Enabling Identity-Based Integrity Auditing and Data Sharing With Sensitive Information Hiding for Secure Cloud Storage

With cloud storage services, users can remotely store their data to the cloud and realize the data sharing with others. Remote data integrity auditing is proposed to guarantee the integrity of the data stored in the cloud. In some common cloud storage systems such as the electronic health records system, the cloud file might contain some sensitive information. The sensitive information should not be exposed to others when the cloud file is shared. Encrypting the whole shared file can realize the sensitive information hiding, but will make this shared file unable to be used by others. How to realize data sharing with sensitive information hiding in remote data integrity auditing still has not been explored up to now. In order to address this problem, we propose a remote data integrity auditing scheme that realizes data sharing with sensitive information hiding in this paper. In this scheme, a sanitizer is used to sanitize the data blocks corresponding to the sensitive information of the file and transforms these data blocks’ signatures into valid ones for the sanitized file. These signatures are used to verify the integrity of the sanitized file in the phase of integrity auditing. As a result, our scheme makes the file stored in the cloud able to be shared and used by others on the condition that the sensitive information is hidden, while the remote data integrity auditing is still able to be efficiently executed. Meanwhile, the proposed scheme is based on identity-based cryptography, which simplifies the complicated certificate management. The security analysis and the performance evaluation show that the proposed scheme is secure and efficient.

[1]  Ming Xu,et al.  Efficient Integrity Auditing for Shared Data in the Cloud with Secure User Revocation , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[2]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[3]  Kim-Kwang Raymond Choo,et al.  Fuzzy Identity-Based Data Integrity Auditing for Reliable Cloud Storage Systems , 2019, IEEE Transactions on Dependable and Secure Computing.

[4]  Sangita S. Chaudhari,et al.  Secure and efficient public auditing scheme for cloud storage , 2016, 2016 International Conference on Computing, Analytics and Security Trends (CAST).

[5]  Cong Wang,et al.  Security Challenges for the Public Cloud , 2012, IEEE Internet Computing.

[6]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[7]  Giuseppe Ateniese,et al.  On the Key Exposure Problem in Chameleon Hashes , 2004, SCN.

[8]  A. Ashik Hussain,et al.  Identity-Based Proxy-Oriented Data Uploading and Remote Data Integrity Checking in Public Cloud , 2019, International Journal of Computer Sciences and Engineering.

[9]  Wenting Shen,et al.  Light-weight and privacy-preserving secure cloud auditing scheme for group users via the third party medium , 2017, J. Netw. Comput. Appl..

[10]  Anmin Fu,et al.  NPP: A New Privacy-Aware Public Auditing Scheme for Cloud Data Sharing with Group Users , 2017, IEEE Transactions on Big Data.

[11]  Ming Xu,et al.  Efficient Integrity Auditing for Shared Data in the Cloud with Secure User Revocation , 2015, TrustCom 2015.

[12]  Cong Wang,et al.  Enabling Efficient User Revocation in Identity-Based Cloud Storage Auditing for Shared Big Data , 2020, IEEE Transactions on Dependable and Secure Computing.

[13]  G. Kalpana,et al.  Secure Auditing and Deduplicating Data in Cloud , 2016 .

[14]  V. Goutham,et al.  Enabling Cloud Storage Auditing with Key Exposure Resistance , 2016 .

[15]  Yuguang Fang,et al.  Cross-Domain Data Sharing in Distributed Electronic Health Record Systems , 2010, IEEE Transactions on Parallel and Distributed Systems.

[16]  Huaqun Wang,et al.  Incentive and Unconditionally Anonymous Identity-Based Public Provable Data Possession , 2019, IEEE Transactions on Services Computing.

[17]  Jian Shen,et al.  An Efficient Public Auditing Protocol With Novel Dynamic Structure for Cloud Data , 2017, IEEE Transactions on Information Forensics and Security.

[18]  Zoe L. Jiang,et al.  Privacy-Preserving Public Auditing for Secure Cloud Storage , 2013, IEEE Transactions on Computers.

[19]  Karen S. Phillips,et al.  Enabling Cloud Storage Auditing With Verifiable Outsourcing of Key Updates , 2018 .

[20]  Hui Li,et al.  Panda: Public Auditing for Shared Data with Efficient User Revocation in the Cloud , 2015, IEEE Transactions on Services Computing.

[21]  Yong Yu,et al.  Identity-Based Remote Data Integrity Checking With Perfect Data Privacy Preserving for Cloud Storage , 2017, IEEE Transactions on Information Forensics and Security.

[22]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[23]  Wenting Shen,et al.  Remote data possession checking with privacy-preserving authenticators for cloud storage , 2017, Future Gener. Comput. Syst..

[24]  M. Mrinalni Vaknishadh,et al.  Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing , 2012 .

[25]  Wenting Shen,et al.  Enabling public auditing for shared data in cloud storage supporting identity privacy and traceability , 2016, J. Syst. Softw..

[26]  Kyungtae Kang,et al.  Secure Data Deduplication with Dynamic Ownership Management in Cloud Storage , 2016, IEEE Transactions on Knowledge and Data Engineering.

[27]  Jia Yu,et al.  Strong Key-Exposure Resilient Auditing for Secure Cloud Storage , 2017, IEEE Transactions on Information Forensics and Security.

[28]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[29]  Florian Kerschbaum,et al.  Symmetric-Key Based Proofs of Retrievability Supporting Public Verification , 2015, ESORICS.

[30]  Gene Tsudik,et al.  Sanitizable Signatures , 2005, ESORICS.

[31]  RenKui,et al.  Privacy-Preserving Public Auditing for Secure Cloud Storage , 2013 .

[32]  Huaqun Wang,et al.  Identity-Based Distributed Provable Data Possession in Multicloud Storage , 2015, IEEE Transactions on Services Computing.

[33]  Huaqun Wang,et al.  Proxy Provable Data Possession in Public Clouds , 2013, IEEE Transactions on Services Computing.

[34]  T. Sudha,et al.  Oruta: Privacy- Preserving Public Auditing for Shared Data in the Cloud , 2018 .

[35]  Cong Wang,et al.  Dynamic Data Operations with Deduplication in Privacy-Preserving Public Auditing for Secure Cloud Storage , 2017, 22017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC).

[36]  Hanlin Zhang,et al.  Intrusion-resilient identity-based signatures: Concrete scheme in the standard model and generic construction , 2018, Inf. Sci..