A survey on Proof of Retrievability for cloud data integrity and availability: Cloud storage state-of-the-art, issues, solutions and future trends

Abstract Cloud storage has emerged as the latest trend for data storage over the traditional storage method which consume more storage spaces of data owner resources for backup and disaster recovery purposes. Due to the openness nature of cloud storage, trustworthy to the storage providers remains a critical issue amongst data owners. Hence, a huge number of businesses around the world remains choosing traditional storage method over cloud storage. This indicates a need for cloud storage providers to adopt cloud integrity schemes to ensure the outsourced data is secured to gain trustworthiness from clients. There are two main cloud integrity schemes available to ensure data integrity and availability: (i) Provable Data Possession (PDP) and (ii) Proof of Retrievability (PoR). PDP and PoR are protocols designed for cloud storage to proof to clients that the stored data is intact. Although PDP and PoR have similar functionality for providing cloud data integrity and availability, PoR is found to be much better than PDP with respect to full data retrievability as PoR provides recovery to faulty or corrupted outsourced data in which PDP does not cover. The objective of this paper is to examine the state-of-the-art of PoR and subsequently to identify the issues of employing PoR on cloud storage and suggest possible solutions. We analyse available PoR schemes. Then, the issues and challenges as a result of employing PoR specifically and cloud storage generally are described. Some possible countermeasures to address the identified issues are suggested. Finally, the potential future work of PoR schemes and future trends of cloud storage are presented.

[1]  Kim-Kwang Raymond Choo,et al.  Cloud Storage Forensics , 2013, Contemporary Digital Forensic Investigations of Cloud and Mobile Applications.

[2]  Shucheng Yu,et al.  Proofs of retrievability with public verifiability and constant communication cost in cloud , 2013, Cloud Computing '13.

[3]  G. R. Gangadharan,et al.  A novel secure cloud storage architecture combining proof of retrievability and revocation , 2015, 2015 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[4]  Stefan Rass,et al.  Dynamic proofs of retrievability from Chameleon-Hashes , 2013, 2013 International Conference on Security and Cryptography (SECRYPT).

[5]  Jinjun Chen,et al.  HireSome-II: Towards Privacy-Aware Cross-Cloud Service Composition for Big Data Applications , 2015, IEEE Transactions on Parallel and Distributed Systems.

[6]  Sami Sahin,et al.  COMPUTER SIMULATIONS IN SCIENCE EDUCATION: Implications for Distance Education , 2006 .

[7]  Jian Liu,et al.  Enabling dynamic proof of retrievability in regenerating-coding-based cloud storage , 2014, 2014 IEEE International Conference on Communications Workshops (ICC).

[8]  Fatos Xhafa,et al.  OPoR: Enabling Proof of Retrievability in Cloud Computing with Resource-Constrained Devices , 2015, IEEE Transactions on Cloud Computing.

[9]  Tran Thao Phuong,et al.  D2-POR: Direct Repair and Dynamic Operations in Network Coding-Based Proof of Retrievability , 2016, IEICE Trans. Inf. Syst..

[10]  Yi Mu,et al.  Proof of retrievability with public verifiability resilient against related-key attacks , 2015, IET Inf. Secur..

[11]  Qian Wang,et al.  Dynamic Proofs of Retrievability for Coded Cloud Storage Systems , 2018, IEEE Transactions on Services Computing.

[12]  Ghassan O. Karame,et al.  Outsourced Proofs of Retrievability , 2014, CCS.

[13]  Azman Osman Lim,et al.  SW-POR: A Novel POR Scheme Using Slepian-Wolf Coding for Cloud Storage , 2014, 2014 IEEE 11th Intl Conf on Ubiquitous Intelligence and Computing and 2014 IEEE 11th Intl Conf on Autonomic and Trusted Computing and 2014 IEEE 14th Intl Conf on Scalable Computing and Communications and Its Associated Workshops.

[14]  Reihaneh Safavi-Naini,et al.  Proofs of Retrievability via Fountain Code , 2012, FPS.

[15]  Xinyi Huang,et al.  Group-oriented Proofs of Storage , 2015, AsiaCCS.

[16]  Osmanbey Uzunkol,et al.  An efficient ID-based message recoverable privacy-preserving auditing scheme , 2015, 2015 13th Annual Conference on Privacy, Security and Trust (PST).

[17]  Jing Chen,et al.  Proofs of Ownership and Retrievability in Cloud Storage , 2014, 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications.

[18]  Julien Lavauzelle,et al.  New proofs of retrievability using locally decodable codes , 2016, 2016 IEEE International Symposium on Information Theory (ISIT).

[19]  Harikesh Pandey,et al.  Secure and Constant Cost Public Cloud Storage Auditing with Deduplication , 2017 .

[20]  Isaac Woungang,et al.  Proof of Storage for Video Deduplication in the Cloud , 2015, 2015 IEEE International Congress on Big Data.

[21]  Zhiguang Qin,et al.  Survey on Cloud Data Integrity Proof Techniques , 2012, 2012 Seventh Asia Joint Conference on Information Security.

[22]  Ryan K. L. Ko,et al.  Cloud computing vulnerability incidents: a statistical overview , 2013 .

[23]  Tran Thao Phuong,et al.  MD-POR: Multisource and Direct Repair for Network Coding-Based Proof of Retrievability , 2015, Int. J. Distributed Sens. Networks.

[24]  Jianhong Zhang,et al.  Efficient public verification proof of retrievability scheme in cloud , 2014, Cluster Computing.

[25]  J. Kumar SECURE AUDITING AND DEDUPLICATING DATA IN CLOUD , 2016 .

[26]  Tran Thao Phuong,et al.  ND-POR: A POR Based on Network Coding and Dispersal Coding , 2015, IEICE Trans. Inf. Syst..

[27]  Bogdan Nedelcu,et al.  Cloud Computing and its Challenges and Benefits in the Bank System , 2015 .

[28]  Reshma A. Hegde,et al.  A Survey on Proof of Retrievability and its Techniques , 2016 .

[29]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[30]  A Survey on Public Auditing With a Proof of Retrievability in Secure Cloud Storage , 2015 .

[31]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[32]  Junbeom Hur,et al.  Secure proof of storage with deduplication for cloud storage systems , 2017, Multimedia Tools and Applications.

[33]  Lorena González-Manzano,et al.  An efficient confidentiality-preserving Proof of Ownership for deduplication , 2015, J. Netw. Comput. Appl..

[34]  John Zic,et al.  Proofs of Encrypted Data Retrievability with Probabilistic and Homomorphic Message Authenticators , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[35]  Xiuli Song,et al.  Lightweight Proofs of Retrievability for Electronic Evidence in Cloud , 2013, Inf..

[36]  Ashutosh Saxena,et al.  A robust scheme on proof of data retrievability in cloud , 2014, 2014 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[37]  Iacob Emanuel Baciu Advantages and Disadvantages of Cloud Computing Services, from the Employee's Point of View , 2015 .

[38]  Adeel Anjum,et al.  A survey of cloud computing data integrity schemes: Design challenges, taxonomy and future trends , 2017, Comput. Secur..

[39]  Roberto Tamassia,et al.  Falcon Codes: Fast, Authenticated LT Codes (Or: Making Rapid Tornadoes Unstoppable) , 2015, CCS.

[40]  Luo Shoushan,et al.  Proof of retrievability based on LDPC codes , 2015 .

[41]  Rajiv Kumar,et al.  Data traceability in cloud environment , 2015, International Conference on Computing, Communication & Automation.

[42]  Atri Rudra,et al.  Bidirectional data verification for cloud storage , 2014, J. Netw. Comput. Appl..

[43]  Sushmita Ruj,et al.  Retricoin: Bitcoin based on compact proofs of retrievability , 2016, ICDCN.

[44]  Refik Molva,et al.  Message-Locked Proofs of Retrievability with Secure Deduplication , 2016, CCSW.

[45]  Tran Thao Phuong,et al.  ELAR: extremely lightweight auditing and repairing for cloud security , 2016, ACSAC.

[46]  Han-Chieh Chao,et al.  Proof of ownership in deduplicated cloud storage with mobile device efficiency , 2015, IEEE Network.

[47]  Benny Pinkas,et al.  Proofs of ownership in remote storage systems , 2011, CCS '11.

[48]  Jim X. Chen,et al.  The Evolution of Computing: AlphaGo , 2016, Comput. Sci. Eng..

[49]  Jin Li,et al.  An Efficient Proof of Retrievability with Public Auditing in Cloud Computing , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[50]  Fucai Zhou,et al.  Dynamic proofs of retrievability with square-root oblivious RAM , 2015, Journal of Ambient Intelligence and Humanized Computing.

[51]  Kyungtae Kang,et al.  Secure Data Deduplication with Dynamic Ownership Management in Cloud Storage , 2016, IEEE Transactions on Knowledge and Data Engineering.

[52]  Alptekin Küpçü,et al.  Generic Efficient Dynamic Proofs of Retrievability , 2016, IACR Cryptol. ePrint Arch..

[53]  S. Srinivasan Cloud Computing Basics , 2014 .

[54]  Ejaz Ahmed,et al.  A review on remote data auditing in single cloud server: Taxonomy and open issues , 2014, J. Netw. Comput. Appl..

[55]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[56]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[57]  Yuefei Zhu,et al.  An Efficient Proof of Retrievability Scheme for Fully Homomorphic Encrypted Data , 2013, J. Networks.

[58]  Kristin L. Wood,et al.  AC 2012-3698: PROTOTYPING STRATEGIES: LITERATURE REVIEW AND IDENTIFICATION OF CRITICAL VARIABLES , 2012 .

[59]  Elaine Shi,et al.  Practical dynamic proofs of retrievability , 2013, CCS.

[60]  Chen Lin,et al.  A data integrity verification scheme in mobile cloud computing , 2017, J. Netw. Comput. Appl..

[61]  Kakali Chatterjee,et al.  Cloud security issues and challenges: A survey , 2017, J. Netw. Comput. Appl..

[62]  Bernie Domanski Simulation versus Analytic Modeling in Large Computing Environments Predicting the Performance Impact of Tuning Changes , 1999 .

[63]  Raghu Yeluri,et al.  Cloud Computing Basics , 2014 .

[64]  Tran Thao Phuong,et al.  A New Efficient and Secure POR Scheme Based on Network Coding , 2014, 2014 IEEE 28th International Conference on Advanced Information Networking and Applications.

[65]  Ashok Verma,et al.  Introduction to Modelling and Simulation , 2014 .

[66]  Yehia Elkhatib,et al.  Defining Cross-Cloud Systems , 2016, ArXiv.

[67]  Elaine Shi,et al.  Permacoin: Repurposing Bitcoin Work for Data Preservation , 2014, 2014 IEEE Symposium on Security and Privacy.

[68]  Barbara Endicott-Popovsky,et al.  Legal Process and Requirements for Cloud Forensic Investigations , 2012 .

[69]  Willy Susilo,et al.  Online/Offline Provable Data Possession , 2017, IEEE Transactions on Information Forensics and Security.

[70]  Rajat Saxena,et al.  Cloud Audit: A Data Integrity Verification Approach for Cloud Computing , 2016 .

[71]  David Cash,et al.  Dynamic Proofs of Retrievability Via Oblivious RAM , 2013, Journal of Cryptology.