Remote Data Possession Checking Scheme with Supporting Efficient Group User Authority Management for Shared Cloud Data

Abstract Under the shared big data environment, most of the existing data auditing schemes rarely consider the authorization management of group users. Meanwhile, how to deal with the shared data integrity is a problem that needs to be pondered. Thus, in this paper, we propose a novel remote data checking possession scheme which achieves group authority management while completing the public auditing. To perform authority management work, we introduce a trusted entity – group manager. We formalize a new algebraic structure operator named authorization invisible authenticator (AIA). Meanwhile, we provide two versions of AIA scheme: basic AIA scheme and standard AIA scheme. The standard AIA scheme is constructed based on the basic AIA scheme and user information table (UIT), with advanced security and wider applicable scenarios. By virtue of standard AIA scheme, the group manager can perfectly and easily carry out authority management, including enrolling, revoking, updating. On the basis of the above, we further design a public auditing scheme for non-revoked users’ shared data. The scheme is based on identity-based encryption (IBE), which greatly reduce the necessary certificate management cost. Furthermore, the detailed security analysis and performance evaluation demonstrate that the scheme is safe and feasible.

Download Full-text

Adjacency-Hash-Table Based Public Auditing for Data Integrity in Mobile Cloud Computing

Wireless Communications and Mobile Computing ◽

10.1155/2018/3471312 ◽

2018 ◽

Vol 2018 ◽

pp. 1-12

Author(s):

Wenqi Chen ◽

Hui Tian ◽

Chin-Chen Chang ◽

Fulin Nan ◽

Jing Lu

Keyword(s):

Cloud Computing ◽

High Speed ◽

Security Analysis ◽

Hash Table ◽

The State ◽

Public Auditing ◽

The Arts ◽

High Speed Data ◽

And Performance ◽

Data Updating

Cloud storage, one of the core services of cloud computing, provides an effective way to solve the problems of storage and management caused by high-speed data growth. Thus, a growing number of organizations and individuals tend to store their data in the cloud. However, due to the separation of data ownership and management, it is difficult for users to check the integrity of data in the traditional way. Therefore, many researchers focus on developing several protocols, which can remotely check the integrity of data in the cloud. In this paper, we propose a novel public auditing protocol based on the adjacency-hash table, where dynamic auditing and data updating are more efficient than those of the state of the arts. Moreover, with such an authentication structure, computation and communication costs can be reduced effectively. The security analysis and performance evaluation based on comprehensive experiments demonstrate that our protocol can achieve all the desired properties and outperform the state-of-the-art ones in computing overheads for updating and verification.

Download Full-text

Adaptive Secure Cross-Cloud Data Collaboration with Identity-Based Cryptography and Conditional Proxy Re-Encryption

Security and Communication Networks ◽

10.1155/2018/8932325 ◽

2018 ◽

Vol 2018 ◽

pp. 1-12 ◽

Cited By ~ 3

Author(s):

Qinlong Huang ◽

Yue He ◽

Wei Yue ◽

Yixian Yang

Keyword(s):

Service Providers ◽

Cloud Service ◽

Security And Privacy ◽

Broadcast Encryption ◽

Cloud Data ◽

Identity Based ◽

Identity Based Cryptography ◽

And Performance ◽

Cryptographic Techniques ◽

Data Collaboration

Data collaboration in cloud computing is more and more popular nowadays, and proxy deployment schemes are employed to realize cross-cloud data collaboration. However, data security and privacy are the most serious issues that would raise great concerns from users when they adopt cloud systems to handle data collaboration. Different cryptographic techniques are deployed in different cloud service providers, which makes cross-cloud data collaboration to be a deeper challenge. In this paper, we propose an adaptive secure cross-cloud data collaboration scheme with identity-based cryptography (IBC) and proxy re-encryption (PRE) techniques. We first present a secure cross-cloud data collaboration framework, which protects data confidentiality with IBC technique and transfers the collaborated data in an encrypted form by deploying a proxy close to the clouds. We then provide an adaptive conditional PRE protocol with the designed full identity-based broadcast conditional PRE algorithm, which can achieve flexible and conditional data re-encryption among ciphertexts encrypted in identity-based encryption manner and ciphertexts encrypted in identity-based broadcast encryption manner. The extensive analysis and experimental evaluations demonstrate the well security and performance of our scheme, which meets the secure data collaboration requirements in cross-cloud scenarios.

Download Full-text

Security Analysis and Improvements on a Remote Integrity Checking Scheme for Regenerating-Coding-Based Distributed Storage

Security and Communication Networks ◽

10.1155/2021/6652606 ◽

2021 ◽

Vol 2021 ◽

pp. 1-8

Author(s):

Guangjun Liu ◽

Wangmei Guo ◽

Ximeng Liu ◽

Jinbo Xiong

Keyword(s):

Distributed Storage ◽

Security Analysis ◽

Data Integrity ◽

Integrity Checking ◽

Cloud Server ◽

Data Integrity Checking ◽

Checking Scheme ◽

Data Auditing ◽

Distributed Cloud ◽

Remote Data

Enabling remote data integrity checking with failure recovery becomes exceedingly critical in distributed cloud systems. With the properties of a lower repair bandwidth while preserving fault tolerance, regenerating coding and network coding (NC) have received much attention in the coding-based storage field. Recently, an outstanding outsourced auditing scheme named NC-Audit was proposed for regenerating-coding-based distributed storage. The scheme claimed that it can effectively achieve lightweight privacy-preserving data verification remotely for these networked distributed systems. However, our algebraic analysis shows that NC-Audit can be easily broken due to a potential defect existing in its schematic design. That is, an adversarial cloud server can forge some illegal blocks to cheat the auditor with a high probability when the coding field is large. From the perspective of algebraic security, we propose a remote data integrity checking scheme RNC-Audit by resorting to hiding partial critical information to the server without compromising system performance. Our evaluation shows that the proposed scheme has significantly lower overhead compared to the state-of-the-art schemes for distributed remote data auditing.

Download Full-text

A Lightweight Identity-Based Remote Data Auditing Scheme for Cloud Storage

IEEE Access ◽

10.1109/access.2020.3037696 ◽

2020 ◽

Vol 8 ◽

pp. 206396-206405

Author(s):

Lunzhi Deng ◽

Benjuan Yang ◽

Xiangbin Wang

Keyword(s):

Cloud Storage ◽

Identity Based ◽

Data Auditing ◽

Remote Data

Download Full-text

A New Delegation Provable Data Possession in Public Cloud Storage

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.644-650.2239 ◽

2014 ◽

Vol 644-650 ◽

pp. 2239-2244

Author(s):

Bin Li ◽

Chen Lei Cao ◽

Jian Yi Liu ◽

Jin Xia Wei

Keyword(s):

Performance Analysis ◽

Cloud Storage ◽

Security Analysis ◽

Data Integrity ◽

Public Cloud ◽

Provable Data Possession ◽

Integrity Verification ◽

And Performance ◽

Remote Data

Though Cloud storage has developed rapidly in recent years, there still exist some problems obviously. Provable Data Possession (PDP) is proposed to solve the problem of data integrity verification at untrusted cloud stores. This study built a new delegation Provable Data Possession (delegation-PDP), which solves problem when the client has no ability to check its remote data. We study the delegation-PDP and use proxy re-encryption to design it. Then we use the improved Elgamal-based algorithm to implement the scheme. Through security analysis and performance analysis, our protocol is provable secure and efficient.

Download Full-text

Identity-Based Signature Schemes for Multivariate Public Key Cryptosystems

The Computer Journal ◽

10.1093/comjnl/bxz013 ◽

2019 ◽

Vol 62 (8) ◽

pp. 1132-1147 ◽

Cited By ~ 2

Author(s):

Jiahui Chen ◽

Jie Ling ◽

Jianting Ning ◽

Jintai Ding

Keyword(s):

General Scheme ◽

Security Analysis ◽

Distribution Center ◽

Public Key ◽

Signature Schemes ◽

The Public ◽

Public Key Cryptosystems ◽

Unique Identity ◽

Identity Based ◽

Multivariate Public Key

Abstract In this paper, we proposed an idea to construct a general multivariate public key cryptographic (MPKC) scheme based on a user’s identity. In our construction, each user is distributed a unique identity by the key distribution center (KDC) and we use this key to generate user’s private keys. Thereafter, we use these private keys to produce the corresponding public key. This method can make key generating process easier so that the public key will reduce from dozens of Kilobyte to several bits. We then use our general scheme to construct practical identity-based signature schemes named ID-UOV and ID-Rainbow based on two well-known and promising MPKC signature schemes, respectively. Finally, we present the security analysis and give experiments for all of our proposed schemes and the baseline schemes. Comparison shows that our schemes are both efficient and practical.

Download Full-text

Persistent Cohesion with Advanced Ring Signatures for Shared Data in Cloud

International Journal for Research in Applied Science and Engineering Technology ◽

10.22214/ijraset.2021.38797 ◽

2021 ◽

Vol 9 (11) ◽

pp. 351-355

Author(s):

M. Shaheda Begum

Keyword(s):

Data Integrity ◽

Privacy Preserving ◽

Human Errors ◽

Public Auditing ◽

Cloud Data ◽

Software Failures ◽

Data Services ◽

Shared Data ◽

Ring Signatures ◽

Stored Information

Abstract: Motivated by the exponential growth and the huge success of cloud data services bring the cloud common place for data to be not only stored in the cloud, but also shared across multiple users. Our scheme also has the added feature of access control in which only valid users are able to decrypt the stored information. Unfortunately, the integrity of cloud data is subject to skepticism due to the existence of hardware/software failures and human errors. Several mechanisms have been designed to allow both data owners and public verifiers to efficiently audit cloud data integrity without retrieving the entire data from the cloud server. However, public auditing on the integrity of shared data with these existing mechanisms will inevitably reveal confidential information—identity privacy—to public verifiers. In this paper, we propose a novel privacy-preserving mechanism that supports public auditing on shared data stored in the cloud. In particular, we exploit ring signatures to compute verification metadata needed to audit the correctness of shared data. With our mechanism, the identity of the signer on each block in shared data is kept private from public verifiers, who are able to efficiently verify shared data integrity without retrieving the entire file. In addition, our mechanism is able to perform multiple auditing tasks simultaneously instead of verifying them one by one. Our experimental results demonstrate the effectiveness and efficiency of our mechanism when auditing shared data integrity. Keywords: Public auditing, privacy-preserving, shared data, cloud computing

Download Full-text

A Blockchain-Based Public Auditing Protocol with Self-Certified Public Keys for Cloud Data

Security and Communication Networks ◽

10.1155/2021/6623639 ◽

2021 ◽

Vol 2021 ◽

pp. 1-10

Author(s):

Hongtao Li ◽

Feng Guo ◽

Lili Wang ◽

Jie Wang ◽

Bo Wang ◽

...

Keyword(s):

Security Analysis ◽

Chain Structure ◽

Public Key ◽

Secret Key ◽

Public Auditing ◽

Cloud Data ◽

Blockchain Technology ◽

Storage Overhead ◽

Public Keys ◽

Operational Information

Cloud storage can provide a way to effectively store and manage big data. However, due to the separation of data ownership and management, it is difficult for users to check the integrity of data in a traditional way, which leads to the introduction of the auditing techniques. This paper proposes a public auditing protocol with a self-certified public key system using blockchain technology. The user's operational information and metadata information of the file are formed to a block after verified by the checked nodes and then to be put into the blockchain. The chain structure of the block ensures the security of auditing data source. The security analysis shows that attackers can neither derive user’s secret key nor derive users’ data from the collected auditing information in the presented scheme. Furthermore, it can effectively resist against not only the signature forging attacks but also the proof forging attacks. Compared with other public auditing schemes, our scheme based on the self-certified public key system has been improved in storage overhead, communication bandwidth, and verification efficiency.

Download Full-text

Genuine and Secure Identity-Based Public Audit for the Stored Data in Healthcare Cloud

Journal of Healthcare Engineering ◽

10.1155/2018/9638680 ◽

2018 ◽

Vol 2018 ◽

pp. 1-9 ◽

Cited By ~ 1

Author(s):

Jianhong Zhang ◽

Zhibin Sun ◽

Jian Mao

Keyword(s):

Experimental Testing ◽

Computational Cost ◽

Security Evaluation ◽

Communication Overhead ◽

Replay Attack ◽

Forgery Attack ◽

Public Auditing ◽

Identity Based ◽

Data Auditing ◽

Cloud Users

Cloud storage has attracted more and more concern since it permits cloud users to save and employ the corresponding outsourced files at arbitrary time, with arbitrary facility and from arbitrary place. To make sure data integrality, numerous public auditing constructions have been presented. However, existing constructions mainly have built on the PKI. In these constructions, to achieve data integrality, the auditor first must authenticate the legality of PKC, which leads to a great burden for the auditor. To eliminate the verification of time-consuming certificate, in this work, we present an efficient identity-based public auditing proposal. Our construction is an identity-based data auditing system in the true sense in that the algorithm to calculate authentication signature is an identity-based signature algorithm. By extensive security evaluation and experimental testing, the consequences demonstrate that our proposal is safe and effective; it can efficiently hold back forgery attack and replay attack. Finally, compared with the two identity-based public auditing proposals, our proposal outperforms the two proposals under the condition of overall considering computational cost, communication overhead, and security strength.

Download Full-text

Overview of current techniques in remote data auditing

Applied Mathematics and Nonlinear Sciences ◽

10.21042/amns.2016.1.00011 ◽

2016 ◽

Vol 1 (1) ◽

pp. 145-158 ◽

Cited By ~ 9

Author(s):

Hualong Wu ◽

Bo Zhao

Keyword(s):

Data Storage ◽

Erasure Coding ◽

Network Access ◽

Data Outsourcing ◽

Local Data ◽

Cloud Data ◽

Resource Pooling ◽

Outsourced Data ◽

Data Auditing ◽

Remote Data

AbstractThe emergence of cloud computing brings the infinite imagination space, both in individual and organizations, due to its unprecedented advantages in the IT history: on-demand self-service, ubiquitous network access, location independent resource pooling, rapid resource elasticity, usage-based pricing and transference of risk. Many of the individuals or organizations ease the pressure on their local data storage, and mitigate the maintenance overhead of local data storage by using outsource data to cloud. However, the data outsourcing is not absolutely safe in the cloud. In order to enhance the users’ confidence of the integrity of their outsource data in the cloud. To promote the rapid deployment of cloud data storage service and regain security assurances with outsourced data dependability, many scholars tend to design the Remote Data Auditing (RDA) technique as a new concept to enable public auditability for the outsourced data in the cloud. The RDA is a useful technique to ensure the correctness of the data outsourced to cloud servers. This paper presents a comprehensive survey on techniques of remote data auditing in cloud server. Recently, more and more remote auditing approaches are categorized into the three different classes, that is, replication-based, erasure coding-based, and network coding-based to present a taxonomy. This paper also aims to the explore major issues.

Download Full-text