Secure provenance: the essential of bread and butter of data forensics in cloud computing

Secure provenance that records ownership and process history of data objects is vital to the success of data forensics in cloud computing, yet it is still a challenging issue today. In this paper, to tackle this unexplored area in cloud computing, we proposed a new secure provenance scheme based on the bilinear pairing techniques. As the essential bread and butter of data forensics and post investigation in cloud computing, the proposed scheme is characterized by providing the information confidentiality on sensitive documents stored in cloud, anonymous authentication on user access, and provenance tracking on disputed documents. With the provable security techniques, we formally demonstrate the proposed scheme is secure in the standard model.

[1]  Thomas L. Sterling,et al.  A High-Performance Computing Forecast: Partly Cloudy , 2009, Computing in Science & Engineering.

[2]  Brent Waters,et al.  Full-Domain Subgroup Hiding and Constant-Size Group Signatures , 2007, Public Key Cryptography.

[3]  Xiaodong Lin,et al.  SPARK: A New VANET-Based Smart Parking Scheme for Large Parking Lots , 2009, IEEE INFOCOM 2009.

[4]  T. H. Tse,et al.  A Tale of Clouds: Paradigm Comparisons and Some Thoughts on Research Issues , 2008, 2008 IEEE Asia-Pacific Services Computing Conference.

[5]  Dan Boneh,et al.  Short Signatures Without Random Oracles and the SDH Assumption in Bilinear Groups , 2008, Journal of Cryptology.

[6]  Marianne Winslett,et al.  Introducing secure provenance: problems and challenges , 2007, StorageSS '07.

[7]  Yong Zhao,et al.  Cloud Computing and Grid Computing 360-Degree Compared , 2008, GCE 2008.

[8]  Pin-Han Ho,et al.  ECPP: Efficient Conditional Privacy Preservation Protocol for Secure Vehicular Communications , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[9]  Xiaohui Liang,et al.  Short Group Signature Without Random Oracles , 2007, ICICS.

[10]  Zhenfu Cao,et al.  Efficient Password-Based Authentication and Key Exchange Scheme Preserving User Privacy , 2006, WASA.

[11]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[12]  Pin-Han Ho,et al.  GSIS: A Secure and Privacy-Preserving Protocol for Vehicular Communications , 2007, IEEE Transactions on Vehicular Technology.

[13]  Prashant Pandey,et al.  Cloud computing , 2010, ICWET.

[14]  Lori M. Kaufman,et al.  Data Security in the World of Cloud Computing , 2009, IEEE Security & Privacy.

[15]  Clifford A. Lynch,et al.  When documents deceive: Trust and provenance as new factors for information retrieval in a tangled web , 2001, J. Assoc. Inf. Sci. Technol..

[16]  Xiaodong Lin,et al.  SPRING: A Social-based Privacy-preserving Packet Forwarding Protocol for Vehicular Delay Tolerant Networks , 2009, 2010 Proceedings IEEE INFOCOM.

[17]  Hakan Erdogmus,et al.  Cloud Computing: Does Nirvana Hide behind the Nebula? , 2009, IEEE Softw..

[18]  Jeffrey M. Voas,et al.  Cloud Computing: New Wine or Just a New Bottle? , 2009, IT Professional.

[19]  Victor Shoup,et al.  OAEP Reconsidered , 2001, CRYPTO.

[20]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.