Attribute-Based Cloud Data Integrity Auditing for Secure Outsourced Storage

Outsourced storage such as cloud storage can significantly reduce the burden of data management of data owners. Despite of a long list of merits of cloud storage, it triggers many security risks at the same time. Data integrity, one of the most burning challenges in secure cloud storage, is a fundamental and pivotal element in outsourcing services. Outsourced data auditing protocols enable a verifier to efficiently check the integrity of the outsourced files without downloading the entire file from the cloud, which can dramatically reduce the communication overhead between the cloud server and the verifier. Existing protocols are mostly based on public key infrastructure or an exact identity, which lacks flexibility of key management. In this paper, we seek to address the complex key management challenge in cloud data integrity checking by introducing attribute-based cloud data auditing, where users can upload files to cloud through some customized attribute set and specify some designated auditor set to check the integrity of the outsourced data. We formalize the system model and the security model for this new primitive, and describe a concrete construction of attribute-based cloud data integrity auditing protocol. The new protocol offers desirable properties namely attribute privacy-preserving and collusion-resistance. We prove soundness of our protocol based on the computational Diffie-Hellman assumption and the discrete logarithm assumption. Finally, we develop a prototype of the protocol which demonstrates the practicality of the protocol.

[1]  Yong Wang,et al.  Provable multiple replication data possession with full dynamics for secure cloud storage , 2016, Concurr. Comput. Pract. Exp..

[2]  Yi Mu,et al.  Comments on a Public Auditing Mechanism for Shared Cloud Data Service , 2015, IEEE Transactions on Services Computing.

[3]  Lei Zhang,et al.  Privacy-Preserving Public Auditing Protocol for Low-Performance End Devices in Cloud , 2016, IEEE Transactions on Information Forensics and Security.

[4]  Michael Scott,et al.  A Taxonomy of Pairing-Friendly Elliptic Curves , 2010, Journal of Cryptology.

[5]  Yong Yu,et al.  Identity-Based Remote Data Integrity Checking With Perfect Data Privacy Preserving for Cloud Storage , 2017, IEEE Transactions on Information Forensics and Security.

[6]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[7]  Joseph K. Liu,et al.  Fine-Grained Two-Factor Access Control for Web-Based Cloud Computing Services , 2016, IEEE Transactions on Information Forensics and Security.

[8]  B.K. Yi,et al.  Digital signatures , 2006, IEEE Potentials.

[9]  Kim-Kwang Raymond Choo,et al.  Fuzzy Identity-Based Data Integrity Auditing for Reliable Cloud Storage Systems , 2019, IEEE Transactions on Dependable and Secure Computing.

[10]  Hua Wang,et al.  Improved security of a dynamic remote data possession checking protocol for cloud storage , 2014, Expert Syst. Appl..

[11]  Manoj Prabhakaran,et al.  Attribute-Based Signatures: Achieving Attribute-Privacy and Collusion-Resistance , 2008, IACR Cryptol. ePrint Arch..

[12]  Paulo S. L. M. Barreto,et al.  Demonstrating data possession and uncheatable data transfer , 2006, IACR Cryptol. ePrint Arch..

[13]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[14]  Fagen Li,et al.  Identity-Based Public Verification with Privacy-Preserving for Data Storage Security in Cloud Computing , 2013, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[15]  Yi Mu,et al.  Provably Secure Identity Based Provable Data Possession , 2015, ProvSec.

[16]  Sushil Jajodia,et al.  Integrity and Internal Control in Information Systems VI , 2013, IFIP International Federation for Information Processing.

[17]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[18]  Cong Wang,et al.  Privacy-Assured Outsourcing of Image Reconstruction Service in Cloud , 2013, IEEE Transactions on Emerging Topics in Computing.

[19]  Huaqun Wang,et al.  Identity-Based Distributed Provable Data Possession in Multicloud Storage , 2015, IEEE Transactions on Services Computing.

[20]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[21]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[22]  Weixin Xie,et al.  Attribute-Based Data Sharing Scheme Revisited in Cloud Computing , 2016, IEEE Transactions on Information Forensics and Security.

[23]  Cong Wang,et al.  Toward publicly auditable secure cloud data storage services , 2010, IEEE Network.

[24]  Yi Mu,et al.  Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage , 2014, International Journal of Information Security.

[25]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[26]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[27]  Michael D. Hogan,et al.  NIST Cloud Computing Standards Roadmap , 2013 .

[28]  Koji Chida,et al.  Batch Processing of Interactive Proofs , 2007, CT-RSA.

[29]  Reihaneh Safavi-Naini,et al.  Threshold Attribute-Based Signatures and Their Application to Anonymous Credential Systems , 2009, AFRICACRYPT.

[30]  P. Cochat,et al.  Et al , 2008, Archives de pediatrie : organe officiel de la Societe francaise de pediatrie.

[31]  Jonathan Katz,et al.  Proofs of Storage from Homomorphic Identification Protocols , 2009, ASIACRYPT.

[32]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..