VOTE: Verifiable Auditing for Outsourced Database with Token Enforced Cloud Storage

Database deploying is one of the remarkable utilities in cloud computing where the Information Proprietor (IP) assigns the database administration to the Cloud Service Provider (CSP) in order to lower the administration overhead and preservation expenditures of the database. Regardless of its overwhelming advantages, it experiences few security problems such as confidentiality of deployed database and auditability of search outcome. In recent past, survey has been carried out on the auditability of search outcome of deployed database that gives preciseness and intactness of search outcome. But in the prevailing schemes, since there is flow of data between IP and the clients repeatedly, huge communication cost is incurred at the Information Proprietor side. To address this challenge, we introduce Verifiable Auditing of Outsourced Database with Token Enforced Cloud Storage (VOTE) mechanism based on Merkle Hash Tree (MHT), Invertible Bloom Filter(IBF) and Counting Bloom Filter(CBF). The proposed scheme reduces the huge communication cost at the Information Proprietor side and achieves preciseness and intactness of the search outcome. Experimental analysis show that the proposed scheme has totally reduced the huge communication cost at the Information Proprietor side, and simultaneously achieves the preciseness and intactness of search outcome though the semi- trusted CSP deliberately sends a null set

Download Full-text

Deduplication in Cloud Storage

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.b1027.1292s19 ◽

2019 ◽

Vol 9 (2S) ◽

pp. 364-368

Keyword(s):

Data Storage ◽

Cloud Storage ◽

Cloud Service ◽

Information Storage ◽

Cloud Environment ◽

Data Deduplication ◽

Cloud Service Provider ◽

Level Data ◽

Block Level ◽

Individual Client

Cloud Computing is well known today on account of enormous measure of data storage and quick access of information over the system. It gives an individual client boundless extra space, accessibility and openness of information whenever at anyplace. Cloud service provider can boost information storage by incorporating data deduplication into cloud storage, despite the fact that information deduplication removes excess information and reproduced information happens in cloud environment. This paper presents a literature survey alongside different deduplication procedures that have been based on cloud information storage. To all the more likely guarantee secure deduplication in cloud, this paper examines file level data deduplication and block level data deduplication.

Download Full-text

A Secure and Efficient Audit Mechanism for Dynamic Shared Data in Cloud Storage

The Scientific World JOURNAL ◽

10.1155/2014/820391 ◽

2014 ◽

Vol 2014 ◽

pp. 1-10 ◽

Cited By ~ 3

Author(s):

Ohmin Kwon ◽

Dongyoung Koo ◽

Yongjoo Shin ◽

Hyunsoo Yoon

Keyword(s):

Cloud Storage ◽

Cloud Service ◽

Cloud Services ◽

Security Vulnerabilities ◽

Cloud Service Provider ◽

Computation Cost ◽

Shared Data ◽

Management Method ◽

Index Table ◽

Cloud Storage Services

With popularization of cloud services, multiple users easily share and update their data through cloud storage. For data integrity and consistency in the cloud storage, the audit mechanisms were proposed. However, existing approaches have some security vulnerabilities and require a lot of computational overheads. This paper proposes a secure and efficient audit mechanism for dynamic shared data in cloud storage. The proposed scheme prevents a malicious cloud service provider from deceiving an auditor. Moreover, it devises a new index table management method and reduces the auditing cost by employing less complex operations. We prove the resistance against some attacks and show less computation cost and shorter time for auditing when compared with conventional approaches. The results present that the proposed scheme is secure and efficient for cloud storage services managing dynamic shared data.

Download Full-text

A TPA Based Efficient Non-Repudiation Scheme for Cloud Storage

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.765-767.1630 ◽

2013 ◽

Vol 765-767 ◽

pp. 1630-1635

Author(s):

Wen Qi Ma ◽

Qing Bo Wu ◽

Yu Song Tan

Keyword(s):

Service Provider ◽

Cloud Storage ◽

Cloud Service ◽

Cloud Security ◽

Third Party ◽

Cloud Service Provider ◽

Critical Data ◽

Security Environment ◽

Financial Contract ◽

Update Process

One of differences between cloud storage and previous storage is that there is a financial contract between user and the cloud service provider (CSP). User pay for service in exchange for certain guarantees and the cloud is a liable entity. But some mechanisms need to ensure the liability of CSP. Some work use non-repudiation to realize it. Compared with these non-repudiation schemes, we use third party auditor not client to manage proofs and some metadata, which are security critical data in cloud security. It can provide a more security environment for these data. Against the big overhead in update process of current non-repudiation scheme, we propose three schemes to improve it.

Download Full-text

Improved Outsourced Provable Data Possession for Secure Cloud Storage

Security and Communication Networks ◽

10.1155/2021/1805615 ◽

2021 ◽

Vol 2021 ◽

pp. 1-12

Author(s):

Haibin Yang ◽

Zhengge Yi ◽

Ruifeng Li ◽

Zheng Tu ◽

Xu An Wang ◽

...

Keyword(s):

Service Provider ◽

Cloud Storage ◽

Cloud Service ◽

Significant Problem ◽

Data Outsourcing ◽

Cloud Service Provider ◽

Provable Data Possession ◽

Cloud Server ◽

Secure Cloud Storage ◽

Correct Data

With the advent of data outsourcing, how to efficiently verify the integrity of data stored at an untrusted cloud service provider (CSP) has become a significant problem in cloud storage. In 2019, Guo et al. proposed an outsourced dynamic provable data possession scheme with batch update for secure cloud storage. Although their scheme is very novel, we find that their proposal is not secure in this paper. The malicious cloud server has ability to forge the authentication labels, and thus it can forge or delete the user’s data but still provide a correct data possession proof. Based on the original protocol, we proposed an improved one for the auditing scheme, and our new protocol is effective yet resistant to attacks.

Download Full-text

Identity-Based Public Auditing Scheme for Cloud Storage with Strong Key-Exposure Resilience

Security and Communication Networks ◽

10.1155/2020/4838497 ◽

2020 ◽

Vol 2020 ◽

pp. 1-13 ◽

Cited By ~ 1

Author(s):

S. Mary Virgil Nithya ◽

V. Rhymend Uthariaraj

Keyword(s):

Service Provider ◽

Cloud Storage ◽

Data Privacy ◽

Cloud Service ◽

Cloud Service Provider ◽

Time Period ◽

Identity Based ◽

Time Periods ◽

Cloud Auditing ◽

Key Exposure

Secured storage system is a critical component in cloud computing. Cloud clients use cloud auditing schemes to verify the integrity of data stored in the cloud. But with the exposure of the auditing secret key to the Cloud Service Provider, cloud auditing becomes unsuccessful, however strong the auditing schemes may be. Therefore, it is essential to prevent the exposure of auditing secret keys, and even if it happens, it is necessary to minimize the damage caused. The existing cloud auditing schemes that are strongly resilient to key exposure are based on Public Key Infrastructure and so have challenges of certificate management/verification. These schemes also incur high computation time during integrity verification of the data blocks. The Identity-based schemes eliminate the usage of certificates but limit the damage due to key exposure, only in time periods earlier to the time period of the exposed key. Some of the key exposure resilient schemes do not provide support for batch auditing. In this paper, an Identity-based Provable Data Possession scheme is proposed. It protects the security of Identity-based cloud storage auditing in time periods both earlier and later to the time period of the exposed key. It also provides support for batch auditing. Analysis shows that the proposed scheme is resistant to the replace attack of the Cloud Service Provider, preserves the data privacy against the Third Party Auditor, and can efficiently verify the correctness of data.

Download Full-text

Two-Party Privacy-Preserving Set Intersection with FHE

Entropy ◽

10.3390/e22121339 ◽

2020 ◽

Vol 22 (12) ◽

pp. 1339

Author(s):

Yunlu Cai ◽

Chunming Tang ◽

Qiuxia Xu

Keyword(s):

Private Information ◽

Homomorphic Encryption ◽

Bloom Filter ◽

Cloud Service ◽

Fully Homomorphic Encryption ◽

Cloud Service Provider ◽

Set Size ◽

Set Intersection ◽

Learning With Errors ◽

Private Set Intersection

A two-party private set intersection allows two parties, the client and the server, to compute an intersection over their private sets, without revealing any information beyond the intersecting elements. We present a novel private set intersection protocol based on Shuhong Gao’s fully homomorphic encryption scheme and prove the security of the protocol in the semi-honest model. We also present a variant of the protocol which is a completely novel construction for computing the intersection based on Bloom filter and fully homomorphic encryption, and the protocol’s complexity is independent of the set size of the client. The security of the protocols relies on the learning with errors and ring learning with error problems. Furthermore, in the cloud with malicious adversaries, the computation of the private set intersection can be outsourced to the cloud service provider without revealing any private information.

Download Full-text

An Access Control Method Based on CP-ABE and ABS Algorithm in Cloud Storage

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.644-650.1919 ◽

2014 ◽

Vol 644-650 ◽

pp. 1919-1922

Author(s):

Bao Yi Wang ◽

Jing Ming ◽

Shao Min Zhang ◽

Hao Jiang ◽

Hui Luo

Keyword(s):

Access Control ◽

Cloud Storage ◽

Control Method ◽

Cloud Service ◽

Information Privacy ◽

Encryption Algorithm ◽

Cloud Service Provider ◽

Cipher Text ◽

Cloud Storage Environment ◽

Abs Algorithm

In view of the current popular cloud storage access control, some security problems were still existed. To solve the problem which the cloud service provider can’t verify the user write permissions by the CP-ABE based cloud storage access control, in this paper a cloud storage access control method is proposed which is based on the encryption algorithm of the cipher-text (CP-ABE) and the attribute-based signature (ABS). This method not only achieves the cloud storage environment information privacy and integrity, but also supports inheritance authorization and scalability.

Download Full-text

Achieving Lightweight Verifiable Privacy Preserving Search Over Encrypted Data

JOIV International Journal on Informatics Visualization ◽

10.30630/joiv.3.3.267 ◽

2019 ◽

Vol 3 (3) ◽

Author(s):

Selasi Kwame Ocansey ◽

Charles Fynn Oduro

Keyword(s):

Service Provider ◽

Homomorphic Encryption ◽

Bloom Filter ◽

Cloud Service ◽

Privacy Preserving ◽

Data Sets ◽

Cloud Service Provider ◽

Encrypted Data ◽

Security Proofs

When cloud clients outsource their database to the cloud, they entrust management operations to a cloud service provider who is expected to answer the client’s queries on the cloud where database is located. Efficient techniques can ensure critical requirements for outsourced data’s integrity and authenticity. A lightweight privacy preserving verifiable scheme for outsourcingdatabase securely is proposed, our scheme encrypts data before outsourcing and returned query results are verified with parameters of correctness and completeness. Our scheme is projected on lightweight homomorphic encryption technique and bloom filter which are efficiently authenticated to guarantee the outsourced database’s integrity, authenticity, and confidentiality. An ordering challenge technique is proposed for verifying top-k query results. We conclude by detailing our analysis of security proofs, privacy, verifiability and the performance efficiency of our scheme. Our proposed scheme’s proof and evaluation analysis show its security and efficiency for practical deployment. We also evaluate our scheme’s performances over two UCI data sets.

Download Full-text

SECURE AND RECOVERABLE SPLIT KEY MANAGEMENT TECHNIQUE FOR CLOUD STORAGE

Asian Journal of Pharmaceutical and Clinical Research ◽

10.22159/ajpcr.2017.v10s1.19586 ◽

2017 ◽

Vol 10 (13) ◽

pp. 109

Author(s):

Theophilus Rakesh S ◽

Pradeep Kv

Keyword(s):

Key Management ◽

Cloud Storage ◽

Cloud Service ◽

Management Technique ◽

Mutual Trust ◽

Effective Solution ◽

Security Risk ◽

Cloud Service Provider ◽

Safe Mechanism ◽

Fail Safe

Establishing mutual trust between a cloud service provider (CSP) and a client has always been a challenge. Managing the key as a whole on either of these sites poses a security risk and also questions the integrity and availability of the data itself. In this paper, we propose an effective solution to manage key at the client’s location, while the CSP still manages a portion of the key. The proposed technique secures the key itself and also provides a fail-safe mechanism to retrieve the key if lost.

Download Full-text

Symmetric Hash Encryption Image as Key (SHEIK)

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.d4420.038620 ◽

2020 ◽

Vol 8 (6) ◽

pp. 3181-3185

Keyword(s):

Data Security ◽

Cloud Storage ◽

Cloud Service ◽

Model Data ◽

Cloud Service Provider ◽

Storage Model ◽

Symmetric Key ◽

Key Length ◽

Online Storage ◽

Selection Of

Cloud storage model have become a widely accepted solution for the growing demand of online storage and remote accessing. Cloud service provider (CSP) provides the online storage facility for the cloud customer (CC) as per pay-by-use model. Data security still remains a threat for the CC to have a complete trust on the technology. The existing symmetric key algorithms to some extent have been successful in providing the confidentiality of the data. The main issue in implementing the algorithm is sharing of the key, if the key is known to others the security of the data is exploited. This paper tries to sort out the problem by making image as a key for the algorithm. The CC can perform the encryption before uploading the data to have the control of the process. The selection of the algorithm decides the key length to be extracted from the image making the method more secure and reliable for the CC. The experimental results have shown that the proposed Symmetric Hash Encryption Image as Key(SHEIK) method works satisfactorily for encrypting and decrypting the data efficiently.

Download Full-text