Blockchain-based fair payment smart contract for public cloud storage auditing

Abstract Cloud storage plays an important role in today’s cloud ecosystem. Increasingly clients tend to outsource their data to the cloud. In spite of its copious advantages, integrity has always been a significant issue. The audit method is commonly used to ensure integrity in cloud scenarios. However, traditional auditing schemes expect a third-party auditor (TPA), which is not always available in the real world. Also, the former scheme implies a limited pay-as-you-go service, as it requires the client to pay for the service in advance. In this paper, we aim to address the aforementioned drawback by adopting blockchain to replace TPA and designing a blockchain-based fair payment smart contract for public cloud storage auditing. In our system, data owner and cloud service provider (CSP) will run a blockchain-based smart contract. The contract ensures that the CSP is required to submit data possession proof regularly. The CSP gets paid only if the verification is passed; otherwise, it gets no remuneration but has to pay the penalties. To reduce the number of interactions in the execution of contract, we present the notion of non-interactive public provable data possession and design a blockchain-based smart contract for public cloud storage auditing based on this primitive.

[1]  Robert H. Deng,et al.  Blockchain based efficient and robust fair payment for outsourcing services in cloud computing , 2018, Inf. Sci..

[2]  Jing Han,et al.  An Efficient Lucas Sequence-Based Batch Auditing Scheme for the Internet of Medical Things , 2019, IEEE Access.

[3]  Marcin Andrychowicz,et al.  Secure Multiparty Computations on Bitcoin , 2014, IEEE Symposium on Security and Privacy.

[4]  David Cash,et al.  Dynamic Proofs of Retrievability Via Oblivious RAM , 2013, Journal of Cryptology.

[5]  Jia Xu,et al.  Remote Integrity Check with Dishonest Storage Server , 2008, ESORICS.

[6]  Zhe Wu,et al.  CosTLO: Cost-Effective Redundancy for Lower Latency Variance on Cloud Storage Services , 2015, NSDI.

[7]  Andrea C. Arpaci-Dusseau,et al.  ViewBox: integrating local file systems with cloud storage services , 2014, FAST.

[8]  Van-Anh Truong,et al.  Availability in Globally Distributed Storage Systems , 2010, OSDI.

[9]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[10]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[11]  Jinjun Chen,et al.  MuR-DPA: Top-Down Levelled Multi-Replica Merkle Hash Tree Based Secure Public Auditing for Dynamic Big Data Storage on Cloud , 2015, IEEE Transactions on Computers.

[12]  Chen Qian,et al.  H2Cloud: Maintaining the Whole Filesystem in an Object Storage Cloud , 2018, ICPP.

[13]  Changyu Dong,et al.  Betrayal, Distrust, and Rationality: Smart Counter-Collusion Contracts for Verifiable Cloud Computing , 2017, CCS.

[14]  Fabrizio Lamberti,et al.  Blockchain and Smart Contracts for Insurance: Is the Technology Mature Enough? , 2018, Future Internet.

[15]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[16]  Dongqing Xie,et al.  Secure Auditing and Deduplicating Data in Cloud , 2016, IEEE Transactions on Computers.

[17]  Huaqun Wang,et al.  Identity-Based Distributed Provable Data Possession in Multicloud Storage , 2015, IEEE Transactions on Services Computing.

[18]  Cong Wang,et al.  Dynamic Data Operations with Deduplication in Privacy-Preserving Public Auditing for Secure Cloud Storage , 2017, 22017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC).

[19]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, ASIACRYPT.

[20]  Kim-Kwang Raymond Choo,et al.  Privacy-preserving certificateless provable data possession scheme for big data storage on cloud , 2017, Appl. Math. Comput..

[21]  Navendu Jain,et al.  Understanding network failures in data centers , 2011, SIGCOMM 2011.

[22]  Josep Domingo-Ferrer,et al.  Efficient Remote Data Possession Checking in Critical Information Infrastructures , 2008, IEEE Transactions on Knowledge and Data Engineering.

[23]  Athanasios V. Vasilakos,et al.  SecCloud: Bridging Secure Storage and Computation in Cloud , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems Workshops.

[24]  Michael Devetsikiotis,et al.  Blockchains and Smart Contracts for the Internet of Things , 2016, IEEE Access.

[25]  Feng Hao,et al.  A Smart Contract for Boardroom Voting with Maximum Voter Privacy , 2017, IACR Cryptol. ePrint Arch..

[26]  Wei Jiang,et al.  Healthcare Data Gateways: Found Healthcare Intelligence on Blockchain with Novel Privacy Risk Control , 2016, Journal of Medical Systems.

[27]  Robert H. Deng,et al.  Outsourcing Service Fair Payment Based on Blockchain and Its Applications in Cloud Computing , 2018, IEEE Transactions on Services Computing.

[28]  Sangjin Lee,et al.  Digital forensic investigation of cloud storage services , 2012, Digit. Investig..

[29]  Hong Jiang,et al.  Public Auditing for Trusted Cloud Storage Services , 2019, IEEE Security & Privacy.

[30]  Joseph K. Liu,et al.  Security Concerns in Popular Cloud Storage Services , 2013, IEEE Pervasive Computing.

[31]  Ke Zeng,et al.  Publicly Verifiable Remote Data Integrity , 2008, ICICS.

[32]  Cong Wang,et al.  Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing , 2011, IEEE Transactions on Parallel and Distributed Systems.

[33]  Chengyu Hu,et al.  Towards dependable and trustworthy outsourced computing: A comprehensive survey and tutorial , 2019, J. Netw. Comput. Appl..