Encrypted Data Management with Deduplication in Cloud Computing

Cloud computing plays an important role in supporting data storage, processing, and management in the Internet of Things (IoT). To preserve cloud data confidentiality and user privacy, cloud data are often stored in an encrypted form. However, duplicated data that are encrypted under different encryption schemes could be stored in the cloud, which greatly decreases the utilization rate of storage resources, especially for big data. Several data deduplication schemes have recently been proposed. However, most of them suffer from security weakness and lack of flexibility to support secure data access control. Therefore, few can be deployed in practice. This article proposes a scheme based on attribute-based encryption (ABE) to deduplicate encrypted data stored in the cloud while also supporting secure data access control. The authors evaluate the scheme's performance based on analysis and implementation. Results show the efficiency, effectiveness, and scalability of the scheme for potential practical deployment.

[1]  Dutch T. Meyer,et al.  A study of practical deduplication , 2011, TOS.

[2]  Mihir Bellare,et al.  Message-Locked Encryption and Secure Deduplication , 2013, EUROCRYPT.

[3]  Marvin Theimer,et al.  Reclaiming space from duplicate files in a serverless distributed file system , 2002, Proceedings 22nd International Conference on Distributed Computing Systems.

[4]  Jin Li,et al.  A Hybrid Cloud Approach for Secure Authorized Deduplication , 2015, IEEE Transactions on Parallel and Distributed Systems.

[5]  Mihir Bellare,et al.  DupLESS: Server-Aided Encryption for Deduplicated Storage , 2013, USENIX Security Symposium.

[6]  Dan Feng,et al.  Accelerating Restore and Garbage Collection in Deduplication-based Backup Systems via Exploiting Historical Information , 2014, USENIX Annual Technical Conference.

[7]  Emmanuelle Anceaume,et al.  A Secure Two-Phase Data Deduplication Scheme , 2014, 2014 IEEE Intl Conf on High Performance Computing and Communications, 2014 IEEE 6th Intl Symp on Cyberspace Safety and Security, 2014 IEEE 11th Intl Conf on Embedded Software and Syst (HPCC,CSS,ICESS).

[8]  Zheng Yan,et al.  Protect Pervasive Social Networking Based on Two-Dimensional Trust Levels , 2017, IEEE Systems Journal.

[9]  Michal Kaczmarczyk,et al.  Reducing impact of data fragmentation caused by in-line deduplication , 2012, SYSTOR '12.

[10]  Refik Molva,et al.  ClouDedup: Secure Deduplication with Encrypted Data for Cloud Storage , 2013, 2013 IEEE 5th International Conference on Cloud Computing Technology and Science.

[11]  Huajun Chen,et al.  A Verifiable Data Deduplication Scheme in Cloud Computing , 2014, 2014 International Conference on Intelligent Networking and Collaborative Systems.

[12]  Robert H. Deng,et al.  HASBE: A Hierarchical Attribute-Based Solution for Flexible and Scalable Access Control in Cloud Computing , 2012, IEEE Transactions on Information Forensics and Security.

[13]  Zheng Yan,et al.  A Scheme to Manage Encrypted Data Storage with Deduplication in Cloud , 2015, ICA3PP.

[14]  Mark Lillibridge,et al.  Improving restore speed for backup systems that use inline chunk-based deduplication , 2013, FAST.