Liping Qiao,Yanping Li,Feng Wang,Bo Yang

DOI: https://doi.org/10.1016/j.adhoc.2022.102906

IF: 4.816

2022-08-01

Ad Hoc Networks

Abstract:With the increase of smart devices, edge computing is becoming a new computing paradigm that coexist with centralized cloud computing to process data distributed at the edge of the network. Based on this new paradigm, app vendors can store data replicas on geographically distributed edge servers to serve surrounding users to reduce access delay. However, since edge servers have limited storage space and computing ability, these edge data are vulnerable to various corruption. Therefore, how to efficiently audit the integrity of edge data has become an urgent problem to be solved. To tackle the Edge Data Integrity (EDI) problem, we propose a lightweight auditing scheme, namely EDI-SA. Firstly, inspired by the shuffle algorithm and the bucket sorting algorithm, we propose an improved sampling algorithm, which is a new lightweight challenge block sampling method. Secondly, based on algebraic signature, EDI-SA can achieve efficient aggregation verification and the signature computation cost is independent of the number of data blocks, which greatly reduces the computation overhead of app vendors and edge servers. Thirdly, EDI-SA supports batch auditing and provable dynamic update, app vendors can also uniquely locate the corrupted edge data. Finally, security and performance analyses demonstrate the security and effectiveness of EDI-SA.

computer science, information systems,telecommunications

Yan Ding,Yanping Li,Wenjie Yang,Kai Zhang

DOI: https://doi.org/10.1016/j.sysarc.2022.102560

IF: 5.836

2022-07-01

Journal of Systems Architecture

Abstract:With the rapid development of 5G technology and wireless networks, new applications such as VR/AR-based immersive online games have developed rapidly. These applications are very sensitive to network delays. To address the time delay of data transfer, the vendors of these delay-sensitive applications often deploy data replicas on edge servers to provide users with a low-latency application experience. However, the edge computing environment is highly distributed and dynamic, which makes the data replicas stored on edge servers often face intentional or unintentional damage. In addition, the computing resources of edge servers are very limited compared to cloud servers. Therefore, how to efficiently audit the integrity of data replicas stored on a large number of edge servers becomes an urgent problem to be solved. This paper first designs a data integrity verification scheme called EDI-DA in edge environment to help application vendors to check the integrity of data replicas stored on distributed edge servers. Then, we extend EDI-DA to allow application vendors to verify the integrity of different edge data replicas simultaneously, i.e., our EDI-DA supports batch auditing of multiple original data. Next, we propose an improved data structure I-SLT based on which EDI-DA supports full data dynamics, including insertion, deletion and modification. Finally, security and performance analyses indicate the security and practicability of our EDI-DA.

computer science, software engineering, hardware & architecture

Bo Li,Qiang He,Feifei Chen,Hai Jin,Yang Xiang,Yun Yang

DOI: https://doi.org/10.1109/tcc.2021.3059448

IF: 5.697

2021-01-01

IEEE Transactions on Cloud Computing

Abstract:In the edge computing environment, app vendors can cache their data on a large number of geographically distributed edge servers to serve their users. However, those cached data are particularly vulnerable to both intentional and accidental corruption, which makes data security a major concern in the EC environment. Given limited computing resources of edge servers, how to effectively and efficiently inspect those data over tremendous edge servers is a critical and open problem. To tackle this edge data integrity (EDI) problem, we first study the entities, threats, system objectives, and the inspection mechanism, then propose a novel approach named EDI-S for inspecting the integrity of edge data and localizing the corrupted ones. Based on the elliptic curve cryptography, EDI-S generates one digital signature as the integrity proof for each replica. Then, multiple integrity proofs can be inspected altogether via an aggregate verification. This allows the integrity of tremendous cache data on multiple edge servers can be inspected more efficiently. EDI-S also provides two methods for localizing the corrupted data on edge servers, one for small-scale scenarios and the other for large-scale scenarios. Both theoretical analysis and experimentally evaluation demonstrate that EDI-S can solve the EDI problem effectively and efficiently.

computer science, information systems, theory & methods

Guangming Cui,Qiang He,Bo Li,Xiaoyu Xia,Feifei Chen,Hai Jin,Yang Xiang,Yun Yang

DOI: https://doi.org/10.1109/tsc.2021.3090173

IF: 11.019

2022-01-01

IEEE Transactions on Services Computing

Abstract:The new edge computing paradigm extends cloud computing by allowing service vendors to deploy their service instances and data on distributed edge servers to serve their service users in close geographic proximity to those edge servers. Caching edge data on edge servers profoundly reduces the retrieval latency perceived by users. However, these edge data are subject to corruption due to intentional and/or accidental exceptions. This is a major challenge for service vendors but has been overlooked. Thus, verifying the integrity of edge data accurately and efficiently is a critical security problem in the edge computing environment. A unique characteristic of the edge computing environment is that edge servers suffer from constrained computing capacities. Thus, verifying data integrity on massive edge servers individually is computationally expensive and impractical. In this paper, we tackle this Edge Data Integrity (EDI) problem with an inspection and corruption localization scheme for EDI named ICL-EDI. This scheme allows service vendors to inspect data integrity and localize corrupted edge data cached on multiple edge servers accurately and efficiently. To evaluate its performance, we implement ICL-EDI and conduct extensive experiments to demonstrate its effectiveness and efficiency.

computer science, information systems, software engineering

Bo Li,Qiang He,Feifei Chen,Hai Jin,Yang Xiang,Yun Yang

DOI: https://doi.org/10.1109/tpds.2020.3043755

IF: 5.3

2021-05-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Edge computing allows app vendors to deploy their applications and relevant data on distributed edge servers to serve nearby users. Caching data on edge servers can minimize users' data retrieval latency. However, such cache data are subject to both intentional and accidental corruption in the highly distributed, dynamic, and volatile edge computing environment. Given a large number of edge servers and their limited computing resources, how to effectively and efficiently audit the integrity of app vendors' cache data is a critical and challenging problem. This article makes the first attempt to tackle this Edge Data Integrity (EDI) problem. We first analyze the threat model and the audit objectives, then propose a lightweight sampling-based probabilistic approach, namely EDI-V, to help app vendors audit the integrity of their data cached on a large scale of edge servers. We propose a new data structure named variable Merkle hash tree (VMHT) for generating the integrity proofs of those data replicas during the audit. VMHT can ensure the audit accuracy of EDI-V by maintaining sampling uniformity. EDI-V allows app vendors to inspect their cache data and locate the corrupted ones efficiently and effectively. Both theoretical analysis and comprehensively experimental evaluation demonstrate the efficiency and effectiveness of EDI-V.

computer science, theory & methods,engineering, electrical & electronic

Dongdong Yue,Ruixuan Li,Yan Zhang,Wenlong Tian,Yongfeng Huang

DOI: https://doi.org/10.1016/j.jpdc.2020.06.007

IF: 4.542

2020-12-01

Journal of Parallel and Distributed Computing

Abstract:<p>With the popularity of the Internet of Things (IoT), data integrity verification in the edge cloud storage attracts attentions from many researchers. Due to the over dependence of the Third Party Auditor (TPA) and the dynamical nature of the IoT data, the traditional data integrity verification framework for cloud storage can hardly work. To satisfy the characteristics of the IoT and avoid the over dependence of the TPA, we propose a blockchain-based framework without TPA for data integrity verification in a decentralized edge-cloud storage (ECS) scenario in this paper. In our framework, we employ the Merkle tree with random challenging numbers for data integrity verification and analyze different Merkle tree structures to optimize the system performance. To solve the problem of limited resources and high real-time requirements, we further propose sampling verification and develop rational sampling strategies to make sampling verification more effective. The overhead and precision of the verification in ECS are studied by an optimal sample size strategy. Finally, a prototype system is implemented based on our framework and we conduct a series of experiments to evaluate the effectiveness of the proposed schemes. The experimental results show that our schemes can effectively improve the performance of data integrity verification.</p>

computer science, theory & methods

Cong Wang,Qian Wang,Kui Ren,Ning Cao,Wenjing Lou

DOI: https://doi.org/10.1109/tsc.2011.24

IF: 11.019

2011-01-01

IEEE Transactions on Services Computing

Abstract:Cloud storage enables users to remotely store their data and enjoy the on-demand high quality cloud applications without the burden of local hardware and software management. Though the benefits are clear, such a service is also relinquishing users' physical possession of their outsourced data, which inevitably poses new security risks toward the correctness of the data in cloud. In order to address this new problem and further achieve a secure and dependable cloud storage service, we propose in this paper a flexible distributed storage integrity auditing mechanism, utilizing the homomorphic token and distributed erasure-coded data. The proposed design allows users to audit the cloud storage with very lightweight communication and computation cost. The auditing result not only ensures strong cloud storage correctness guarantee, but also simultaneously achieves fast data error localization, i.e., the identification of misbehaving server. Considering the cloud data are dynamic in nature, the proposed design further supports secure and efficient dynamic operations on outsourced data, including block modification, deletion, and append. Analysis shows the proposed scheme is highly efficient and resilient against Byzantine failure, malicious data modification attack, and even server colluding attacks.

Lejun Zhang,Minghui Peng,Weizheng Wang,Zilong Jin,Yansen Su,Huiling Chen

DOI: https://doi.org/10.1002/ett.4315

IF: 3.6

2021-06-06

Transactions on Emerging Telecommunications Technologies

Abstract:<p>With the rapid development of Internet of Things (IoT) technology, IoT devices have been widely used to collect physiological health data and provide diversified services to the terminal users. However, traditional data storage and sharing scheme cloud computing based in IoT face many challenges. For example, IoT devices are usually resource-constrained (storage, computing power, battery capacity, etc.), data signed by IoT devices to ensure data integrity and authenticity will consume a lot of computing resources of IoT devices. At the same time, there is the challenge of high latency and unsafe data storage and sharing. To overcome these challenges, we propose a secure and efficient data storage and sharing scheme for blockchain-based mobile-edge computing. In our scheme, we construct the unique signature private key in a region into multiple key shares. IoT devices only need to submit the data and the random key shares allocated to the edge node. Edge node uses the recovered signature private key to realize data signature and homomorphic encryption. At the same time, the edge node will process timely data and return to the user. For data that need to be uploaded to the cloud for analysis, we use backup uploads to avoid data floods. Through experiments, it was found that our scheme can not only realize low-latency message response for the terminal users, but also realize anonymous identity verification while ensuring data integrity and authenticity. The key shares of the signature private key are stored in different blocks of the blockchain to improve fault tolerance. The content extraction signature algorithm ensures that the key shares stored in different blocks are publicly verifiable. Safety analysis and performance analysis verify the feasibility and effectiveness of our scheme.</p>

telecommunications

Zhang Lejun,Peng Minghui,Su Shen,Wang Weizheng,Jin Zilong,Su Yansen,Chen Huiling,Guo Ran,Sergey Gataullin

DOI: https://doi.org/10.23919/jcc.fa.2021-0815.202403

2024-04-02

China Communications

Abstract:With the rapid development of information technology, IoT devices play a huge role in physiological health data detection. The exponential growth of medical data requires us to reasonably allocate storage space for cloud servers and edge nodes. The storage capacity of edge nodes close to users is limited. We should store hotspot data in edge nodes as much as possible, so as to ensure response timeliness and access hit rate; However, the current scheme cannot guarantee that every sub-message in a complete data stored by the edge node meets the requirements of hot data; How to complete the detection and deletion of redundant data in edge nodes under the premise of protecting user privacy and data dynamic integrity has become a challenging problem. Our paper proposes a redundant data detection method that meets the privacy protection requirements. By scanning the cipher text, it is determined whether each sub-message of the data in the edge node meets the requirements of the hot data. It has the same effect as zero-knowledge proof, and it will not reveal the privacy of users. In addition, for redundant sub-data that does not meet the requirements of hot data, our paper proposes a redundant data deletion scheme that meets the dynamic integrity of the data. We use Content Extraction Signature (CES) to generate the remaining hot data signature after the redundant data is deleted. The feasibility of the scheme is proved through safety analysis and efficiency analysis.

telecommunications

Qinghang Gao,Jianmao Xiao,Yuanlong Cao,Shuiguang Deng,Chuying Ouyang,Zhiyong Feng

DOI: https://doi.org/10.1186/s13677-023-00452-4

2023-01-01

Journal of Cloud Computing

Abstract:The rise of 5G technology has driven the development of edge computing. Computation offloading is the key and challenging point in edge computing, which investigates offloading resource-intensive computing tasks from the user side to the cloud or edge side for processing. More consideration needs to be given to load balancing, user variability, and the heterogeneity of edge facilities in relevant research. In addition, most of the research around edge collaboration also revolves around cloud-side collaboration, which pays relatively little attention to the collaboration process between edge nodes, and the incentive and trust issues of the collaboration process need to be addressed. In this paper, we consider the impact of the user demand variability and the edge facility heterogeneity, then propose a method based on Vickrey-Clarke-Groves (VCG) auction theory to accommodate the edge demand response (EDR) process where the number of users and service facilities do not match. The method makes users’ bidding rules satisfy the Nash equilibrium and weakly dominant strategy, which can improve the load balancing of edge nodes, has positive significance in improving the edge resource utilization and reducing the system energy consumption. In particular, combined with blockchain, we further optimize the incentive and trust mechanism of edge collaboration and consider three scenarios: no collaboration, internal collaboration, and incentive collaboration. We also consider the impact of the user task’s transmission distance on the quality of experience (QoE). In addition, we illustrate the possible forking attack of blockchain in collaborative edge computing and propose a solution. We test the performance of the proposed algorithm on a real-world dataset, and the experimental results verify the algorithm’s effectiveness and the edge collaboration’s necessity.

Yi Li,Jian Shen,Pandi Vijayakumar,Chin-Feng Lai,Audithan Sivaraman,Pradip Kumar Sharma

DOI: https://doi.org/10.1109/tce.2024.3368206

2024-01-01

IEEE Transactions on Consumer Electronics

Abstract:Distributed and resilient machine learning (DRML) endues next-generation consumer electronics with AI function. Intuitively, AI provides innovative, humanized, convenient applications based on the data extended by next-generation consumer electronics. Cloud-edge computing is an ideal undertaken architecture of DRML due to its distributed property. However, as one of the core elements driving AI applications, data could be lost or corrupted owing to damaged electronics, unstable communication, and even cloud providers’ malicious behavior. It is essential to ensure the data integrity of next-generation electronics before AI applications. To this end, we proposed a privacy-protection distributed data auditing scheme for cloud-edge DRML. An efficient data integrity verification method that only uses algebraic operation is constructed. Then, Function Secret Share (FSS) extends the data integrity verification method to protect consumer privacy. Besides, a consensus for data auditing results is designed among the edge servers. Finally, we present an abundance of theoretical analyses and experimental findings to substantiate and validate the efficiency and effectiveness of our proposed scheme.

telecommunications,engineering, electrical & electronic

Dwivedi, Amit Kumar

DOI: https://doi.org/10.1007/s11277-024-11094-3

IF: 2.017

2024-05-15

Wireless Personal Communications

Abstract:Dynamic outsourced data managed by an untrusted third party is prone to integrity violation. Data auditing is a well-known posterior mechanism to detect integrity violations. Existing integrity auditing schemes are centralized and take significant computation, storage, or communication cost at the data owner. Recently, a distributed auditing scheme involving three parties: the data owner, storage server, and end-users, is proposed. However, it uses redundant failure reports for a corrupt file increases the storage, computation, and communication costs. Also, the low-configured end-users may avoid auditing tasks for efficiency reasons. This paper proposes a secure and efficient distributed auditing scheme for outsourced data that utilizes blockchain and edge computing. The blockchain securely stores distinct failure reports, while edge nodes handle local auditing tasks. The scheme is compared with the existing distributed auditing scheme and found to be secure, and more efficient in terms of computational cost at the data owner and communication cost used by the scheme participants.

telecommunications

Qian Wang,Kui Ren,Wenjing Lou,Yanchao Zhang

DOI: https://doi.org/10.1145/1993042.1993051

2011-01-01

ACM Transactions on Sensor Networks

Abstract:Recently, distributed data storage has gained increasing popularity for efficient and robust data management in wireless sensor networks (WSNs). The distributed architecture makes it challenging to build a highly secure and dependable yet lightweight data storage system. On the one hand, sensor data are subject to not only Byzantine failures, but also dynamic pollution attacks, as along the time the adversary may modify/pollute the stored data by compromising individual sensors. On the other hand, the resource-constrained nature of WSNs precludes the applicability of heavyweight security designs. To address the challenge, in this article we propose a novel dependable and secure data storage scheme with dynamic integrity assurance. Based on the principle of secret sharing and erasure coding, we first propose a hybrid share generation and distribution scheme to achieve reliable and fault-tolerant initial data storage by providing redundancy for original data components. To further dynamically ensure the integrity of the distributed data shares, we then propose an efficient data integrity verification scheme exploiting the techniques of algebraic signature and spot-checking. The proposed scheme enables individual sensors to verify in one protocol execution the correctness of all the pertaining data shares simultaneously in the absence of the original data. Extensive security analysis shows that the proposed scheme has strong resistance against various data pollution attacks. The efficiency of the scheme is demonstrated by experiments on sensor platforms Tmote Sky and iMote2.

Cong Wang,Qian Wang,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/iwqos.2009.5201385

2009-01-01

Abstract:Cloud computing has been envisioned as the next-generation architecture of IT enterprise. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, cloud computing moves the application software and databases to the large data centers, where the management of the data and services may not be fully trustworthy. This unique attribute, however, poses many new security challenges which have not been well understood. In this article, we focus on cloud data storage security, which has always been an important aspect of quality of service. To ensure the correctness of users' data in the cloud, we propose an effective and flexible distributed scheme with two salient features, opposing to its predecessors. By utilizing the homomorphic token with distributed verification of erasure-coded data, our scheme achieves the integration of storage correctness insurance and data error localization, i.e., the identification of misbehaving server (s). Unlike most prior works, the new scheme further supports secure and efficient dynamic operations on data blocks, including: data update, delete and append. Extensive security and performance analysis shows that the proposed scheme is highly efficient and resilient against Byzantine failure, malicious data modification attack, and even server colluding attacks.

Liang Yuan,Qiang He,Feifei Chen,Jun Zhang,Lianyong Qi,Xiaolong Xu,Yang Xiang,Yun Yang

DOI: https://doi.org/10.1109/tpds.2021.3131680

IF: 5.3

2022-08-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Multi-access Edge Computing (MEC), as an extension of cloud computing, provides storage resources at the network edge to enable low-latency data retrieval for users. Due to limited physical sizes and constrained storage resources, individual edge servers cannot store a large amount of data when operating independently. They often need to offload data to other edge servers to serve users collaboratively. Operated by different edge infrastructure providers, edge servers usually work in a distrusted environment. Incentive and trust are the two main challenges in facilitating collaborative edge storage. This article proposes CSEdge, a novel decentralized system that tackles these challenges to enable collaborative edge storage based on blockchain. On CSEdge, edge servers can submit data offloading requests for others to contend for. Winners are selected based on their reputations. They will store the offloaded data and receive rewards for successfully finishing data offloading tasks. Via a distributed consensus, their performance will be recorded on blockchain for future reputation evaluation. A prototype of CSEdge is built on Hyperledger Sawtooth and experimentally evaluated against a baseline system and two start-of-the-art systems in a simulated MEC environment. The results demonstrate that CSEdge can effectively and efficiently facilitate collaborative edge storage among edge servers.

computer science, theory & methods,engineering, electrical & electronic

Lei Xu,Xingliang Yuan,Zhengxiang Zhou,Cong Wang,Chungen Xu

DOI: https://doi.org/10.1109/tsc.2021.3111208

IF: 11.019

2021-01-01

IEEE Transactions on Services Computing

Abstract:Edge computing brings data computation and storage closer to the mobile device to save response time for decision making. After being processed at the edge, commonly the data will be uploaded to the cloud for further enriched analysis. For privacy concerns, local devices may encrypt the collected data before sending it to the cloud server. However, this treatment increases the server&#x27;s processing time and makes it hard to pick out the desired data. In this article, to address this problem, we design an encrypted data validation scheme, which enables the edge to clean the encrypted data to be uploaded. Because edge computing encompasses numerous edge devices from different service providers, we explore the public-key cryptographic mechanism to implement our secure data validation scheme. Considering potential risks from quantum computers, we propose to leverage ideal lattice to realize our protocol, which reaches better performance in both time and storage for edge devices. Extensive evaluation results show that our proposed proposal achieves considerable performance improvements in terms of communication and computation aspects. Particularly, compared to prior work, nearly 123×-238× speed up is achieved in our key derivation procedure and the storage cost of the secret key is reduced from 547MB to 1.7MB.

computer science, information systems, software engineering

Tian Wang,Yaxin Mei,Xuxun Liu,Jin Wang,Hong-Ning Dai,Zhijian Wang

DOI: https://doi.org/10.1016/j.sysarc.2020.101971

IF: 5.836

2021-03-01

Journal of Systems Architecture

Abstract:<p>The explosive generation of Internet of Things (IoT) data calls for cloud service providers (CSP) to further provide more secure and reliable transmission, storage, and management services. This requirement, however, goes against the honest and curious nature of CSP, to the extent that existing methods introduce the third-party audit (TPA) to check data security in the cloud. TPA solves the problem of unreliable CSP but puts a heavy burden on lightweight users because of the sheer amount of the pre-audit data processing work. In this paper, we establish an audit model based on a designed binary tree assisted by edge computing, which provides computing capability for the resource-constrained terminals. The data pre-processing task is offloaded to the edge, which reduces computing load and improves the efficiency of task processing. We propose an improved correlation mechanism between data blocks and nodes on the binary tree so that all nodes on the binary tree can be fully utilized while existing methods use only leaf nodes and thus are required to establish multiple binary trees. Moreover, to improve audit efficiency, the binary tree in the audit process is designed to be self-balanced. In experiments, we compare our methods with the traditional method and experimental results show that the proposed mechanism is more effective to store and manage big data, which is conducive to providing users with more secure IoT services.</p>

computer science, software engineering, hardware & architecture

Xutong Jiang,Guoming Zhang,Hao Tian,Haolong Xiang,Xuyun Zhang,Wanchun Dou

DOI: https://doi.org/10.1109/icpads60453.2023.00345

2023-01-01

Abstract:Edge computing has emerged as a transformative paradigm with applications ranging from IoT to smart homes and transportation systems. However, its decentralized nature presents significant challenges in securing sensitive data, particularly in scenarios involving data sharing. To address these issues, this paper introduces a secure data access control system for edge computing by leveraging blockchain to foster mutual trust among edge servers and employing attribute-based encryption for secure data sharing. Our proposed solution seeks to enhance data security in distributed environments. We validate our method through practical experiments conducted on multiple edge servers, confirming its effectiveness in safeguarding data integrity and privacy.

Yang Ming,Chenhao Wang,Hang Liu,Yi Zhao,Jie Feng,Ning Zhang,Weisong Shi

DOI: https://doi.org/10.1109/jiot.2022.3150042

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:As the rapid proliferation of Internet of Things (IoT) and edge computing, large amounts of data are needed to be stored and transmitted in the online storage system. Data deduplication can be adopted to improve communication efficiency and minimize storage space. However, in edge computing, data deduplication brings security and functionality requirements that are still unsatisfied. Most existing schemes are vulnerable to brute-force attacks and single-point attacks. Moreover, they impose a heavy burden on resource-constrained edge nodes and do not support cross-domain deduplication. Blockchain is a promising technology because the programmable smart contract can be utilized to perform cross-domain deduplication and guarantee the traceability of data. In this article, an efficient dynamic cross-domain deduplication scheme in blockchain-enabled edge computing is proposed to solve the above problems. Specifically, the smart contract is employed to assist cross-domain deduplication, which also can reduce the storage pressure of edge nodes. Meanwhile, a hash proof system-based oblivious pseudorandom function is created to reduce the time cost of key generation and achieve the security requirements of resistance to brute-force attacks and single-point attacks. The technology of accumulators is adopted to achieve Proofs of Ownership (PoO), which can prevent duplicate-faking attacks. The security analysis demonstrates that the proposed scheme has a higher security level. The performance evaluation shows that the proposed scheme significantly reduces computation cost and communication overhead, compared with other existing schemes. The smart contract is implemented in the Ethereum test network (i.e., Rinkeby), which shows acceptable gas cost even the functions are called frequently.

computer science, information systems,telecommunications,engineering, electrical & electronic

Guangjun Liu,Wangmei Guo,Ximeng Liu,Jinbo Xiong

DOI: https://doi.org/10.1155/2021/6652606

IF: 1.968

2021-04-21

Security and Communication Networks

Abstract:Enabling remote data integrity checking with failure recovery becomes exceedingly critical in distributed cloud systems. With the properties of a lower repair bandwidth while preserving fault tolerance, regenerating coding and network coding (NC) have received much attention in the coding-based storage field. Recently, an outstanding outsourced auditing scheme named NC-Audit was proposed for regenerating-coding-based distributed storage. The scheme claimed that it can effectively achieve lightweight privacy-preserving data verification remotely for these networked distributed systems. However, our algebraic analysis shows that NC-Audit can be easily broken due to a potential defect existing in its schematic design. That is, an adversarial cloud server can forge some illegal blocks to cheat the auditor with a high probability when the coding field is large. From the perspective of algebraic security, we propose a remote data integrity checking scheme RNC-Audit by resorting to hiding partial critical information to the server without compromising system performance. Our evaluation shows that the proposed scheme has significantly lower overhead compared to the state-of-the-art schemes for distributed remote data auditing.

computer science, information systems,telecommunications