Authorized identity-based public cloud storage auditing scheme with hierarchical structure for large-scale user groups

Identity-based public cloud storage auditing schemes can check the integrity of cloud data, and reduce the complicated certificate management. In such a scheme, one Private Key Generator (PKG) is employed to authenticate the identity and generate private keys for all users, and one Third Party Auditor (TPA) is employed to by users to check the integrity of cloud data. This approach is undesirable for large-scale users since the PKG and the TPA might not be able to afford the heavy workload. To solve the problem, we give a hierarchical Private Key Generator structure for large-scale user groups, in which a root PKG delegates lower-level PKGs to generate private keys and authenticate identities. Based on the proposed structure, we propose an authorized identity-based public cloud storage auditing scheme, in which the lowest-level PKGs play the role of TPA, and only the authorized lowest-level PKGs can represent users in their domains to check cloud data's integrity. Furthermore, we give the formal security analysis and experimental results, which show that our proposed scheme is secure and efficient.

[1]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[2]  Jinjun Chen,et al.  Authorized Public Auditing of Dynamic Big Data Storage on Cloud with Efficient Verifiable Fine-Grained Updates , 2014, IEEE Transactions on Parallel and Distributed Systems.

[3]  Chunxiang Xu,et al.  Secure and efficient privacy-preserving public auditing scheme for cloud storage , 2014, Comput. Electr. Eng..

[4]  Cong Wang,et al.  Security Challenges for the Public Cloud , 2012, IEEE Internet Computing.

[5]  Huaqun Wang,et al.  Incentive and Unconditionally Anonymous Identity-Based Public Provable Data Possession , 2019, IEEE Transactions on Services Computing.

[6]  Shucheng Yu,et al.  Efficient public integrity checking for cloud data sharing with multi-user modification , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[7]  Wenting Shen,et al.  Enabling public auditing for shared data in cloud storage supporting identity privacy and traceability , 2016, J. Syst. Softw..

[8]  Karen S. Phillips,et al.  Enabling Cloud Storage Auditing With Verifiable Outsourcing of Key Updates , 2018 .

[9]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[10]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[11]  Jia Yu,et al.  Enabling secure auditing and deduplicating data without owner-relationship exposure in cloud storage , 2018, Cluster Computing.

[12]  Jia Yu,et al.  Strong Key-Exposure Resilient Auditing for Secure Cloud Storage , 2017, IEEE Transactions on Information Forensics and Security.

[13]  Josep Domingo-Ferrer,et al.  Identity-based remote data possession checking in public clouds , 2014, IET Inf. Secur..

[14]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[15]  M. Phil,et al.  PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING , 2015 .

[16]  Cong Wang,et al.  Enabling Efficient User Revocation in Identity-Based Cloud Storage Auditing for Shared Big Data , 2020, IEEE Transactions on Dependable and Secure Computing.

[17]  V. Goutham,et al.  Enabling Cloud Storage Auditing with Key Exposure Resistance , 2016 .

[18]  Salve Bhagyashri Salve Bhagyashri,et al.  Privacy-Preserving Public Auditing For Secure Cloud Storage , 2014 .

[19]  Shucheng Yu,et al.  Proofs of retrievability with public verifiability and constant communication cost in cloud , 2013, Cloud Computing '13.

[20]  Stephen S. Yau,et al.  Dynamic audit services for integrity verification of outsourced storages in clouds , 2011, SAC.