Smarter Data Availability Checks in the Cloud

Cloud computing offers clients flexible and cost-effective resources. Nevertheless, past incidents indicate that the cloud may misbehave by exposing or tampering with clients' data. Therefore, it is vital for clients to protect the confidentiality and integrity of their outsourced data. To address these issues, researchers proposed cryptographic protocols called “proof of storage” that let a client efficiently verify the integrity or availability of its data stored in a remote cloud server. However, in these schemes, the client either has to be online to perform the verification itself or has to delegate the verification to a fully trusted auditor. In this chapter, a new scheme is proposed that lets the client distribute its data replicas among multiple cloud servers to achieve high availability without the need for the client to be online for the verification and without a trusted auditor's involvement. The new scheme is mainly based on blockchain smart contracts. It illustrates how a combination of cloud computing and blockchain technology can resolve real-world problems.

Provable Data Possession (PDP) and Proofs of Retrievability (POR) of Current Big User Data

A growing trend over the last few years is storage outsourcing, where the concept of third-party data warehousing has become more popular. This trend prompts several interesting privacy and security issues. One of the biggest concerns with third-party data storage providers is accountability. This article, critically reviews two schemas/algorithms that allow users to check the integrity and availability of their outsourced data on untrusted data stores (i.e., third-party data storages). The reviewed schemas are provable data possession (PDP) and proofs of retrievability (POR). Both are cryptographic protocols designed to provide clients the assurance that their data are secure on the untrusted data storages. Furthermore, a conceptual framework is proposed to mitigate the weaknesses of the current storage solutions.

PRUDA: A Novel Measurement Attribute Set towards Robust Steganography in Social Networks

Cloud services have become an increasingly popular solution to provide different services to clients. More and more data are outsourced to the cloud for storage and computing. With this comes concern about the security of outsourced data. In recent years, homomorphic encryption, blockchain, steganography, and other technologies have been applied to the security and forensics of outsourced data. While encryption technologies such as homomorphic encryption and blockchain scramble data so that they cannot be understood, steganography hides the data so that they cannot be observed. Traditional steganography assumes that the environment is lossless. Robust steganography is grounded in traditional steganography and is proposed based on a real lossy social network environment. Thus, researchers, who study robust steganography, believe that the measurement should follow traditional steganography. However, the application scenario of robust steganography breaks through the traditional default lossless environment premise. It brings about changes in the focus of steganography algorithms. Simultaneously, the existing steganography methods miss the evaluation of applicability and ease of use. In this paper, “default parameters” are observed by comparing the process of robust image steganography with traditional image steganography. The idea of “perfecting default parameters” is proposed. Based on this, the attribute set of measuring robust image steganography is presented. We call it PRUDA (Payload, Robustness, ease of Use, antiDetection, and Applicability). PRUDA perfects default parameters observed in the process of traditional steganography algorithms. Statistics on image processing attacks in mobile social apps and analyses on existing algorithms have verified that PRUDA is reasonable and can better measure a robust steganography method in practical application scenarios.

Quasi-Identifier Recognition Algorithm for Privacy Preservation of Cloud Data Based on Risk Reidentification

Cloud computing plays an essential role as a source for outsourcing data to perform mining operations or other data processing, especially for data owners who do not have sufficient resources or experience to execute data mining techniques. However, the privacy of outsourced data is a serious concern. Most data owners are using anonymization-based techniques to prevent identity and attribute disclosures to avoid privacy leakage before outsourced data for mining over the cloud. In addition, data collection and dissemination in a resource-limited network such as sensor cloud require efficient methods to reduce privacy leakage. The main issue that caused identity disclosure is quasi-identifier (QID) linking. But most researchers of anonymization methods ignore the identification of proper QIDs. This reduces the validity of the used anonymization methods and may thus lead to a failure of the anonymity process. This paper introduces a new quasi-identifier recognition algorithm that reduces identity disclosure which resulted from QID linking. The proposed algorithm is comprised of two main stages: (1) attribute classification (or QID recognition) and (2) QID dimension identification. The algorithm works based on the reidentification of risk rate for all attributes and the dimension of QIDs where it determines the proper QIDs and their suitable dimensions. The proposed algorithm was tested on a real dataset. The results demonstrated that the proposed algorithm significantly reduces privacy leakage and maintains the data utility compared to recent related algorithms.

Set-Based Adaptive Distributed Differential Evolution for Anonymity-Driven Database Fragmentation

By breaking sensitive associations between attributes, database fragmentation can protect the privacy of outsourced data storage. Database fragmentation algorithms need prior knowledge of sensitive associations in the tackled database and set it as the optimization objective. Thus, the effectiveness of these algorithms is limited by prior knowledge. Inspired by the anonymity degree measurement in anonymity techniques such as k-anonymity, an anonymity-driven database fragmentation problem is defined in this paper. For this problem, a set-based adaptive distributed differential evolution (S-ADDE) algorithm is proposed. S-ADDE adopts an island model to maintain population diversity. Two set-based operators, i.e., set-based mutation and set-based crossover, are designed in which the continuous domain in the traditional differential evolution is transferred to the discrete domain in the anonymity-driven database fragmentation problem. Moreover, in the set-based mutation operator, each individual’s mutation strategy is adaptively selected according to the performance. The experimental results demonstrate that the proposed S-ADDE is significantly better than the compared approaches. The effectiveness of the proposed operators is verified.