Privacy-preserving public auditing with data deduplication in cloud computing

Storage represents one of the most commonly used cloud services. Data integrity and storage efficiency are two key requirements when storing users’ data. Public auditability, where users can employ a Third Part Auditor (TPA) to ensure data integrity, and efficient data deduplication which can be used to eliminate duplicate data and their corresponding authentication tags before sending the data to the cloud, offer possible solutions to address these requirements. In this thesis, we propose a privacy preserving public auditing scheme with data deduplication. We also present an extension of our proposed scheme that enables the TPA to perform multiple auditing tasks at the same time. Our analytical and experimental results show the efficiency of the batch auditing by reducing the number of pairing operations need for the auditing. Then, we extend our work to support user revocation where one of the users wants to leave the enterprise.

Privacy-preserving public auditing with data deduplication in cloud computing

Storage represents one of the most commonly used cloud services. Data integrity and storage efficiency are two key requirements when storing users’ data. Public auditability, where users can employ a Third Part Auditor (TPA) to ensure data integrity, and efficient data deduplication which can be used to eliminate duplicate data and their corresponding authentication tags before sending the data to the cloud, offer possible solutions to address these requirements. In this thesis, we propose a privacy preserving public auditing scheme with data deduplication. We also present an extension of our proposed scheme that enables the TPA to perform multiple auditing tasks at the same time. Our analytical and experimental results show the efficiency of the batch auditing by reducing the number of pairing operations need for the auditing. Then, we extend our work to support user revocation where one of the users wants to leave the enterprise.

Aggregation-Based Tag Deduplication for Cloud Storage with Resistance against Side Channel Attack

Tag deduplication is an emerging technique to eliminate redundancy in cloud storage, which works by signing integrity tags with a content-associated key instead of user-associated secret key. To achieve public auditability in this scenario, the linkage between cloud users and their integrity tags is firstly re-established in current solutions, which provides a potential side channel to malicious third-party auditor to steal the existence privacy of a certain target file. Such kind of attack, which is also possible among classic public auditing schemes, still cannot be well resisted and is now becoming a big obstacle in using this technique. In this paper, we propose a secure aggregation-based tag deduplication scheme (ATDS), which takes the lead to consider resistance against side channel attack during the process of public verification. To deal with this problem, we define a user-associated integrity tag based on the defined content-associated polynomial and devise a Lagrangian interpolation-based aggregation strategy to achieve tag deduplication. With the help of this technique, content-associated public key is able to be utilized instead of a user-associated one to achieve auditing. Once the verification is passed, the TPA is just only able to make sure that the verified data are correctly corresponding to at least a group of users in cloud storage, rather than determining specific owners. The security analysis and experiment results show that the proposed scheme is able to resist side channel attack and is more efficient compared with the state of the art.

Data Storage Integrity Checking with Efficient Privacy Preserving Model for Cloud

Cloud computing is a growing technology that offers compute, storage and network resources as a service over the internet. It enables the individuals, clients or the enterprises to outsource their data and application software to the cloud server. The services are offered by a cloud service provider (CSP) and the users need to pay for what they use. There are many security concerns needs to be addressed when the data is maintained by third party service provider in cloud. The auditor is introduced to audit the integrity of the data on behalf of the client in order to ensure integrity of data. This can be called as public auditability of data. Recently, two privacy preserving auditing mechanisms named Oruta and Knox are introduced to check the correctness of stored data. In this paper, we try to propose the security flaw of their scheme when active adversaries are involved in cloud storage. An active adversary is capable of modifying the data stored in cloud arbitrarily. This data modification is not being identified by the user and the auditor in the verification process. We try to suggest a solution to resolve this flaw by signing the proof response generated on the cloud server side. Then the signed proof is sent to the trusted third party auditor (TTPA) for verification. The auditor first verifies the signature and for the validation of the proof. The proposed scheme is proved to be secure against active adversary.

Content arrangement characteristic based encryption in cloud using public auditing for data management

The encryption standard related to cryptography provide the possible keys with logical standard for sharing and distributing sensitive information sharing worldview in conveyed frameworks. A Content Arrangement Characteristic Based Encryption (CA-CBE) is turning into a promising cryptographic solution for this issue. The cloud needs to provide the view on open auditability. Many methodologies have been discussed on dynamic information administration and on general auditability, however those methodologies suffer from the issue of check overhead and time multifaceted nature. Therefore, it is important to propose a Content Arrangement Characteristic Based Encryption (CA-CBE) scheme for supporting data dynamics over the data operation, like block alteration, block inset, and deletion. Some existing data integrity based research always lacks in dynamic operations and public auditability. By considering this as a motivation, this research is initiated.