MT-DIPS: a new data duplication integrity protection scheme for multi-tenants sharing storage in SaaS

In SaaS, the data sharing storage mode and tenant isolation requirement present new challenge to traditional remote data duplication protection schemes. This paper aims at the new requirement of tenant data duplication protection in SaaS and presents a tuple sampling-based tenant duplication protection mechanism MT-DIPS (Duplication Integrity Protection Scheme for Multi-Tenants). Instead of data block sampling, MT-DIPS accommodates the data isolation requirement of different tenants by sampling tenants physical data tuples. Through periodical random sampling, MT-DIPS reduces the complexity on service provider side of verification object construction and eliminates the resource waste. Analysis and the experimental results show that if the damage rate of tenant data tuples is about 1%, the random sampling data number is about 5% of the total number of tuples. MT-DIPS makes use of homomorphism labels with auxiliary authentication structure to allow trusted third party verification without disclosing tenant data to relieve the verification burden on tenants' client sides.

[1]  Yuliang Shi,et al.  Tenant-Oriented Composite Authentication Tree for Data Integrity Protection in SaaS , 2014, WAIM.

[2]  Ari Juels,et al.  HAIL: a high-availability and integrity layer for cloud storage , 2009, CCS.

[3]  M. Anwar Hasan,et al.  On Verifying Dynamic Multiple Data Copies over Cloud Servers , 2011, IACR Cryptol. ePrint Arch..

[4]  Alfons Kemper,et al.  A comparison of flexible schemas for software as a service , 2009, SIGMOD Conference.

[5]  Shouhuai Xu,et al.  Secure and efficient proof of storage with deduplication , 2012, CODASPY '12.

[6]  Kong Lan Research on Index of Multi-Tenant Based on Key-Values for SaaS Application , 2010 .

[7]  Pradeep Kumar Gupta,et al.  Handling Data Integrity Issue in SaaS Cloud , 2014, FICTA.

[8]  Tao Li,et al.  A brief survey on secure multi-party computing in the presence of rational parties , 2015, J. Ambient Intell. Humaniz. Comput..

[9]  Cong Wang,et al.  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , 2009, ESORICS.

[10]  Stefan Katzenbeisser,et al.  Hardware-based Security for Virtual Trusted Platform Modules , 2013, ArXiv.

[11]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[12]  Yuliang Shi,et al.  An Integrity Verification Scheme for Multiple Replicas in Clouds , 2012, WISM.

[13]  Peng Zhang,et al.  Public Data Integrity Verification for Secure Cloud Storage , 2013, J. Networks.

[14]  Reza Curtmola,et al.  MR-PDP: Multiple-Replica Provable Data Possession , 2008, 2008 The 28th International Conference on Distributed Computing Systems.

[15]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[16]  Amit Golander,et al.  Internet-oriented optimization schemes for joint compression and encryption , 2015, China Communications.

[17]  Benny Pinkas,et al.  Proofs of ownership in remote storage systems , 2011, CCS '11.

[18]  Duncan S. Wong,et al.  Fair two-party computation with rational parties holding private types , 2015, Secur. Commun. Networks.

[19]  Tao Li,et al.  Rational computing protocol based on fuzzy theory , 2016, Soft Comput..

[20]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[21]  Duncan S. Wong,et al.  Achieving fairness by sequential equilibrium in rational two-party computation under incomplete information , 2015, Secur. Commun. Networks.

[22]  Jeffrey S. Chase,et al.  Trusted platform-as-a-service: a foundation for trustworthy cloud-hosted applications , 2011, CCSW '11.

[23]  Torsten Grust,et al.  Multi-tenant databases for software as a service: schema-mapping techniques , 2008, SIGMOD Conference.

[24]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[25]  Ari Juels,et al.  Proofs of retrievability: theory and implementation , 2009, CCSW '09.

[26]  Nenghai Yu,et al.  A Privacy-Preserving Remote Data Integrity Checking Protocol with Data Dynamics and Public Verifiability , 2011, IEEE Transactions on Knowledge and Data Engineering.

[27]  Marten van Dijk,et al.  Iris: a scalable cloud file system with efficient integrity checks , 2012, ACSAC '12.

[28]  Stephen S. Yau,et al.  Dynamic audit services for integrity verification of outsourced storages in clouds , 2011, SAC.

[29]  Jinhui Yao,et al.  DIaaS: Data Integrity as a Service in the Cloud , 2011, 2011 IEEE 4th International Conference on Cloud Computing.

[30]  D. Boneh,et al.  A Survey of Two Signature Aggregation Techniques , 2003 .

[31]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[32]  Yuliang Shi,et al.  Meta-data Driven Data Chunk Based Secure Data Storage for SaaS , 2011 .

[33]  Cong Wang,et al.  Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[34]  Tan Shuan,et al.  Research and Development of Provable Data Integrity in Cloud Storage , 2015 .