Towards secure and reliable cloud storage against data re-outsourcing

To increase the profit, a semi-trusted cloud service provider may outsource the files of its client to some low expensive cloud service providers, which may violate the wishes of cloud users and impair their legitimate rights and interests. In this paper, a probabilistic challenge-response scheme is proposed to prove that users' files are available and stored in a specified cloud server. In our scheme, common cloud infrastructure with some reasonable limits, such as rational economic security model, semi-collusion security model and response time bound, are exploited to resist the collusion of cloud servers. These limits guarantee that a malicious cloud service provider could not conduct a t -round communication in a limited time. The security and performance analysis demonstrate that our scheme provides strong incentives against an economically rational cloud service provider from re-outsourcing its clients' data to some other cloud providers. We propose a scheme to prevent CSPs from re-outsourcing their clients' data.We explore the economic server collusion problem among cloud storage services.Our scheme is efficient where a client does not need to download all its data.

[1]  Jean-Jacques Quisquater,et al.  Remote Integrity Checking - How to Trust Files Stored on Untrusted Servers , 2003, IICIS.

[2]  P. Cochat,et al.  Et al , 2008, Archives de pediatrie : organe officiel de la Societe francaise de pediatrie.

[3]  Kwangjo Kim,et al.  Efficient ID-Based Blind Signature and Proxy Signature from Bilinear Pairings , 2003, ACISP.

[4]  Benny Pinkas,et al.  Side Channels in Cloud Services: Deduplication in Cloud Storage , 2010, IEEE Security & Privacy.

[5]  Jean-Sébastien Coron,et al.  On the Exact Security of Full Domain Hash , 2000, CRYPTO.

[6]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[7]  Yevgeniy Dodis,et al.  Proofs of Retrievability via Hardness Amplification , 2009, IACR Cryptol. ePrint Arch..

[8]  Jin Li,et al.  Efficient Fair Conditional Payments for Outsourcing Computations , 2012, IEEE Transactions on Information Forensics and Security.

[9]  Srdjan Capkun,et al.  Secure Localization with Hidden and Mobile Base Stations , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[10]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[11]  Zachary N. J. Peterson,et al.  Geolocation of data in the cloud , 2013, CODASPY.

[12]  Ethan L. Miller,et al.  Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[13]  Cezary Dubnicki,et al.  HydraFS: A High-Throughput File System for the HYDRAstor Content-Addressable Storage System , 2010, FAST.

[14]  Paulo S. L. M. Barreto,et al.  Demonstrating data possession and uncheatable data transfer , 2006, IACR Cryptol. ePrint Arch..

[15]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[16]  Benny Pinkas,et al.  Proofs of ownership in remote storage systems , 2011, CCS '11.

[17]  Sándor Laki,et al.  A detailed path-latency model for router geolocation , 2009, 2009 5th International Conference on Testbeds and Research Infrastructures for the Development of Networks & Communities and Workshops.

[18]  Michal Kaczmarczyk,et al.  HYDRAstor: A Scalable Secondary Storage , 2009, FAST.

[19]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[20]  Jianfeng Ma,et al.  New Algorithms for Secure Outsourcing of Modular Exponentiations , 2012, IEEE Transactions on Parallel and Distributed Systems.

[21]  Abe Masayuki,et al.  An efficiently-verifiable zero-knowledge argument for proofs of knowledge , 2005 .

[22]  Emin Gün Sirer,et al.  Octant: A Comprehensive Framework for the Geolocalization of Internet Hosts , 2007, NSDI.

[23]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[24]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[25]  Ronald L. Rivest,et al.  How to tell if your cloud files are vulnerable to drive crashes , 2011, CCS '11.