A survey of cloud computing data integrity schemes: Design challenges, taxonomy and future trends

Cloud computing has gained tremendous popularity in recent years. By outsourcing computation and storage requirements to public providers and paying for the services used, customers can relish upon the advantages of this new paradigm. Cloud computing provides with a comparably lower-cost, scalable, a location-independent platform for managing clients' data. Compared to a traditional model of computing, which uses dedicated in-house infrastructure, cloud computing provides unprecedented benefits regarding cost and reliability. Cloud storage is a new cost-effective paradigm that aims at providing high availability, reliability, massive scalability and data sharing. However, outsourcing data to a cloud service provider introduces new challenges from the perspectives of data correctness and security. Over the years, many data integrity schemes have been proposed for protecting outsourced data. This paper aims to enhance the understanding of security issues associated with cloud storage and highlights the importance of data integrity schemes for outsourced data. In this paper, we have presented a taxonomy of existing data integrity schemes use for cloud storage. A comparative analysis of existing schemes is also provided along with a detailed discussion on possible security attacks and their mitigations. Additionally, we have discussed design challenges such as computational efficiency, storage efficiency, communication efficiency, and reduced I/O in these schemes. Furthermore, we have highlighted future trends and open issues, for future research in cloud storage security.

[1]  Jianfeng Ma,et al.  A Secure Document Self-Destruction Scheme: An ABE Approach , 2013, 2013 IEEE 10th International Conference on High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing.

[2]  Lorena González-Manzano,et al.  An efficient confidentiality-preserving Proof of Ownership for deduplication , 2015, J. Netw. Comput. Appl..

[3]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[4]  A. Muthukumaravel,et al.  Ensuring Distributed Accountability for Data Sharing in Cloud , 2014 .

[5]  Elisa Bertino,et al.  Privacy preserving delegated access control in the storage as a service model , 2012, 2012 IEEE 13th International Conference on Information Reuse & Integration (IRI).

[6]  Helen J. Wang,et al.  Enabling Security in Cloud Storage SLAs with CloudProof , 2011, USENIX ATC.

[7]  Xiaohua Jia,et al.  Data storage auditing service in cloud computing: challenges, methods and opportunities , 2011, World Wide Web.

[8]  Elaine Shi,et al.  Practical dynamic proofs of retrievability , 2013, CCS.

[9]  Ramarathnam Venkatesan,et al.  Secure database-as-a-service with Cipherbase , 2013, SIGMOD '13.

[10]  Ragib Hasan,et al.  SecLaaS: secure logging-as-a-service for cloud forensics , 2013, ASIA CCS '13.

[11]  Wei Wu,et al.  Improvement of a Remote Data Possession Checking Protocol from Algebraic Signatures , 2014, ISPEC.

[12]  Hua Wang,et al.  Improved security of a dynamic remote data possession checking protocol for cloud storage , 2014, Expert Syst. Appl..

[13]  Alptekin Küpçü,et al.  Transparent, Distributed, and Replicated Dynamic Provable Data Possession , 2013, ACNS.

[14]  A. Abinaya,et al.  Identity Based Distributed Provable Data Possession in Multi Cloud Storage , 2017 .

[15]  Reza Curtmola,et al.  MR-PDP: Multiple-Replica Provable Data Possession , 2008, 2008 The 28th International Conference on Distributed Computing Systems.

[16]  Tao Jiang,et al.  Towards secure and reliable cloud storage against data re-outsourcing , 2015, Future Gener. Comput. Syst..

[17]  Lanxiang Chen,et al.  Using algebraic signatures to check data possession in cloud storage , 2013, Future Gener. Comput. Syst..

[18]  Jinhui Yao,et al.  DIaaS: Data Integrity as a Service in the Cloud , 2011, 2011 IEEE 4th International Conference on Cloud Computing.

[19]  Gail-Joon Ahn,et al.  Collaborative integrity verification in hybrid clouds , 2011, 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom).

[20]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[21]  Eric Pardede,et al.  Using Multi Shares for Ensuring Privacy in Database-as-a-Service , 2011, 2011 44th Hawaii International Conference on System Sciences.

[22]  Ejaz Ahmed,et al.  A review on remote data auditing in single cloud server: Taxonomy and open issues , 2014, J. Netw. Comput. Appl..

[23]  Jinjun Chen,et al.  MuR-DPA: Top-Down Levelled Multi-Replica Merkle Hash Tree Based Secure Public Auditing for Dynamic Big Data Storage on Cloud , 2015, IEEE Transactions on Computers.

[24]  Cong Wang,et al.  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , 2009, ESORICS.

[25]  Shriniwas Gadage,et al.  Cooperative Provable Data possession for integrity verification in multicloud , 2015 .

[26]  Li Xu,et al.  Data dynamics for remote data possession checking in cloud storage , 2013, Comput. Electr. Eng..

[27]  Mihir Bellare,et al.  Message-Locked Encryption and Secure Deduplication , 2013, EUROCRYPT.

[28]  Chen Yue,et al.  A data assured deletion scheme in cloud storage , 2014, China Communications.

[29]  Hanady M. Abdulsalam,et al.  SECaaS: security as a service for cloud-based applications , 2011 .

[30]  Srdjan Capkun,et al.  SoK: Secure Data Deletion , 2013, 2013 IEEE Symposium on Security and Privacy.

[31]  Benny Pinkas,et al.  Side Channels in Cloud Services: Deduplication in Cloud Storage , 2010, IEEE Security & Privacy.

[32]  Ju Wang,et al.  Windows Azure Storage: a highly available cloud storage service with strong consistency , 2011, SOSP.

[33]  Alfons Kemper,et al.  Database as a Service , 2011, Datenbank-Spektrum.

[34]  David Cash,et al.  Dynamic Proofs of Retrievability via Oblivious RAM , 2013, EUROCRYPT.

[35]  Meixia Miao,et al.  Payment-based incentive mechanism for secure cloud deduplication , 2015, Int. J. Inf. Manag..

[36]  Jean-Jacques Quisquater,et al.  Remote Integrity Checking - How to Trust Files Stored on Untrusted Servers , 2003, IICIS.

[37]  Narn-Yih Lee,et al.  Hybrid Provable Data Possession at Untrusted Stores in Cloud Computing , 2011, 2011 IEEE 17th International Conference on Parallel and Distributed Systems.

[38]  Xiaolei Dong,et al.  Security and privacy for storage and computation in cloud computing , 2014, Inf. Sci..

[39]  Elisa Bertino,et al.  Adaptive data protection in distributed systems , 2013, CODASPY.

[40]  Zibin Zheng,et al.  Service-Generated Big Data and Big Data-as-a-Service: An Overview , 2013, 2013 IEEE International Congress on Big Data.

[41]  Ching-Seh Wu,et al.  Provenance as a Service: A Data-centric Approach for Real-Time Monitoring , 2014, 2014 IEEE International Congress on Big Data.

[42]  Isaac Woungang,et al.  Proof of retrieval and ownership protocols for enterprise-level data deduplication , 2013, CASCON.

[43]  Stephen S. Yau,et al.  Dynamic audit services for integrity verification of outsourced storages in clouds , 2011, SAC.

[44]  P. Ramachandra Rao,et al.  Efficient Audit Service Outsourcing for Data Integrity in Clouds , 2013 .

[45]  D. Gerkin Telemedicine and e-health. , 2005, Tennessee medicine : journal of the Tennessee Medical Association.

[46]  Reza Curtmola,et al.  Remote data checking using provable data possession , 2011, TSEC.

[47]  Dong Lai Fu,et al.  Trusted Validation for Geolocation of Cloud Data , 2015, Comput. J..

[48]  Yang Tang,et al.  Secure Overlay Cloud Storage with Access Control and Assured Deletion , 2012, IEEE Transactions on Dependable and Secure Computing.

[49]  Stéphane Frénot,et al.  LogOS: An Automatic Logging Framework for Service-Oriented Architectures , 2012, 2012 38th Euromicro Conference on Software Engineering and Advanced Applications.

[50]  R. Shanmugalakshmi,et al.  Auditing Mechanism to Verify the Integrity of Remote Data in Cloud , 2015 .

[51]  Yue Chen,et al.  A data assured deletion scheme in cloud storage , 2014 .

[52]  Marten van Dijk,et al.  Iris: a scalable cloud file system with efficient integrity checks , 2012, ACSAC '12.

[53]  Reza Curtmola,et al.  Robust remote data checking , 2008, StorageSS '08.

[54]  Markus Jakobsson,et al.  Controlling data in the cloud: outsourcing computation without outsourcing control , 2009, CCSW '09.

[55]  Wenjun Luo,et al.  Ensuring the data integrity in cloud data storage , 2011, 2011 IEEE International Conference on Cloud Computing and Intelligence Systems.

[56]  Reza Curtmola,et al.  Robust Dynamic Provable Data Possession , 2012, 2012 32nd International Conference on Distributed Computing Systems Workshops.

[57]  Yang Tang,et al.  A Secure Cloud Backup System with Assured Deletion and Version Control , 2011, 2011 40th International Conference on Parallel Processing Workshops.

[58]  Reza Curtmola,et al.  Robust dynamic remote data checking for public clouds , 2012, CCS.

[59]  Alessandro Sorniotti,et al.  Policy-based secure deletion , 2013, IACR Cryptol. ePrint Arch..

[60]  Huaqun Wang,et al.  On the Knowledge Soundness of a Cooperative Provable Data Possession Scheme in Multicloud Storage , 2014, IEEE Transactions on Parallel and Distributed Systems.

[61]  Wen-Guey Tzeng,et al.  Delegable Provable Data Possession for Remote Data in the Clouds , 2011, ICICS.

[62]  Mihir Bellare,et al.  DupLESS: Server-Aided Encryption for Deduplicated Storage , 2013, USENIX Security Symposium.

[63]  Zhiguang Qin,et al.  Survey on Cloud Data Integrity Proof Techniques , 2012, 2012 Seventh Asia Joint Conference on Information Security.

[64]  Dan Lin,et al.  Ensuring Distributed Accountability for Data Sharing in the Cloud , 2012, IEEE Transactions on Dependable and Secure Computing.

[65]  Mireille Hildebrandt,et al.  Location Data, Purpose Binding and Contextual Integrity: What’s the Message? , 2014 .

[66]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[67]  Reza Curtmola,et al.  Remote data checking for network coding-based distributed storage systems , 2010, CCSW '10.

[68]  Yves Roudier,et al.  Verifying remote data integrity in peer-to-peer data storage: A comprehensive survey of protocols , 2012, Peer Peer Netw. Appl..

[69]  Rajesh Palit,et al.  Simplified File Assured Deletion (SFADE) - A user friendly overlay approach for data security in cloud storage system , 2013, 2013 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[70]  Jia Xu,et al.  Towards efficient proofs of retrievability , 2012, ASIACCS '12.

[71]  Miroslaw Kutylowski,et al.  Proof of Possession for Cloud Storage via Lagrangian Interpolation Techniques , 2012, NSS.

[72]  Robert Beverly,et al.  A Position Paper on Data Sovereignty: The Importance of Geolocating Data in the Cloud , 2011, HotCloud.

[73]  Cong Wang,et al.  Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[74]  Stephen S. Yau,et al.  Efficient provable data possession for hybrid clouds , 2010, CCS '10.

[75]  Hyunsoo Yoon,et al.  A Secure and Efficient Audit Mechanism for Dynamic Shared Data in Cloud Storage , 2014, TheScientificWorldJournal.

[76]  Nicolae Paladi,et al.  Trusted Geolocation-Aware Data Placement in Infrastructure Clouds , 2014, 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications.

[77]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[78]  Ari Juels,et al.  Proofs of retrievability: theory and implementation , 2009, CCSW '09.

[79]  Rajendra S. Katti,et al.  Provable Data Possession Using Sigma-protocols , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[80]  Kevin W. Hamlen,et al.  Computation Certification as a Service in the Cloud , 2013, 2013 13th IEEE/ACM International Symposium on Cluster, Cloud, and Grid Computing.

[81]  Huaqun Wang,et al.  Proxy Provable Data Possession in Public Clouds , 2013, IEEE Transactions on Services Computing.

[82]  M. Anwar Hasan,et al.  Integrity Verification of Multiple Data Copies over Untrusted Cloud Servers , 2012, 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012).

[83]  Ragib Hasan,et al.  Towards Building Forensics Enabled Cloud Through Secure Logging-as-a-Service , 2016, IEEE Transactions on Dependable and Secure Computing.

[84]  Dawu Gu,et al.  An improved dynamic provable data possession model , 2011, 2011 IEEE International Conference on Cloud Computing and Intelligence Systems.

[85]  David Cash,et al.  Dynamic Proofs of Retrievability Via Oblivious RAM , 2013, Journal of Cryptology.

[86]  Ertem Esiner,et al.  FlexDPDP , 2016, ACM Trans. Storage.

[87]  Yihua Zhang,et al.  Efficient dynamic provable possession of remote data via balanced update trees , 2013, ASIA CCS '13.

[88]  Shucheng Yu,et al.  Proofs of retrievability with public verifiability and constant communication cost in cloud , 2013, Cloud Computing '13.

[89]  Roopa Vishwanathan,et al.  Multi-user dynamic proofs of data possession using trusted hardware , 2013, CODASPY.

[90]  Jonathan Katz,et al.  Proofs of Storage from Homomorphic Identification Protocols , 2009, ASIACRYPT.

[91]  Paulo S. L. M. Barreto,et al.  Demonstrating data possession and uncheatable data transfer , 2006, IACR Cryptol. ePrint Arch..

[92]  Cong Wang,et al.  Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing , 2011, IEEE Transactions on Parallel and Distributed Systems.

[93]  Dawu Gu,et al.  Proofs of Retrievability Based on MRD Codes , 2014, ISPEC.

[94]  Carlo Curino,et al.  Relational Cloud: a Database Service for the cloud , 2011, CIDR.

[95]  Reihaneh Safavi-Naini,et al.  Proofs of Retrievability via Fountain Code , 2012, FPS.

[96]  Zhen Peng,et al.  A hill cipher-based remote data possession checking in cloud storage , 2014, Secur. Commun. Networks.

[97]  Zachary N. J. Peterson,et al.  Geolocation of data in the cloud , 2013, CODASPY.

[98]  Timothy Grance,et al.  Guide to Integrating Forensic Techniques into Incident Response , 2006 .

[99]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[100]  Colin Boyd,et al.  Enhanced GeoProof: improved geographic assurance for data in the cloud , 2013, International Journal of Information Security.

[101]  Ngoc Tram Anh Nguyen Fair and dynamic proofs of retrievability , 2014 .

[102]  Yevgeniy Dodis,et al.  Proofs of Retrievability via Hardness Amplification , 2009, IACR Cryptol. ePrint Arch..

[103]  Yongzhao Zhan,et al.  Investigation of IT Security and Compliance Challenges in Security-as-a-Service for Cloud Computing , 2012, 2012 IEEE 15th International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing Workshops.

[104]  Tao Jiang,et al.  TIMER: Secure and Reliable Cloud Storage against Data Re-outsourcing , 2014, ISPEC.

[105]  M. Phil,et al.  PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING , 2015 .

[106]  Noen Given Knox : Privacy-Preserving Auditing for Shared Data with Large Groups in the Cloud , 2012 .

[107]  D. Luxton,et al.  mHealth data security: the need for HIPAA-compliant standardization. , 2012, Telemedicine journal and e-health : the official journal of the American Telemedicine Association.

[108]  Ari Juels,et al.  HAIL: a high-availability and integrity layer for cloud storage , 2009, CCS.

[109]  K. J. Latesh Kumar,et al.  Novel Approach: Deduplication for Backup Systems Using Data Block Size , 2015 .

[110]  Shouhuai Xu,et al.  Secure and efficient proof of storage with deduplication , 2012, CODASPY '12.

[111]  Huaqun Wang,et al.  Identity-Based Distributed Provable Data Possession in Multicloud Storage , 2015, IEEE Transactions on Services Computing.