Certificateless Cloud Storage Auditing Supporting Data Ownership Transfer

Yinghui Huang,Wenting Shen,Jing Qin
DOI: https://doi.org/10.1016/j.cose.2024.103738
IF: 5.105
2024-01-26
Computers & Security
Abstract:Cloud storage auditing allows the data owner/verifier to check whether the cloud correctly stores data owners' data. In cloud storage auditing scenario, data ownership transfer is a non-negligible problem. However, the existing cloud storage auditing schemes supporting data ownership transfer suffer from complex certificate management issue or key escrow threat. Thus, how to realize data ownership transfer in cloud storage auditing while avoiding complex certificate management and key escrow is a challenge. To address the above challenge, we propose a certificateless cloud storage auditing scheme supporting data ownership transfer. We design a novel authenticator transformation method that is compatible with certificateless signature. When data ownership is transferred, the integrity of transferred data still can be verified by transforming the authenticators of the previous data owner into the valid authenticators of the new data owner. Furthermore, our scheme tackles the challenges of certificate management and key escrow. The security and effectiveness of our scheme are substantiated by the security analysis and the experimental results.
computer science, information systems
What problem does this paper attempt to address?