not willing to help other CSPs conceal data problems). Then, we design an audit protocol to achieve public audit efficiently with low cost of audit verification. Rigorous analysis explains the security of PMAB using game theory, and performance analysis shows the efficiency of PMAB using the real-world dataset.

Download Full-text

Attribute-Based User Revocable Data Integrity Audit for Internet-of-Things Devices in Cloud Storage

Security and Communication Networks ◽

10.1155/2020/8837456 ◽

2020 ◽

Vol 2020 ◽

pp. 1-10

Author(s):

Yaowei Wang ◽

Chen Chen ◽

Zhenwei Chen ◽

Jiangyong He

Keyword(s):

Internet Of Things ◽

Cloud Storage ◽

Security Analysis ◽

Data Integrity ◽

Third Party ◽

Iot Devices ◽

And Performance ◽

Data Auditing ◽

Cloud Storage Environment ◽

Access To Data

Mobile crowdsensing (MCS) is a sensing paradigm exploiting the capabilities of mobile devices (Internet-of-Things devices, smartphones, etc.) to gather large volume of data. MCS has been widely used in cloud storage environment. However, MCS often faces the challenge of data integrity and user revocation issues. To solve these challenges, this paper uses attribute-based revocable signature mechanisms to construct a data integrity auditing scheme for IoT devices in the cloud storage environment. Users use attribute private keys to generate attribute signatures, and limit the user’s permission to use shared data through access policy control. Only when the user attribute is included in the global attribute set, and the attribute threshold is not less than the specified number, the user can use the attribute key for the data to generate a valid signature that can be authenticated under the control of the signature strategy. At the same time, the group manager (GM) can send secret information to a third-party auditor (TPA) to track the creator of the signature, to withdraw the user’s access to data when the business changes, and realize the safe revocation of user group membership. Formal security analysis and experimental results show that the proposed data-auditing solution is suitable for IoT devices in the cloud storage environment with respect to security and performance.

Download Full-text

Provable Data Possession (PDP) and Proofs of Retrievability (POR) of Current Big User Data

SN Computer Science ◽

10.1007/s42979-021-00968-z ◽

2021 ◽

Vol 3 (1) ◽

Author(s):

Ieuan Walker ◽

Chaminda Hewage ◽

Ambikesh Jayal

Keyword(s):

Conceptual Framework ◽

Data Storage ◽

Third Party ◽

Privacy And Security ◽

Provable Data Possession ◽

Security Issues ◽

Outsourced Data ◽

Storage Solutions ◽

User Data ◽

Proofs Of Retrievability

AbstractA growing trend over the last few years is storage outsourcing, where the concept of third-party data warehousing has become more popular. This trend prompts several interesting privacy and security issues. One of the biggest concerns with third-party data storage providers is accountability. This article, critically reviews two schemas/algorithms that allow users to check the integrity and availability of their outsourced data on untrusted data stores (i.e., third-party data storages). The reviewed schemas are provable data possession (PDP) and proofs of retrievability (POR). Both are cryptographic protocols designed to provide clients the assurance that their data are secure on the untrusted data storages. Furthermore, a conceptual framework is proposed to mitigate the weaknesses of the current storage solutions.

Download Full-text

Co-Check: Collaborative Outsourced Data Auditing in Multicloud Environment

Security and Communication Networks ◽

10.1155/2017/2948025 ◽

2017 ◽

Vol 2017 ◽

pp. 1-13 ◽

Cited By ~ 3

Author(s):

Jian Mao ◽

Wenqian Tian ◽

Yan Zhang ◽

Jian Cui ◽

Hanjun Ma ◽

...

Keyword(s):

Communication Networks ◽

Resource Sharing ◽

Cloud Storage ◽

Low Cost ◽

Data Outsourcing ◽

Daily Lives ◽

Outsourced Data ◽

Low Performance ◽

Increasing Demand ◽

Data Auditing

With the increasing demand for ubiquitous connectivity, wireless technology has significantly improved our daily lives. Meanwhile, together with cloud-computing technology (e.g., cloud storage services and big data processing), new wireless networking technology becomes the foundation infrastructure of emerging communication networks. Particularly, cloud storage has been widely used in services, such as data outsourcing and resource sharing, among the heterogeneous wireless environments because of its convenience, low cost, and flexibility. However, users/clients lose the physical control of their data after outsourcing. Consequently, ensuring the integrity of the outsourced data becomes an important security requirement of cloud storage applications. In this paper, we present Co-Check, a collaborative multicloud data integrity audition scheme, which is based on BLS (Boneh-Lynn-Shacham) signature and homomorphic tags. According to the proposed scheme, clients can audit their outsourced data in a one-round challenge-response interaction with low performance overhead. Our scheme also supports dynamic data maintenance. The theoretical analysis and experiment results illustrate that our scheme is provably secure and efficient.

Download Full-text

Design and Analysis of a Scalable Third-Party Storage Security Protocol

2008 International Conference on Networking, Architecture, and Storage ◽

10.1109/nas.2008.11 ◽

2008 ◽

Cited By ~ 1

Author(s):

Huang Jianzhong ◽

Xie Changsheng ◽

Zhong Haifeng

Keyword(s):

Security Protocol ◽

Third Party ◽

Storage Security

Download Full-text

IDA-Pay: a secure and efficient micro-payment system based on Peer-to-Peer NFC technology for Android mobile devices

Journal of Communications Software and Systems ◽

10.24138/jcomss.v8i4.166 ◽

2012 ◽

Vol 8 (4) ◽

pp. 117 ◽

Cited By ~ 12

Author(s):

Luca Mainetti ◽

Luigi Patrono ◽

Roberto Vergallo

Keyword(s):

Mobile Devices ◽

Near Field ◽

Operating Mode ◽

Peer To Peer ◽

Payment System ◽

Third Party ◽

Payment Systems ◽

Shopping Experience ◽

And Performance ◽

System Effectiveness

The evolution of modern mobile devices towards novel Radio Frequency (RF) capabilities, such as Near Field Communication, leads to a potential for delivering innovative mobile services, which is still partially unexplored. Mobile proximity payment systems are going to enhance the daily shopping experience, but the access to payment security resources of a mobile device (e.g. the “Secure Element”) by third party applications is still blocked by smartphone and Operating System manufacturers. In this paper, the IDA-Pay system is presented, an innovative and secure NFC micro-payment system based on Peer-to-Peer NFC operating mode for Android mobile phones. It allows to deliver mobile-to-POS micro-payment services, bypassing the need for special hardware. A validation scenario and a system evaluation are also reported to demonstrate the system effectiveness and performance.

Download Full-text

Enhancing Big Data Auditing

Computer and Information Science ◽

10.5539/cis.v11n1p90 ◽

2018 ◽

Vol 11 (1) ◽

pp. 90

Author(s):

Sara Alomari ◽

Mona Alghamdi ◽

Fahd S. Alotaibi

Keyword(s):

Big Data ◽

Research Area ◽

Provable Data Possession ◽

Integrity Verification ◽

The Core ◽

Outsourced Data ◽

Active Research ◽

Data Auditing ◽

Active Research Area ◽

Proof Of Retrievability

The auditing services of the outsourced data, especially big data, have been an active research area recently. Many schemes of remotely data auditing (RDA) have been proposed. Both categories of RDA, which are Provable Data Possession (PDP) and Proof of Retrievability (PoR), mostly represent the core schemes for most researchers to derive new schemes that support additional capabilities such as batch and dynamic auditing. In this paper, we choose the most popular PDP schemes to be investigated due to the existence of many PDP techniques which are further improved to achieve efficient integrity verification. We firstly review the work of literature to form the required knowledge about the auditing services and related schemes. Secondly, we specify a methodology to be adhered to attain the research goals. Then, we define each selected PDP scheme and the auditing properties to be used to compare between the chosen schemes. Therefore, we decide, if possible, which scheme is optimal in handling big data auditing.

Download Full-text

Remote Data Possession Checking Scheme with Supporting Efficient Group User Authority Management for Shared Cloud Data

10.21203/rs.3.rs-884701/v1 ◽

2021 ◽

Author(s):

Yilin Yuan ◽

Jianbiao Zhang ◽

Wanshan Xu ◽

Xiao Wang ◽

Yanhui Liu

Keyword(s):

Security Analysis ◽

Public Auditing ◽

Cloud Data ◽

The Public ◽

Shared Data ◽

Identity Based ◽

And Performance ◽

Data Auditing ◽

Data Checking ◽

Remote Data

Abstract Under the shared big data environment, most of the existing data auditing schemes rarely consider the authorization management of group users. Meanwhile, how to deal with the shared data integrity is a problem that needs to be pondered. Thus, in this paper, we propose a novel remote data checking possession scheme which achieves group authority management while completing the public auditing. To perform authority management work, we introduce a trusted entity – group manager. We formalize a new algebraic structure operator named authorization invisible authenticator (AIA). Meanwhile, we provide two versions of AIA scheme: basic AIA scheme and standard AIA scheme. The standard AIA scheme is constructed based on the basic AIA scheme and user information table (UIT), with advanced security and wider applicable scenarios. By virtue of standard AIA scheme, the group manager can perfectly and easily carry out authority management, including enrolling, revoking, updating. On the basis of the above, we further design a public auditing scheme for non-revoked users’ shared data. The scheme is based on identity-based encryption (IBE), which greatly reduce the necessary certificate management cost. Furthermore, the detailed security analysis and performance evaluation demonstrate that the scheme is safe and feasible.

Download Full-text

A Safe and Resilient Cryptographic System for Dynamic Cloud Groups with Secure Data Sharing and Efficient User Revocation

Turkish Journal of Computer and Mathematics Education (TURCOMAT) ◽

10.17762/turcomat.v12i3.2144 ◽

2021 ◽

Vol 12 (3) ◽

pp. 5164-5175

Author(s):

Prerna Agarwal Et. al.

Keyword(s):

Data Sharing ◽

Service Providers ◽

Cloud Service ◽

Data File ◽

Third Party ◽

Outsourced Data ◽

User Revocation ◽

Cryptographic System ◽

Daunting Challenge ◽

Cloud Users

A comprehensive and functional approach is built in cloud computing, which can be used by cloud users to exchange information. Cloud service providers (CSPs) can transfer through server services through powerful data centres to cloud users. Data is protected through authentication of cloud users and CSPs can have outsourced data file sharing security assurance. The continuing change in cloud users, especially unauthenticated users or third parties poses a critical problem in ensuring privacy in data sharing. The multifunctional exchange of information while protecting information and personal protection from unauthorized or other third-party users remains a daunting challenge

Download Full-text