DIaaS: Data Integrity as a Service in the Cloud

In this paper, we propose a secure cloud storage service architecture with the focus on Data Integrity as a Service (DIaaS) based on the principles of Service-Oriented Architecture and Web services. Our approach not only releases the burdens of data integrity management from a storage service by handling it through an independent third party data Integrity Management Service (IMS), but also reduces the security risk of the data stored in the storage services by checking the data integrity with the help of IMS. We define data integrity protocols for a number of different scenarios, and demonstrate the feasibility of the proposed architecture, service and protocols by implementing them on a public cloud, Amazon S3. We also study the impact of our proposed protocols on the performance of the storage service and show that the benefits of our approach outweigh the little penalty on the storage service performance.

[1]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[2]  Qian Wang,et al.  Plutus: Scalable Secure File Sharing on Untrusted Storage , 2003, FAST.

[3]  Garth A. Gibson,et al.  RAID: high-performance, reliable secondary storage , 1994, CSUR.

[4]  Erez Zadok,et al.  I3FS: An In-Kernel Integrity Checker and Intrusion Detection File System , 2004, LISA.

[5]  Cong Wang,et al.  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , 2009, ESORICS.

[6]  Ling Liu,et al.  Sharoes: A Data Sharing Platform for Outsourced Enterprise Storage Environments , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[7]  Kai Hwang,et al.  Cloud Security with Virtualized Defense and Reputation-Based Trust Mangement , 2009, 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing.

[8]  Thomas Sandholm,et al.  What's inside the Cloud? An architectural map of the Cloud landscape , 2009, 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing.

[9]  Lori M. Kaufman,et al.  Data Security in the World of Cloud Computing , 2009, IEEE Security & Privacy.

[10]  Hovav Shacham,et al.  SiRiUS: Securing Remote Untrusted Storage , 2003, NDSS.

[11]  Nalini Venkatasubramanian,et al.  A Middleware Approach for Building Secure Network Drives over Untrusted Internet Data Storage , 2007 .

[12]  John Zic,et al.  TrustStore: Making Amazon S3 Trustworthy with Services Composition , 2010, 2010 10th IEEE/ACM International Conference on Cluster, Cloud and Grid Computing.

[13]  H KatzRandy,et al.  A case for redundant arrays of inexpensive disks (RAID) , 1988 .

[14]  Nalini Venkatasubramanian,et al.  iDataGuard: middleware providing a secure network drive interface to untrusted internet data storage , 2008, EDBT '08.

[15]  Rajkumar Buyya,et al.  Article in Press Future Generation Computer Systems ( ) – Future Generation Computer Systems Cloud Computing and Emerging It Platforms: Vision, Hype, and Reality for Delivering Computing as the 5th Utility , 2022 .

[16]  Cong Wang,et al.  Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[17]  Gunnar Peterson,et al.  Don't Trust. And Verify: A Security Architecture Stack for the Cloud , 2010, IEEE Security & Privacy.

[18]  Randy H. Katz,et al.  A case for redundant arrays of inexpensive disks (RAID) , 1988, SIGMOD '88.

[19]  Jörg Schwenk,et al.  On Technical Security Issues in Cloud Computing , 2009, 2009 IEEE International Conference on Cloud Computing.

[20]  Jim Gray,et al.  The Transaction Concept: Virtues and Limitations (Invited Paper) , 1981, VLDB.

[21]  Erez Zadok,et al.  Ensuring data integrity in storage: techniques and applications , 2005, StorageSS '05.

[22]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[23]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[24]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[25]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[26]  Radia Perlman,et al.  The ephemerizer: making data disappear , 2005 .

[27]  Helen J. Wang,et al.  Enabling Security in Cloud Storage SLAs with CloudProof , 2011, USENIX ATC.

[28]  Idit Keidar,et al.  Trusting the cloud , 2009, SIGA.

[29]  Ari Juels,et al.  HAIL: a high-availability and integrity layer for cloud storage , 2009, CCS.