Results 1 - 10
of
18
Panda: Public Auditing for Shared Data with Efficient User Revocation in the Cloud
"... Abstract—With data storage and sharing services in the cloud, users can easily modify and share data as a group. To ensure shared data integrity can be verified publicly, users in the group need to compute signatures on all the blocks in shared data. Different blocks in shared data are generally sig ..."
Abstract
-
Cited by 9 (0 self)
- Add to MetaCart
(Show Context)
Abstract—With data storage and sharing services in the cloud, users can easily modify and share data as a group. To ensure shared data integrity can be verified publicly, users in the group need to compute signatures on all the blocks in shared data. Different blocks in shared data are generally signed by different users due to data modifications performed by different users. For security reasons, once a user is revoked from the group, the blocks which were previously signed by this revoked user must be re-signed by an existing user. The straightforward method, which allows an existing user to download the corresponding part of shared data and re-sign it during user revocation, is inefficient due to the large size of shared data in the cloud. In this paper, we propose a novel public auditing mechanism for the integrity of shared data with efficient user revocation in mind. By utilizing the idea of proxy re-signatures, we allow the cloud to re-sign blocks on behalf of existing users during user revocation, so that existing users do not need to download and re-sign blocks by themselves. In addition, a public verifier is always able to audit the integrity of shared data without retrieving the entire data from the cloud, even if some part of shared data has been re-signed by the cloud. Moreover, our mechanism is able to support batch auditing by verifying multiple auditing tasks simultaneously. Experimental results show that our mechanism can significantly improve the efficiency of user revocation. Index Terms—Public auditing, shared data, user revocation, cloud computing. 1
Efficient Dynamic Provable Possession of Remote Data via Balanced Update Trees
"... The emergence and availability of remote storage providers prompted work in the security community that allows a client to verify integrity and availability of the data she outsourced to an untrusted remove storage server at a relatively low cost. Most recent solutions to this problem allow the clie ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
The emergence and availability of remote storage providers prompted work in the security community that allows a client to verify integrity and availability of the data she outsourced to an untrusted remove storage server at a relatively low cost. Most recent solutions to this problem allow the client to read and update (insert, modify, or delete) stored data blocks while trying to lower the overhead associated with verifying data integrity. In this work we develop a novel and efficient scheme, computation and communication overhead of which is orders of magnitude lower than those of other state-of-the-art schemes. Our solution has a number of new features such as a natural support for operations on ranges of blocks, and revision control. The performance guarantees that we achieve stem from a novel data structure, termed balanced update tree, and removing the need to verify update operations.
CPAL: A Conditional Privacy-Preserving Authentication with Access Linkability for Roaming Service
"... Abstract—The roaming service enables mobile subscribers to access the Internet service anytime and anywhere, which can fulfill the requirement of ubiquitous access for the emerging paradigm of networking, e.g., the Internet of Things (IoT). In this paper, we propose a Conditional Privacy-preserving ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
Abstract—The roaming service enables mobile subscribers to access the Internet service anytime and anywhere, which can fulfill the requirement of ubiquitous access for the emerging paradigm of networking, e.g., the Internet of Things (IoT). In this paper, we propose a Conditional Privacy-preserving authen-tication with Access Linkability (CPAL) for roaming service, to provide universal secure roaming service and multi-level privacy preservation. CPAL provides an anonymous user linking function by utilizing a novel group signature technique, which can not only efficiently hide users ’ identities, but also enable the authorized entities to link all the access information of the same user without knowing the user’s real identity. Specifically, by using the master linking key possessed by the trust linking server, the authorized foreign network operators or service providers can link the access information from the user to improve its service, while
Enabling Cloud Storage Auditing With Key-Exposure Resistance
- IEEE Transactions on Information Forensics and Security
, 2015
"... Abstract-Cloud storage auditing is viewed as an important service to verify the integrity of the data in public cloud. Current auditing protocols are all based on the assumption that the client's secret key for auditing is absolutely secure. However, such assumption may not always be held, due ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Abstract-Cloud storage auditing is viewed as an important service to verify the integrity of the data in public cloud. Current auditing protocols are all based on the assumption that the client's secret key for auditing is absolutely secure. However, such assumption may not always be held, due to the possibly weak sense of security and/or low security settings at the client. If such a secret key for auditing is exposed, most of the current auditing protocols would inevitably become unable to work. In this paper, we focus on this new aspect of cloud storage auditing. We investigate how to reduce the damage of the client's key exposure in cloud storage auditing, and give the first practical solution for this new problem setting. We formalize the definition and the security model of auditing protocol with key-exposure resilience and propose such a protocol. In our design, we employ the binary tree structure and the pre-order traversal technique to update the secret keys for the client. We also develop a novel authenticator construction to support the forward security and the property of blockless verifiability. The security proof and the performance analysis show that our proposed protocol is secure and efficient.
On the Security of Three Public Auditing Schemes in Cloud Computing
"... Abstract Cloud computing provides a scalability environment for growing amounts of data and processes that work on various applications and services by means of on-demand self-services. It is necessary for cloud service provider to offer an efficient audit service to check the integrity and availab ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract Cloud computing provides a scalability environment for growing amounts of data and processes that work on various applications and services by means of on-demand self-services. It is necessary for cloud service provider to offer an efficient audit service to check the integrity and availability of the stored data in cloud. In this paper, we study three auditing schemes for stored data including the public auditing scheme with user revocation, the proxy provable data possession and the identity-based remote data possession checking. All three mechanisms claimed that their schemes satisfied the security property of correctness. It is regretful that this comment shows that an active adversary can arbitrary alter the cloud data to generate the valid auditing response which can pass the verification. Then, we discussed the origin of the security flaw and proposed methods to remedy the weakness. Our work can help cryptographers and engineers design and implement more secure and efficient auditing mechanism in the cloud.
Maintaining Integrity and Security for the Data Shared in the Cloud
"... ABSTRACT: Cloud computing platform provides global sharing and accessing of resources. Cloud offers data storage and sharing facilities that provides better scalability. Apart from the advantages offered by Cloud, it also finds difficulties in maintaining the integrity and security for the shared d ..."
Abstract
- Add to MetaCart
ABSTRACT: Cloud computing platform provides global sharing and accessing of resources. Cloud offers data storage and sharing facilities that provides better scalability. Apart from the advantages offered by Cloud, it also finds difficulties in maintaining the integrity and security for the shared data. Public auditing is a mechanism by which the integrity of data could be maintained so that the correctness of data could be verified thereafter. Even if the system could assure data correctness, there may be chances of some security threats. Security must be established for the data shared and one who shares it. So, for that a new form of signing method is to be developed for sharing the data to Cloud, which could verify whether the data is shared by an authenticated user or not. In this paper, we discuss about a system that helps to verify the integrity of data and also to make sure that, signatures are made by an authenticated signer.
Certificateless Public Auditing Protocol with Constant Verification Time
"... To provide the integrity of outsourced data in the cloud storage services, many public auditing schemes which allow a user to check the integrity of the outsourced data have been proposed. Since most of the schemes are constructed on Public Key Infrastructure (PKI), they suffer from several concern ..."
Abstract
- Add to MetaCart
To provide the integrity of outsourced data in the cloud storage services, many public auditing schemes which allow a user to check the integrity of the outsourced data have been proposed. Since most of the schemes are constructed on Public Key Infrastructure (PKI), they suffer from several concerns like management of certificates. To resolve the problems, certificateless public auditing schemes also have been studied in recent years. In this paper, we propose a certificateless public auditing scheme which has the constant-time verification algorithm. Therefore, our scheme is more efficient than previous certificateless public auditing schemes. To prove the security of our certificateless public auditing scheme, we first define three formal security models and prove the security of our scheme under the three security models.
Preserving Shared Data Integrity with Public Auditing Mechanism In Cloud
, 2016
"... ABSTRACT ..."
(Show Context)
Private Preserving Publically Checking for Shared Data in the Cloud Using Oruta
"... Abstract — As per the cloud data services, it is commonplace for data to be not only stored in the cloud, but also shared across multiple users. Unfortunately, the integrity of cloud data is subject to doubt about the truth of something due to the presence of hardware/software failures and human err ..."
Abstract
- Add to MetaCart
Abstract — As per the cloud data services, it is commonplace for data to be not only stored in the cloud, but also shared across multiple users. Unfortunately, the integrity of cloud data is subject to doubt about the truth of something due to the presence of hardware/software failures and human errors. Several mechanisms have been designed to allow both data owners and public verifiers to efficiently check the cloud data integrity without retrieving the entire data from the cloud server. In this paper, we propose a novel private-preserving mechanism that supports publically checking on shared data stored in the cloud. With our mechanism, the identity of the signer on each block in shared data is kept private from public verifiers, who are able to efficiently check the shared data integrity without retrieving the entire file. Our experimental results show the effectiveness and efficiency of our mechanism when checking shared data integrity. Index Terms—Public checking, private-preserving, shared data, cloud computing, Ring signature. 1
Pune,
"... The enhancement of cloud computing make storage outsourcing becomes an exceeding trend, which result a secure data auditing a cool topic that emerge in research literature. Recently some researches consider the problem of efficient and secure public data authentication inspection for shared dynamic ..."
Abstract
- Add to MetaCart
The enhancement of cloud computing make storage outsourcing becomes an exceeding trend, which result a secure data auditing a cool topic that emerge in research literature. Recently some researches consider the problem of efficient and secure public data authentication inspection for shared dynamic data. However, these schemes are still not secure against the collusion and leakage of cloud storage server from unauthorized attacker and revoked group users during user revocation in cloud storage system. In this paper, there will be auditing the integrity of shared data with dynamic groups in cloud. A new user can be added into the group and an existing group member can be revoked by preserving privacy including data backup based on vector commitment and verifier-local revocation group signature. This scheme supports the public validation and efficient user revocation and also some nice properties such as traceability, efficiency, confidently, countability. Finally, the security and experimental analysis show that our scheme is also secure and efficient.
