A Secure and Efficient Audit Mechanism for Dynamic Shared Data in Cloud Storage

With popularization of cloud services, multiple users easily share and update their data through cloud storage. For data integrity and consistency in the cloud storage, the audit mechanisms were proposed. However, existing approaches have some security vulnerabilities and require a lot of computational overheads. This paper proposes a secure and efficient audit mechanism for dynamic shared data in cloud storage. The proposed scheme prevents a malicious cloud service provider from deceiving an auditor. Moreover, it devises a new index table management method and reduces the auditing cost by employing less complex operations. We prove the resistance against some attacks and show less computation cost and shorter time for auditing when compared with conventional approaches. The results present that the proposed scheme is secure and efficient for cloud storage services managing dynamic shared data

SoK: A Practical Cost Comparison Among Provable Data Possession Schemes

Provable Data Possession (PDP) schemes provide users with the ability to efficiently audit and verify the integrity of data stored with potentially unreliable third-parties, such as cloud storage service providers. While dozens of PDP schemes have been developed, no PDP schemes have been practically implemented with an existing cloud service. This work attempts to provide a starting point for the integration of PDP schemes with cloud storage service providers by providing a cost analysis of PDP schemes. This cost analysis is performed by implementing and analyzing five PDP schemes representative of the dozens of various PDP approaches. This paper provides analysis of the overhead and performance of each of these schemes to generate a comparable cost for each scheme using real-world cloud pricing models. Results show that the total cost of each scheme is comparable for smaller file sizes, but for larger files this cost can vary across schemes by an order of magnitude. Ultimately, the difference in cost between the simple MAC-based PDP scheme and the most efficient PDP scheme is negligible. While the MAC-PDP scheme may not be the most efficient, no other scheme improving upon it\u27s complexity can be implemented without the use of additional services or APIs leading to the conclusion that the simplest, storage only PDP scheme is the most practical to implement. Furthermore, the findings in this paper suggest that, in general, PDP schemes optimize on an inaccurate cost model and that future schemes should consider the existing economic realities of cloud services

Co-Check: Collaborative Outsourced Data Auditing in Multicloud Environment

With the increasing demand for ubiquitous connectivity, wireless technology has significantly improved our daily lives. Meanwhile, together with cloud-computing technology (e.g., cloud storage services and big data processing), new wireless networking technology becomes the foundation infrastructure of emerging communication networks. Particularly, cloud storage has been widely used in services, such as data outsourcing and resource sharing, among the heterogeneous wireless environments because of its convenience, low cost, and flexibility. However, users/clients lose the physical control of their data after outsourcing. Consequently, ensuring the integrity of the outsourced data becomes an important security requirement of cloud storage applications. In this paper, we present Co-Check, a collaborative multicloud data integrity audition scheme, which is based on BLS (Boneh-Lynn-Shacham) signature and homomorphic tags. According to the proposed scheme, clients can audit their outsourced data in a one-round challenge-response interaction with low performance overhead. Our scheme also supports dynamic data maintenance. The theoretical analysis and experiment results illustrate that our scheme is provably secure and efficient

Strong Monitor Of Admission Manager With Multi-Level Ability For Open Cloud

Controlling data access is a difficult issue in public cloud storage systems. Attribute-Based Encryption (CP-ABE) Cipher text-Policy has been adopted as a promising technology to provide flexible, accurate and secure control of data access for cloud storage with honest but weird cloud servers. However, in current CP-EBA schemes, the single attribute authority must implement a validation of the legality of time-consuming users and the distribution of the secret key, resulting in a one-point performance block when a CP-EBA scheme is adopted. in a large-scale system. Cloud storage. Users could be stuck in the queue for a long time to get their secret keys, which could degrade the efficiency of the system. Although multi-agency access control schemes have been proposed, these schemes still cannot overcome the disadvantages of one-point blocking and low efficiency, due to the fact that each authority still independently manages a separate set of attributes. In this paper, we propose a new, heterogeneous framework to eliminate the problem of blocking in single-point performance and to provide a more efficient access control system with an audit mechanism. Our framework uses several proprietary powers to share the burden of validating user legitimacy. Meanwhile, in our scheme, a CA (central authority) is introduced to generate secret keys for users whose legitimacy has been verified. Unlike other multi-body access control systems, each authority in our scheme manages the entire feature set individually. To increase security, we also suggest an audit mechanism to detect AA (Awarding Authority) that has incorrectly or maliciously performed the legitimacy validation procedure. The analysis shows that our system not only ensures the safety requirements, but also improves the outstanding performance of the switches

Remote Data Integrity Checking in Cloud Computing

Cloud computing is an internet based computing which enables sharing of services. It is very challenging part to keep safely all required data that are needed in many applica f or user in cloud. Storing our data in cloud may not be fully trustworthy. Since client doesnt have copy of all stored data, he has to depend on Cloud Service Provider. This work studies the problem of ensuring the integrity and security of data storage in Cloud Computing. This paper, proposes an effective and flexible Batch Audit sche me with dynamic data support to reduce the computation overheads. To ensure the correctness of users data the task of allowing a third party auditor (TPA), on behalf of the cloud client, to verify the integrity of the data stored in the cloud. We consider symmetric encryption for effective utilization of outsourced cloud data under the model, it achieve the storage security in multi cloud data storage. The new scheme further supports secure and efficient dynamic operation sondata blocks, including data i nserti on, update,delete and replacement. Extensive securityand performance analysis shows that the proposed sche me is highlyef ficient and resilient again st By zantinef ailure, maliciousd a ta modification at tack, and even server colliding a ttacks

Keyword-Based Delegable Proofs of Storage

Cloud users (clients) with limited storage capacity at their end can outsource bulk data to the cloud storage server. A client can later access her data by downloading the required data files. However, a large fraction of the data files the client outsources to the server is often archival in nature that the client uses for backup purposes and accesses less frequently. An untrusted server can thus delete some of these archival data files in order to save some space (and allocate the same to other clients) without being detected by the client (data owner). Proofs of storage enable the client to audit her data files uploaded to the server in order to ensure the integrity of those files. In this work, we introduce one type of (selective) proofs of storage that we call keyword-based delegable proofs of storage, where the client wants to audit all her data files containing a specific keyword (e.g., "important"). Moreover, it satisfies the notion of public verifiability where the client can delegate the auditing task to a third-party auditor who audits the set of files corresponding to the keyword on behalf of the client. We formally define the security of a keyword-based delegable proof-of-storage protocol. We construct such a protocol based on an existing proof-of-storage scheme and analyze the security of our protocol. We argue that the techniques we use can be applied atop any existing publicly verifiable proof-of-storage scheme for static data. Finally, we discuss the efficiency of our construction.Comment: A preliminary version of this work has been published in International Conference on Information Security Practice and Experience (ISPEC 2018

Cloud Data Auditing Using Proofs of Retrievability

Cloud servers offer data outsourcing facility to their clients. A client outsources her data without having any copy at her end. Therefore, she needs a guarantee that her data are not modified by the server which may be malicious. Data auditing is performed on the outsourced data to resolve this issue. Moreover, the client may want all her data to be stored untampered. In this chapter, we describe proofs of retrievability (POR) that convince the client about the integrity of all her data.Comment: A version has been published as a book chapter in Guide to Security Assurance for Cloud Computing (Springer International Publishing Switzerland 2015