SecCloud: Bridging Secure Storage and Computation in Cloud

Cloud computing becomes a hot research topic in the recent years. In the cloud computing, software applications and databases are moved to the centralized large data centers, which is called cloud. In the cloud, due to lack of physical possession of the data and the machine, the data and computation may not be well managed and fully trusted by cloud users. Existing work on cloud security mainly focuses on cloud storage without taking computation security into consideration. In this paper, we propose SecCloud, a novel auditing scheme to secure cloud computing based on probabilistic sampling technique as well as designated verifier technique, which aims to consider secure data storage, computation and privacy preserving together. We also discuss how to optimize sampling size to minimize the auditing cost. Detailed analysis and simulations have demonstrated the effectiveness and efficiency of the proposed scheme.

[1]  Cong Wang,et al.  Ensuring data storage security in Cloud Computing , 2009, 2009 17th International Workshop on Quality of Service.

[2]  Zhenfu Cao,et al.  An identity based universal designated verifier signature scheme secure in the standard model , 2009, J. Syst. Softw..

[3]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[4]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[5]  Xiaodong Lin,et al.  An Opportunistic Batch Bundle Authentication Scheme for Energy Constrained DTNs , 2010, 2010 Proceedings IEEE INFOCOM.

[6]  Cong Wang,et al.  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , 2009, ESORICS.

[7]  Andreas Haeberlen,et al.  A case for the accountable cloud , 2010, OPSR.

[8]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[9]  Ari Juels,et al.  HAIL: a high-availability and integrity layer for cloud storage , 2009, CCS.

[10]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[11]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[12]  Cong Wang,et al.  Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing , 2011, IEEE Transactions on Parallel and Distributed Systems.

[13]  Cong Wang,et al.  Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[14]  Jianhong Zhang,et al.  A novel ID-based designated verifier signature scheme , 2008, Inf. Sci..

[15]  Yi Mu,et al.  Identity-Based Universal Designated Verifier Signatures , 2005, EUC Workshops.

[16]  Jonathan Katz,et al.  Ring Signatures: Stronger Definitions, and Constructions without Random Oracles , 2005, IACR Cryptol. ePrint Arch..

[17]  Ed Dawson,et al.  A novel identity-based strong designated verifier signature scheme , 2009, J. Syst. Softw..

[18]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[19]  Jung Hee Cheon,et al.  An Identity-Based Signature from Gap Diffie-Hellman Groups , 2003, Public Key Cryptography.

[20]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[21]  Philippe Golle,et al.  Uncheatable Distributed Computations , 2001, CT-RSA.

[22]  M. Scott Implementing cryptographic pairings , 2007 .

[23]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[24]  Ron Steinfeld,et al.  Universal Designated-Verifier Signatures , 2003, ASIACRYPT.

[25]  Markus Jakobsson,et al.  Designated Verifier Proofs and Their Applications , 1996, EUROCRYPT.

[26]  Gerard Briscoe,et al.  Community Cloud Computing , 2009, CloudCom.

[27]  Ghassan O. Karame,et al.  Secure Remote Execution of Sequential Computations , 2009, ICICS.

[28]  Ralph C. Merkle,et al.  Protocols for Public Key Cryptosystems , 1980, 1980 IEEE Symposium on Security and Privacy.

[29]  Wenliang Du,et al.  Uncheatable grid computing , 2004, 24th International Conference on Distributed Computing Systems, 2004. Proceedings..