Hemalata A. Gosavi,Manish R. Umale

DOI: https://doi.org/10.14445/22315381/IJETT-V11P235

2014-05-24

Abstract:Cloud computing has been envisioned as the next generation architecture of IT Enterprise. Using Cloud Storage,users can remotely store their data and enjoy the on demand high quality applications and services from a shared pool of configurable computing resources, without the burden local copy data storage and maintenance. It moves the application of software data stored to the centralized large data centers, where the management of the data stored services may not be completely trusted. There are many new security challenges and the problems taken into account for ensuring the integrity of data storage in Cloud Computing. In particular, we consider the task of allowing a third party auditor (TPA) to perform verifies the integrity of the dynamic data stored in the cloud.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Cong Wang,Qian Wang,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/tc.2011.245

2013-01-01

Abstract:Cloud Computing is the long dreamed vision of computing as a utility, where users can remotely store their data into the cloud so as to enjoy the on-demand high quality applications and services from a shared pool of configurable computing resources. By data outsourcing, users can be relieved from the burden of local data storage and maintenance. However, the fact that users no longer have physical possession of the possibly large size of outsourced data makes the data integrity protection in Cloud Computing a very challenging and potentially formidable task, especially for users with constrained computing resources and capabilities. Thus, enabling public auditability for cloud data storage security is of critical importance so that users can resort to an external audit party to check the integrity of outsourced data when needed. To securely introduce an effective third party auditor (TPA), the following two fundamental requirements have to be met: 1) TPA should be able to efficiently audit the cloud data storage without demanding the local copy of data, and introduce no additional on-line burden to the cloud user; 2) The third party auditing process should bring in no new vulnerabilities towards user data privacy. In this paper, we utilize and uniquely combine the public key based homomorphic authenticator with random masking to achieve the privacy-preserving public cloud data auditing system, which meets all above requirements. To support efficient handling of multiple auditing tasks, we further explore the technique of bilinear aggregate signature to extend our main result into a multi-user setting, where TPA can perform multiple auditing tasks simultaneously. Extensive security and performance analysis shows the proposed schemes are provably secure and highly efficient.

Vamshi Adouth,Eswari Rajagopal

DOI: https://doi.org/10.1002/cpe.7690

2023-03-11

Concurrency and Computation: Practice and Experience

Abstract:Summary Cloud‐server is an effective and flexible way to manage the massive amounts of data produced by cyber‐physical systems. It is a better option to outsource these data to the cloud. When data is outsourced to the cloud, users lose control over it, compromising the data's integrity. Many public auditing schemes were proposed to address this issue, where trusted third‐party auditors (TPAs) verify the integrity of data on behalf of the users. However, trusted TPAs are vulnerable and may not provide correct auditing results on time. Moreover, there is no trust nowadays. Blockchain‐based auditing schemes were introduced to prevent trusted third parties from overcoming this issue. However, most blockchain‐based public auditing schemes suffer from the key‐escrow issue. To overcome the key‐escrow problem and malicious auditors, in this article, a blockchain‐based certificateless public auditing with privacy‐preserving for cloud‐based cyber‐physical systems is constructed. The proposed scheme is secure against type I, II, III, and IV adversaries in the random oracle model. Further, the original proof of the data is masked using a random function to achieve data privacy when data is transferred between the cloud‐server and verifier. The performance analysis shows that the proposed scheme has higher efficiency and is suitable for cyber‐physical systems.

computer science, theory & methods, software engineering

Meng Liu,Xuan Wang,Chi Yang,Zoe Lin Jiang,Ye Li

DOI: https://doi.org/10.1177/1550147716686579

IF: 1.938

2017-01-01

International Journal of Distributed Sensor Networks

Abstract:Nowadays, an increasing number of cloud users including both individuals and enterprises store their Internet of things data in cloud for benefits like cost saving. However, the cloud storage service is often regarded to be untrusted due to their loss of direct control over the data. Hence, it is necessary to verify the integrity of their data on cloud storage servers via a third party. In real cloud systems, it is very important to improve the performance of the auditing protocol. Hence, the well-designed and cost-effective auditing protocol is expected to meet with the performance requirement while the data size is very large in real cloud systems. In this article, we also propose an auditing protocol based on pairing-based cryptography, which can reduce the computation cost compared to the state-of-the-art third-party auditing protocol. Moreover, we also study how to determine the number of sectors to achieve the optimal performance of our auditing protocol in a case of the same challenged data. And an equation for computing the optimal number of sectors is proposed to further improve the performance of our auditing protocol. Both the mathematical analysis method and experiment results show that our solution is more efficient.

M. Omer Mushtaq,Furrakh Shahzad,M. Owais Tariq,Mahina Riaz,Bushra Majeed

DOI: https://doi.org/10.48550/arXiv.1702.07140

2017-02-23

Cryptography and Security

Abstract:There is a dynamic escalation and extension in the new infrastructure, educating personnel and licensing new computer programs in the field of IT, due to the emergence of Cloud Computing (CC) paradigm. It has become a quick growing segment of IT business in last couple of years. However, due to the rapid growth of data, people and IT firms, the issue of information security is getting more complex. One of the major concerns of the user is, at what degree the data is safe on Cloud? In spite of all promotional material encompassing the cloud, consortium customers are not willing to shift their business on the cloud. Data security is the major problem which has limited the scope of cloud computing. In new cloud computing infrastructure, the techniques such as the Strong Secure Shell and Encryption are deployed to guarantee the authenticity of the user through logs systems. The vendors utilize these logs to analyze and view their data. Therefore, this implementation is not enough to ensure security, privacy and authoritative use of the data. This paper introduces quad layered framework for data security, data privacy, data breaches and process associated aspects. Using this layered architecture we have preserved the secrecy of confidential information and tried to build the trust of user on cloud computing. This layered framework prevents the confidential information by multiple means i.e. Secure Transmission of Data, Encrypted Data and its Processing, Database Secure Shell and Internal/external log Auditing.

Chao Gai,Wenting Shen,Ming Yang,Ye Su

DOI: https://doi.org/10.3389/fenrg.2022.1058125

IF: 3.4

2023-01-17

Frontiers in Energy Research

Abstract:As the promising next generation power system, smart grid can collect and analyze the grid information in real time, which greatly improves the reliability and efficiency of the grid. However, as smart grid coverage expands, more and more data is being collected. To store and manage the massive amount of smart grid data, the data owners choose to upload the grid data to the cloud for storage and regularly check the integrity of their data. However, traditional public auditing schemes are mostly based on Public Key Infrastructure (PKI) or Identity Based Cryptography (IBC) system, which will lead to complicated certificate management and inherent key escrow problems. We propose a certificateless public auditing scheme for cloud-based smart grid data, which can avoid the above two problems. In order to prevent the disclosure of the private data collected by the smart grid during the phase of auditing, we use the random masking technology to protect data privacy. The security analysis and the performance evaluation show that the proposed scheme is secure and efficient.

energy & fuels

Lifei Wei,Haojin Zhu,Zhenfu Cao,Weiwei Jia,Athanasios V. Vasilakos

DOI: https://doi.org/10.1109/ICDCSW.2010.36

2010-01-01

Abstract:Cloud computing becomes a hot research topic in the recent years. In the cloud computing, software applications and databases are moved to the centralized large data centers, which is called cloud. In the cloud, due to lack of physical possession of the data and the machine, the data and computation may not be well managed and fully trusted by cloud users. Existing work on cloud security mainly focuses on cloud storage without taking computation security into consideration. In this paper, we propose SecCloud, a novel auditing scheme to secure cloud computing based on probabilistic sampling technique as well as designated verifier technique, which aims to consider secure data storage, computation and privacy preserving together. We also discuss how to optimize sampling size to minimize the auditing cost. Detailed analysis and simulations have demonstrated the effectiveness and efficiency of the proposed scheme.

Solomon Guadie Worku,Chunxiang Xu,Jining Zhao,Xiaohu He

DOI: https://doi.org/10.1016/j.compeleceng.2013.10.004

2014-01-01

Abstract:Cloud computing poses many challenges on integrity and privacy of users' data though it brings an easy, cost-effective and reliable way of data management. Hence, secure and efficient methods are needed to ensure integrity and privacy of data stored at the cloud. Wang et al. proposed a privacy-preserving public auditing protocol in 2010 but it is seriously insecure. Their scheme is vulnerable to attacks from malicious cloud server and outside attackers regarding to storage correctness. So they proposed a scheme in 2011 with an improved security guarantee but it is not efficient. Thus, in this paper, we proposed a scheme which is secure and with better efficiency. It is a public auditing scheme with third party auditor (TPA), who performs data auditing on behalf of user(s). With detail security analysis, our scheme is proved secure in the random oracle model and our performance analysis shows the scheme is efficient.

Xiong Li,Shanpeng Liu,Rongxing Lu,Muhammad Khurram Khan,Ke Gu,Xiaosong Zhang

DOI: https://doi.org/10.1109/JBHI.2022.3140831

IF: 7.7

2022-01-01

IEEE Journal of Biomedical and Health Informatics

Abstract:The booming Internet of Things makes smart healthcare a reality, while cloud-based medical storage systems solve the problems of large-scale storage and real-time access of medical data. The integrity of medical data outsourced in cloud-based medical storage systems has become crucial since only complete data can make a correct diagnosis, and public auditing protocol is a key technique to solve this problem. To guarantee the integrity of medical data and reduce the burden of the data owner, we propose an efficient privacy-preserving public auditing protocol for the cloud-based medical storage systems, which supports the functions of batch auditing and dynamic update of data. Detailed security analysis shows that our protocol is secure under the defined security model. In addition, we have conducted extensive performance evaluations, and the results indicate that our protocol not only remarkably reduces the computational costs of both the data owner and the third-party auditor (TPA), but also significantly improves the communication efficiency between the TPA and the cloud server. Specifically, compared with other related work, the computational cost of the TPA in our protocol is negligible and the data owner saves more than 2/3 of computational cost. In addition, as the number of challenged blocks increases, our protocol saves nearly 90% of communication overhead between the TPA and the cloud server.

Paromita Goswami,Neetu Faujdar,Ghanshyam Singh,Kanta Prasad Sharma,Ajoy Kumar Khan,Somen Debnath

DOI: https://doi.org/10.1109/access.2024.3389076

IF: 3.9

2024-04-30

IEEE Access

Abstract:Online cloud data storage is a rapidly growing pillar of the IT industry that offers data owners an array of attractive developments in highly sought-after online scalable storage services. Cloud users can easily access these services and have the flexibility to manage their process data effectively without worrying about the deployment or maintenance of personal storage devices. As a result, the number of cloud users has increased to purchase these convenient and cost-effective services, while Cloud Service Providers (CSP) are also rising to meet this demand for appealing cloud solutions.However, there is one major security issue related to outsourced data on shared cloud storage: its privacy and accuracy cannot be guaranteed as it may be vulnerable to unauthorized access by malicious insiders or hackers from outside sources. To address these issues, we suggest proposing a partial signature-based data auditing system so that both privacy and accuracy can be fortified while reducing the computational cost associated with auditing processes significantly. This system would involve using cryptographic techniques such as homomorphic encryption and hash functions, which would enable secure sharing between multiple parties while ensuring integrity checks on stored files at regular intervals for any potential tampering attempts made by external attackers or malicious insiders who may try to gain unauthorized access into confidential user information stored within cloud sites. Another benefit of the plan is that it supports dynamic operation on outsourced data. This research work may achieve the desired security qualities, according to the security analysis, and it is effective for real-world applications, as demonstrated by simulation outcomes of dynamic operations on various numbers of data blocks and sub-blocks.

computer science, information systems,telecommunications,engineering, electrical & electronic

Hui Tian,Fulin Nan,Chin-Chen Chang,Yongfeng Huang,Jing Lu,Yongqian Du

DOI: https://doi.org/10.1016/j.jnca.2018.12.004

IF: 7.574

2018-01-01

Journal of Network and Computer Applications

Abstract:With increasing popularity of fog-to-cloud based Internet of Things (IoT), how to ensure the integrity of IoT data outsourced in clouds has become one of the biggest security challenges. However, little effort has been put into addressing the problem. To fill this gap, this paper presents a tailor-made public auditing scheme for data storage in fog-to-cloud based IoT scenarios, which can achieve all indispensable performance and security requirements. Particularly, we design a tag-transforming strategy based on the bilinear mapping technique to convert the tags generated by mobile sinks to the ones created by the fog nodes in the phase of proof generation, which cannot only effectively protect the identity privacy, but also reduce the communication and computational costs in the verification phase; moreover, we present a zero-knowledge proof mechanism to verify the integrity of IoT data from various generators (e.g., mobile sinks and fog nodes) while achieving perfect data-privacy preserving. We formally prove the security of our scheme and evaluate its performance by theoretical analysis and comprehensive experiments. The results demonstrate that our scheme can efficiently achieve secure auditing for data storage in fog-to-cloud based IoT scenarios, and outperforms the straight-forward solution in communication and computational costs as well as energy consumption.

Hui Tian,Yuxiang Chen,Chin-Chen Chang,Hong Jiang,Yongfeng Huang,Yonghong Chen,Jin Liu

DOI: https://doi.org/10.1109/tsc.2015.2512589

IF: 11.019

2017-01-01

IEEE Transactions on Services Computing

Abstract:Cloud storage is an increasingly popular application of cloud computing, which can provide on-demand outsourcing data services for both organizations and individuals. However, users may not fully trust the cloud service providers (CSPs) in that it is difficult to determine whether the CSPs meet their legal expectations for data security. Therefore, it is critical to develop efficient auditing techniques to strengthen data owners’ trust and confidence in cloud storage. In this paper, we present a novel public auditing scheme for secure cloud storage based on dynamic hash table (DHT), which is a new two-dimensional data structure located at a third parity auditor (TPA) to record the data property information for dynamic auditing. Differing from the existing works, the proposed scheme migrates the authorized information from the CSP to the TPA, and thereby significantly reduces the computational cost and communication overhead. Meanwhile, exploiting the structural advantages of the DHT, our scheme can also achieve higher updating efficiency than the state-of-the-art schemes. In addition, we extend our scheme to support privacy preservation by combining the homomorphic authenticator based on the public key with the random masking generated by the TPA, and achieve batch auditing by employing the aggregate BLS signature technique. We formally prove the security of the proposed scheme, and evaluate the auditing performance by detailed experiments and comparisons with the existing ones. The results demonstrate that the proposed scheme can effectively achieve secure auditing for cloud storage, and outperforms the previous schemes in computation complexity, storage costs and communication overhead.

Xingjun Zhang,Wei Si

DOI: https://doi.org/10.1109/access.2020.2971630

IF: 3.9

2020-01-01

IEEE Access

Abstract:Fog-to-cloud computing has now become a new cutting-edge technique along with the rapid popularity of Internet of Things (IoT). Unlike traditional cloud computing, fog-to-cloud computing needs more entities to participate in, including mobile sinks and fog nodes except for cloud service provider (CSP). Hence, the integrity auditing in fog-to-cloud storage will also be different from that of traditional cloud storage. In the recent work of Tian et al., they took the first step to design public auditing system for fog-to-cloud computing. However, their scheme becomes very inefficient since they uses intricate public key cryptographic techniques, including bilinear mapping, proof of knowledge etc. In this paper, we design a general and more efficient auditing system based on MAC and HMAC, both of which are popular private key cryptographic techniques. By implementing MAC and HMAC, we give a concrete instantiation of our auditing system. Finally, the theoretical analysis and experiment results show that our proposed system has more efficiency in terms of communication and computational costs.

Gaimei Gao,Hongxia Fei,Zefeng Qin

DOI: https://doi.org/10.1002/cpe.5924

2020-07-18

Concurrency and Computation: Practice and Experience

Abstract:<p>Cloud storage is a mode of online storage in which data are stored on multiple virtual servers usually hosted by third parties. Cloud service providers manage and operate data storage as services. The major concern in cloud storage is the integrity of outsourced data. Many public auditing schemes which authorize the third party auditor (TPA) to check the integrity of outsourced data have been proposed. However, most of them are based on traditional public key cryptosystems. This paper proposes an efficient certificateless public auditing Scheme (CL‐PAS) in cloud storage. In the process of challenge and auditing, CL‐PAS ensures that malicious cloud servers cannot forge auditing evidences to deceive TPA to pass the verification, and prevents curious TPA from recovering original data from auditing evidences. So it strengthens privacy preserving. Security analysis shows that CL‐PAS scheme meets the predetermined security requirements. The simulation and performance analysis results show that, compared with similar schemes, CL‐PAS scheme has the higher efficiency.</p>

Jingwei Li,Jin Li,Dongqing Xie,Zhang Cai

DOI: https://doi.org/10.1109/tc.2015.2389960

2016-01-01

Abstract:As the cloud computing technology develops during the last decade, outsourcing data to cloud service for storage becomes an attractive trend, which benefits in sparing efforts on heavy data maintenance and management. Nevertheless, since the outsourced cloud storage is not fully trustworthy, it raises security concerns on how to realize data deduplication in cloud while achieving integrity auditing. In this work, we study the problem of integrity auditing and secure deduplication on cloud data. Specifically, aiming at achieving both data integrity and deduplication in cloud, we propose two secure systems, namely SecCloud and SecCloud(+). SecCloud introduces an auditing entity with a maintenance of a MapReduce cloud, which helps clients generate data tags before uploading as well as audit the integrity of data having been stored in cloud. Compared with previous work, the computation by user in SecCloud is greatly reduced during the file uploading and auditing phases. SecCloud(+) is designed motivated by the fact that customers always want to encrypt their data before uploading, and enables integrity auditing and secure deduplication on encrypted data.

Song Li,Jie Cui,Hong Zhong,Lu Liu

DOI: https://doi.org/10.3390/s17051032

IF: 3.9

2017-05-05

Sensors

Abstract:Wireless Body Sensor Networks (WBSNs) are gaining importance in the era of the Internet of Things (IoT). The modern medical system is a particular area where the WBSN techniques are being increasingly adopted for various fundamental operations. Despite such increasing deployments of WBSNs, issues such as the infancy in the size, capabilities and limited data processing capacities of the sensor devices restrain their adoption in resource-demanding applications. Though providing computing and storage supplements from cloud servers can potentially enrich the capabilities of the WBSNs devices, data security is one of the prevailing issues that affects the reliability of cloud-assisted services. Sensitive applications such as modern medical systems demand assurance of the privacy of the users&#x27; medical records stored in distant cloud servers. Since it is economically impossible to set up private cloud servers for every client, auditing data security managed in the remote servers has necessarily become an integral requirement of WBSNs&#x27; applications relying on public cloud servers. To this end, this paper proposes a novel certificateless public auditing scheme with integrated privacy protection. The multi-user model in our scheme supports groups of users to store and share data, thus exhibiting the potential for WBSNs&#x27; deployments within community environments. Furthermore, our scheme enriches user experiences by offering public verifiability, forward security mechanisms and revocation of illegal group members. Experimental evaluations demonstrate the security effectiveness of our proposed scheme under the Random Oracle Model (ROM) by outperforming existing cloud-assisted WBSN models.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Zaid Alaa Hussien,Zaid Ameen Abduljabbar,Mohammed Abdulridha Hussain,Mustafa A. Al Sibahee,Songfeng Lu,Hamid A. Al-Asadi

DOI: https://doi.org/10.1145/3331453.3361648

2019-01-01

Abstract:People have proposed many data integrity techniques to secure data storage in cloud. The majority of these schemes assume that only the owner of the data can modify their storage in cloud. In recent years, researchers have allowed different cloud users to use integrity assurance for modifying data. As a result, schemes with stronger reality than before have been proposed. Nevertheless, these attempts are impractical due to the large computing costs for cloud users. Clients must also perform numerous computations to ensure the integrity of data storage. A robust and efficient scheme is put forward in this study to maintain data integrity in cases that involve public auditing. In this way, multiuser modification can be used to check the public integrity for cloud data and reduce the auditing cost. The proposed scheme uses public key cryptography equipped with a proxy re-encryption and a cryptographic hash function. We allow a third-party auditor (TPA) to conduct preprocessing of data for the sake of cloud users prior to uploading these data to the cloud service providers (CSPs) and then verify the integrity of data. We also allow the TPA to perform re-encryption of data for sharing data without losing privacy. The scheme is characterised by significant security features, such as management of key, privacy, low-cost computation, exchange of key, freeing clients from burdens, failure of CSPs in creating right verifier response in absence of data and one-time key requirement. Numerical analysis and extensive experimental results verify that the proposed scheme is efficient and scalable.

Jingting Xue,Chunxiang Xu,Jining Zhao,Jianfeng Ma

DOI: https://doi.org/10.1007/s11432-018-9462-0

2019-01-01

Abstract:Cloud storage systems provide users with convenient data storage services, which allow users to access and update outsourced data remotely. However, these cloud storage services do not guarantee the integrity of the data that users store in the cloud. Thus, public auditing is necessary, in which a third-party auditor (TPA) is delegated to audit the integrity of the outsourced data. This system allows users to enjoy on-demand cloud storage services without the burden of continually auditing their data integrity. However, certain TPAs might deviate from the public auditing protocol and/or collude with the cloud servers. In this article, we propose an identity-based public auditing (IBPA) scheme for cloud storage systems. In IBPA, the nonces in a blockchain are employed to construct unpredictable and easily verified challenge messages, thereby preventing the forging of auditing results by malicious TPAs to deceive users. Users need only to verify the TPAs' auditing results in batches to ensure the integrity of their data that are stored in the cloud. A detailed security analysis shows that IBPA can preserve data integrity against various attacks. In addition, a comprehensive performance evaluation demonstrates that IBPA is feasible and efficient.

Hong Lei,Zijian Bao,Qinghao Wang,Yongxin Zhang,Wenbo Shi

DOI: https://doi.org/10.1007/978-981-15-9213-3_21

2020-01-01

Abstract:With the continuous growth of data resources, outsourcing data storage to cloud service providers is becoming the norm. Unfortunately, once data are stored on the cloud platform, they will be out of data owners’ control. Thus, it is critical to guarantee the integrity of the remote data. To solve this problem, researchers have proposed many data auditing schemes, which often employ a trusted role named Third Party Auditor (TPA) to verify the integrity. However, the TPA may not be reliable as expected. For example, it may collude with cloud service providers to hide the fact of data corruption for benefits. Blockchain has the characteristics of decentralization, non-tampering, and traceability, which provides a solution to trace the malicious behaviors of the TPA. Moreover, Intel SGX, as the popular trusted computing technology, can be used to protect the correctness of the auditing operations with a slight performance cost, which excellently serves as the of the blockchain-based solution. In this paper, we propose a secure auditing scheme based on the blockchain and Intel SGX technology, termed SDABS. The scheme follows the properties of storage correctness, data-preserving, accountability, and anti-collusion. The experiment results show that our scheme is efficient.

Hui Tian,Weiping Ye,Jia Wang,Hanyu Quan,Chin-Chen Chang

DOI: https://doi.org/10.1155/2023/3375823

IF: 8.993

2023-11-27

International Journal of Intelligent Systems

Abstract:In the context of healthcare 4.0, cloud-based eHealth is a common paradigm, enabling stakeholders to access medical data and interact efficiently. However, it still faces some serious security issues that cannot be ignored. One of the major challenges is the assurance of the integrity of medical data remotely stored in the cloud. To solve this problem, we propose a novel certificateless public auditing for medical data in the cloud (CPAMD), which can achieve efficient batch auditing without complicated certificate management and key escrow. Specifically, in our CPAMD, a new secure certificateless signature method is designed to generate tamper-proof data block tags; a manageable delegated data outsourcing mechanism is presented to reduce the burden of data maintenance on patients and achieve auditability of outsourcing behavior; and a privacy-preserving augmented verification strategy is proposed to provide comprehensive auditing of both medical data and its source information without compromising privacy. We perform formal security analysis and comprehensive performance evaluation for CPAMD. The results demonstrate that the presented scheme can provide better auditing security and more comprehensive auditing capabilities while achieving good performance comparable to state-of-the-art ones.

computer science, artificial intelligence