Results 1 - 10
of
43
Oruta: Privacy-Preserving Public Auditing for Shared Data in the Cloud
"... Abstract—With cloud storage services, it is commonplace for data to be not only stored in the cloud, but also shared across multiple users. However, public auditing for such shared data — while preserving identity privacy — remains to be an open challenge. In this paper, we propose the first privacy ..."
Abstract
-
Cited by 50 (4 self)
- Add to MetaCart
(Show Context)
Abstract—With cloud storage services, it is commonplace for data to be not only stored in the cloud, but also shared across multiple users. However, public auditing for such shared data — while preserving identity privacy — remains to be an open challenge. In this paper, we propose the first privacy-preserving mechanism that allows public auditing on shared data stored in the cloud. In particular, we exploit ring signatures to compute the verification information needed to audit the integrity of shared data. With our mechanism, the identity of the signer on each block in shared data is kept private from a third party auditor (TPA), who is still able to verify the integrity of shared data without retrieving the entire file. Our experimental results demonstrate the effectiveness and efficiency of our proposed mechanism when auditing shared data. Index Terms—Public auditing, privacy-preserving, shared data, cloud computing I.
Cooperative Provable Data Possession for Integrity Verification in Multi-Cloud Storage
- IEEE Trans. Parallel and Distributed Systems
, 2012
"... Abstract—Provable data possession (PDP) is a technique for ensuring the integrity of data in storage outsourcing. In this paper, we address the construction of an efficient PDP scheme for distributed cloud storage to support the scalability of service and data migration, in which we consider the exi ..."
Abstract
-
Cited by 22 (1 self)
- Add to MetaCart
Abstract—Provable data possession (PDP) is a technique for ensuring the integrity of data in storage outsourcing. In this paper, we address the construction of an efficient PDP scheme for distributed cloud storage to support the scalability of service and data migration, in which we consider the existence of multiple cloud service providers to cooperatively store and maintain the clients ’ data. We present a cooperative PDP (CPDP) scheme based on homomorphic verifiable response and hash index hierarchy. We prove the security of our scheme based on multiprover zero-knowledge proof system, which can satisfy completeness, knowledge soundness, and zero-knowledge properties. In addition, we articulate performance optimization mechanisms for our scheme, and in particular present an efficient method for selecting optimal parameter values to minimize the computation costs of clients and storage service providers. Our experiments show that our solution introduces lower computation and communication overheads in comparison with noncooperative approaches. Index Terms—Storage security, provable data possession, interactive protocol, zero-knowledge, multiple cloud, cooperative Ç 1
Public Auditing for Shared Data with Efficient User Revocation in the Cloud
"... Abstract—With data services in the cloud, users can easily modify and share data as a group. To ensure data integrity can be audited publicly, users need to compute signatures on all the blocks in shared data. Different blocks are signed by different users due to data modifications performed by diff ..."
Abstract
-
Cited by 18 (2 self)
- Add to MetaCart
(Show Context)
Abstract—With data services in the cloud, users can easily modify and share data as a group. To ensure data integrity can be audited publicly, users need to compute signatures on all the blocks in shared data. Different blocks are signed by different users due to data modifications performed by different users. For security reasons, once a user is revoked from the group, the blocks, which were previously signed by this revoked user must be re-signed by an existing user. The straightforward method, which allows an existing user to download the corresponding part of shared data and re-sign it during user revocation, is inefficient due to the large size of shared data in the cloud. In this paper, we propose a novel public auditing mechanism for the integrity of shared data with efficient user revocation in mind. By utilizing proxy re-signatures, we allow the cloud to re-sign blocks on behalf of existing users during user revocation, so that existing users do not need to download and re-sign blocks by themselves. In addition, a public verifier is always able to audit the integrity of shared data without retrieving the entire data from the cloud, even if some part of shared data has been re-signed by the cloud. Experimental results show that our mechanism can significantly improve the efficiency of user revocation. I.
An Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud Computing
"... Abstract—In cloud computing, data owners host their data on cloud servers and users (data consumers) can access the data from cloud servers. Due to the data outsourcing, however, this new paradigm of data hosting service also introduces new security challenges, which requires an independent auditing ..."
Abstract
-
Cited by 13 (0 self)
- Add to MetaCart
(Show Context)
Abstract—In cloud computing, data owners host their data on cloud servers and users (data consumers) can access the data from cloud servers. Due to the data outsourcing, however, this new paradigm of data hosting service also introduces new security challenges, which requires an independent auditing service to check the data integrity in the cloud. Some existing remote integrity checking methods can only serve for static archive data and thus cannot be applied to the auditing service since the data in the cloud can be dynamically updated. Thus, an efficient and secure dynamic auditing protocol is desired to convince data owners that the data are correctly stored in the cloud. In this paper, we first design an auditing framework for cloud storage systems and propose an efficient and privacy-preserving auditing protocol. Then, we extend our auditing protocol to support the data dynamic operations, which is efficient and provably secure in the random oracle model. We further extend our auditing protocol to support batch auditing for both multiple owners and multiple clouds, without using any trusted organizer. The analysis and simulation results show that our proposed auditing protocols are secure and efficient, especially it reduce the computation cost of the auditor.
Panda: Public Auditing for Shared Data with Efficient User Revocation in the Cloud
"... Abstract—With data storage and sharing services in the cloud, users can easily modify and share data as a group. To ensure shared data integrity can be verified publicly, users in the group need to compute signatures on all the blocks in shared data. Different blocks in shared data are generally sig ..."
Abstract
-
Cited by 9 (0 self)
- Add to MetaCart
(Show Context)
Abstract—With data storage and sharing services in the cloud, users can easily modify and share data as a group. To ensure shared data integrity can be verified publicly, users in the group need to compute signatures on all the blocks in shared data. Different blocks in shared data are generally signed by different users due to data modifications performed by different users. For security reasons, once a user is revoked from the group, the blocks which were previously signed by this revoked user must be re-signed by an existing user. The straightforward method, which allows an existing user to download the corresponding part of shared data and re-sign it during user revocation, is inefficient due to the large size of shared data in the cloud. In this paper, we propose a novel public auditing mechanism for the integrity of shared data with efficient user revocation in mind. By utilizing the idea of proxy re-signatures, we allow the cloud to re-sign blocks on behalf of existing users during user revocation, so that existing users do not need to download and re-sign blocks by themselves. In addition, a public verifier is always able to audit the integrity of shared data without retrieving the entire data from the cloud, even if some part of shared data has been re-signed by the cloud. Moreover, our mechanism is able to support batch auditing by verifying multiple auditing tasks simultaneously. Experimental results show that our mechanism can significantly improve the efficiency of user revocation. Index Terms—Public auditing, shared data, user revocation, cloud computing. 1
Susilo W.: ”On the security of auditing mechanisms for secure cloud storage”; Future Generation Comp
- Syst
"... h i g h l i g h t s • Identify a new kind of attack on secure cloud auditing protocols. • Show two identity privacy-preserving auditing mechanisms called Oruta and Knox are insecure against this new attack. • Discuss the security of a distributed storage integrity auditing mechanism in our attack. ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
h i g h l i g h t s • Identify a new kind of attack on secure cloud auditing protocols. • Show two identity privacy-preserving auditing mechanisms called Oruta and Knox are insecure against this new attack. • Discuss the security of a distributed storage integrity auditing mechanism in our attack. a r t i c l e i n f o a b s t r a c t Cloud computing is a novel computing model that enables convenient and on-demand access to a shared pool of configurable computing resources. Auditing services are highly essential to make sure that the data is correctly hosted in the cloud. In this paper, we investigate the active adversary attacks in three auditing mechanisms for shared data in the cloud, including two identity privacy-preserving auditing mechanisms called Oruta and Knox, and a distributed storage integrity auditing mechanism. We show that these schemes become insecure when active adversaries are involved in the cloud storage. Specifically, an active adversary can arbitrarily alter the cloud data without being detected by the auditor in the verification phase. We also propose a solution to remedy the weakness without sacrificing any desirable features of these mechanisms.
OPoR: Enabling proof of retrievability in cloud computing with resource-constrained devices,” accepted and to be publish in
- IEEE Transactions on Cloud Computing,
, 2014
"... Abstract-Cloud Computing moves the application software and databases to the centralized large data centers, where the management of the data and services may not be fully trustworthy. In this work, we study the problem of ensuring the integrity of data storage in Cloud Computing. To reduce the com ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
Abstract-Cloud Computing moves the application software and databases to the centralized large data centers, where the management of the data and services may not be fully trustworthy. In this work, we study the problem of ensuring the integrity of data storage in Cloud Computing. To reduce the computational cost at user side during the integrity verification of their data, the notion of public verifiability has been proposed. However, the challenge is that the computational burden is too huge for the users with resource-constrained devices to compute the public authentication tags of file blocks. To tackle the challenge, we propose OPoR, a new cloud storage scheme involving a cloud storage server and a cloud audit server, where the latter is assumed to be semi-honest. In particular, we consider the task of allowing the cloud audit server, on behalf of the cloud users, to pre-process the data before uploading to the cloud storage server and later verifying the data integrity. OPoR outsources the heavy computation of the tag generation to the cloud audit server and eliminates the involvement of user in the auditing and in the preprocessing phases. Furthermore, we strengthen the Proof of Retrievabiliy (PoR) model to support dynamic data operations, as well as ensure security against reset attacks launched by the cloud storage server in the upload phase.
Security and Verification of Data in Multi-Cloud Storage with Provable Data Possession
"... Data integrity verification is one of the biggest security issue in cloud. To check integrity of data Provable data possession is one of the method available. In this paper, we have created an efficient PDP method for distributed cloud storage, in which we multiple cloud service providers are mainta ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Data integrity verification is one of the biggest security issue in cloud. To check integrity of data Provable data possession is one of the method available. In this paper, we have created an efficient PDP method for distributed cloud storage, in which we multiple cloud service providers are maintaining and storing client’s data in cooperative way. This cooperatively working PDP method is based on indexing hierarchy & homomorphic variable response method. The security of our scheme is based on trusted third party auditor and structure of zero-awareness proof, which can fulfill reliability of awareness, completeness, and properties.
Available online:http://internationaljournalofresearch.org / P a g e | 48 Providing Security and Integrity of Public Data with Proficient User Revocation in the Cloud
"... With popularization of cloud services, multiple users easily share and update their data through cloud storage. For data integrity and security in the cloud storage, users in the group need to compute signatures on all the blocks in shared data, and due to data modifications performed by different u ..."
Abstract
- Add to MetaCart
With popularization of cloud services, multiple users easily share and update their data through cloud storage. For data integrity and security in the cloud storage, users in the group need to compute signatures on all the blocks in shared data, and due to data modifications performed by different users, different blocks are signed by different users. For security reasons, when a user is revoked from the group, the blocks which were previously signed by this revoked user must be re-signed by an existing user. The straightforward method, which allows an existing user to download the corresponding part of shared data and re-sign it during user revocation, is inefficient due to the large size of shared data in the cloud. In this paper, we propose the integrity of shared data with efficient user revocation in mind. By utilizing the idea of proxy re-signatures, we allow the cloud to re-sign blocks on behalf of existing users during user revocation, so that existing users do not need to download and re-sign blocks by themselves. In addition, a public verifier is always able to audit the integrity of shared data without retrieving the entire data from the cloud.
www.ijseat.com Page 556 Probity And Speculations Yielding Model For Multi Clouds
"... Cloud computing is a latest trend in present scenario. Cloud computing definitely makes sense if your own security is weak, missing features of understanding and privacy. The cloud acts as a big black box, nothing inside the cloud is visible to the clients.Clients have no idea or control over what h ..."
Abstract
- Add to MetaCart
Cloud computing is a latest trend in present scenario. Cloud computing definitely makes sense if your own security is weak, missing features of understanding and privacy. The cloud acts as a big black box, nothing inside the cloud is visible to the clients.Clients have no idea or control over what happens inside a cloud. Even if the cloud provider is honest, it can have malicious system admins who can tamper with the VMs and violate confidentiality and integrity. However cloud is not proving security,privacy,authentication because of retrievable problem.So In this paper we providing great integrity technique on clouds it solves the problem of retrivevable.our experimental results shows better and efficiency of clouds.