Secure Public Audit for Operation Behavior Logs in Shared Cloud Storage

In cloud storage, the data owner and data users can easily perform cooperative work on shared data. In this paper, we focus on operation behavior auditing in shared cloud storage, which is significant for the avoidance of potential crimes in the cloud and equitable accountability determination for the forensic investigation in shared cloud. We first introduce a novel secure public auditing model for operation behavior in shared cloud. Based on this, a secure auditing scheme for operation behavior logs (OBLs) is presented. Specifically, by using the certificateless signature, our scheme provides public privacy preserving auditing. The experiment analysis proves that our scheme can audit the validity of OBLs in the cloud efficiently. To the best of our knowledge, our scheme is the first solution of public auditing for OBLs in shared cloud.

[1]  Cong Wang,et al.  Security Challenges for the Public Cloud , 2012, IEEE Internet Computing.

[2]  Chin-Chen Chang,et al.  Enabling public auditability for operation behaviors in cloud storage , 2016, Soft Computing.

[3]  Bruce Schneier,et al.  Secure audit logs to support computer forensics , 1999, TSEC.

[4]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[5]  P.D. Dixon,et al.  An overview of computer forensics , 2005, IEEE Potentials.

[6]  Mihir Bellare,et al.  A Forward-Secure Digital Signature Scheme , 1999, CRYPTO.

[7]  Jin Liu,et al.  Dynamic-Hash-Table Based Public Auditing for Secure Cloud Storage , 2017, IEEE Transactions on Services Computing.

[8]  Kent E. Seamons,et al.  Logcrypt: Forward Security and Public Verification for Secure Audit Logs , 2005, IACR Cryptol. ePrint Arch..

[9]  Golden G. Richard,et al.  A Cloud Computing Platform for Large-Scale Forensic Computing , 2009, IFIP Int. Conf. Digital Forensics.

[10]  Panayiotis Kotzanikolaou,et al.  A Framework for Secure and Verifiable Logging in Public Communication Networks , 2006, CRITIS.

[11]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[12]  Peng Ning,et al.  Efficient, Compromise Resilient and Append-Only Cryptographic Schemes for Secure Audit Logging , 2012, Financial Cryptography.

[13]  Ming Li,et al.  Storing Shared Data on the Cloud via Security-Mediator , 2013, 2013 IEEE 33rd International Conference on Distributed Computing Systems.

[14]  Benny Pinkas,et al.  Proofs of ownership in remote storage systems , 2011, CCS '11.

[15]  Gene Tsudik,et al.  A new approach to secure logging , 2008, TOS.

[16]  Bin Wu,et al.  Log analysis in cloud computing environment with Hadoop and Spark , 2013, 2013 5th IEEE International Conference on Broadband Network & Multimedia Technology.