Ying Miao,Qiong Huang,Meiyan Xiao,Hongbo Li

DOI: https://doi.org/10.1109/ACCESS.2020.3013153

IF: 3.9

2020-01-01

IEEE Access

Abstract:Cloud storage systems provide a flexible, convenient and friendly way for users to outsource data. However, users lose control of their data once outsourcing them to the cloud. Public auditing was introduced to ensure data integrity, in which a third-party auditor (TPA) is delegated to execute auditing tasks. In general, TPA generates and sends challenge information to the cloud server (CS), which proves data possession accordingly. However, the TPA may not perform public auditing protocol honestly or may even collude with CS to deceive users. Some existing public auditing schemes utilize blockchain to resist against the malicious TPA. However, the CS may guess the challenge messages and there is a risk that users' information may be leaked to the TPA during the process of auditing. In this paper, we propose a decentralized and privacy-preserving public auditing scheme based on blockchain (DBPA), in which a blockchain is utilized as an unpredictable source for the generation of (random) challenge information, and the auditor is required to record the audit process onto the blockchain. Due to the characteristics of blockchain, users can check the audit results publicly. Moreover, zero-knowledge proof is used in DBPA to protect user's privacy during the audit process so that the response information returned by the CS does not leak information about user's data. Security analysis and performance evaluation show that DBPA is secure and efficient.

Jie Zhao,Hejiao Huang,Chonglin Gu,Zhongyun Hua,Xiaojun Zhang

DOI: https://doi.org/10.1109/jsyst.2021.3125835

IF: 4.802

2021-01-01

IEEE Systems Journal

Abstract:In real-world scenarios, in order to encourage one to report others crimes, judicial department usually rents independent cloud storage spaces to receive the precious evidences from whistleblowers. Since the uploaded data are not controlled by cloud users, remote data integrity is very important. Public cloud auditing enables an auditor to periodically check the integrity of outsourcing data on behalf of users, without retrieving the entire data file. However, most existing data auditing schemes have potential security vulnerabilities, and thus cannot defense many security attacks (e.g., the man-in-the-middle attack). Meanwhile, it is significant to protect whistleblowers identity privacy, reward the real data uploader, and further trace the responsibility of slanders accurately. From the aforementioned requirements, we present an efficient blockchain-assisted conditional anonymity privacy-preserving public auditing (BA-CAPPPA) scheme with reward mechanism. The Ethereum blockchain is integrated into BA-CAPPPA to enhance the security level of the whole public auditing mechanism. Theoretical analysis results show that the BA-CAPPPA achieves man-in-the-middle attack resistance, storage correctness guarantee, data privacy-preservation, conditional identity anonymity, and reward mechanism. Performance evaluations and comparisons demonstrate that BA-CAPPPA could outperform some state-of-the-art data auditing schemes.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Cong Wang,Qian Wang,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/tc.2011.245

2013-01-01

Abstract:Cloud Computing is the long dreamed vision of computing as a utility, where users can remotely store their data into the cloud so as to enjoy the on-demand high quality applications and services from a shared pool of configurable computing resources. By data outsourcing, users can be relieved from the burden of local data storage and maintenance. However, the fact that users no longer have physical possession of the possibly large size of outsourced data makes the data integrity protection in Cloud Computing a very challenging and potentially formidable task, especially for users with constrained computing resources and capabilities. Thus, enabling public auditability for cloud data storage security is of critical importance so that users can resort to an external audit party to check the integrity of outsourced data when needed. To securely introduce an effective third party auditor (TPA), the following two fundamental requirements have to be met: 1) TPA should be able to efficiently audit the cloud data storage without demanding the local copy of data, and introduce no additional on-line burden to the cloud user; 2) The third party auditing process should bring in no new vulnerabilities towards user data privacy. In this paper, we utilize and uniquely combine the public key based homomorphic authenticator with random masking to achieve the privacy-preserving public cloud data auditing system, which meets all above requirements. To support efficient handling of multiple auditing tasks, we further explore the technique of bilinear aggregate signature to extend our main result into a multi-user setting, where TPA can perform multiple auditing tasks simultaneously. Extensive security and performance analysis shows the proposed schemes are provably secure and highly efficient.

Vamshi Adouth,Eswari Rajagopal

DOI: https://doi.org/10.1002/cpe.7690

2023-03-11

Concurrency and Computation: Practice and Experience

Abstract:Summary Cloud‐server is an effective and flexible way to manage the massive amounts of data produced by cyber‐physical systems. It is a better option to outsource these data to the cloud. When data is outsourced to the cloud, users lose control over it, compromising the data's integrity. Many public auditing schemes were proposed to address this issue, where trusted third‐party auditors (TPAs) verify the integrity of data on behalf of the users. However, trusted TPAs are vulnerable and may not provide correct auditing results on time. Moreover, there is no trust nowadays. Blockchain‐based auditing schemes were introduced to prevent trusted third parties from overcoming this issue. However, most blockchain‐based public auditing schemes suffer from the key‐escrow issue. To overcome the key‐escrow problem and malicious auditors, in this article, a blockchain‐based certificateless public auditing with privacy‐preserving for cloud‐based cyber‐physical systems is constructed. The proposed scheme is secure against type I, II, III, and IV adversaries in the random oracle model. Further, the original proof of the data is masked using a random function to achieve data privacy when data is transferred between the cloud‐server and verifier. The performance analysis shows that the proposed scheme has higher efficiency and is suitable for cyber‐physical systems.

computer science, theory & methods, software engineering

Han Wang,Xu An Wang,Shuai Xiao,JiaSen Liu

DOI: https://doi.org/10.1007/s12652-020-02432-x

IF: 3.662

2020-08-06

Journal of Ambient Intelligence and Humanized Computing

Abstract:The rapid popularization of cloud computing and ultra-high-speed Internet has promoted the vigorous development of data sharing and collaborative office, especially in Big Data and AI. Aiming at protecting the security of users' data, researchers developed PDP scheme to verify data. However, existing schemes all rely on semi-trusted Third Party Auditor (TPA) or group management to store verification information. In order to solve this problem, we propose a distributed data integrity audit scheme based on blockchain. This scheme provides a brand-new method, which allows customers to store data safely without relying on any specific TPA and protect users' privacy at a lower cost. For the new concept, this paper points out the problems of the existing scheme and puts forward system model and security model. Then, a decentralized data integrity audit scheme using blockchain is designed. The proposed private PDP scheme based on blockchain is provably secure. At the same time, the security analysis and efficiency analysis show that the proposed PDP scheme is safe, efficient and practical.

computer science, information systems,telecommunications, artificial intelligence

Yilin Yuan,Jianbiao Zhang,Wanshan Xu,Zheng Li

DOI: https://doi.org/10.1002/cpe.6735

2021-12-09

Concurrency and Computation: Practice and Experience

Abstract:With the popularity of cloud computing, cloud storage technology has also been widely used. Among them, data integrity verification is a hot research topic. At present, the realization of public auditing has become the development trend of integrity verification. Most existing public auditing schemes rarely consider some indispensable functions at the same time. Thus, in this article, we propose a comprehensive public auditing scheme (PDBPA) that can simultaneously support data privacy protection, data dynamics, and multi‐user batch auditing. To guarantee privacy protection during the audit process, our PDBPA design a new method of constructing audit proof, which combines random masking techniques and bilinear properties of bilinear pairing. Not only can it ensure that TPA performs audits correctly, but it can also prevent it from exploring the user's sensitive data. In addition, by utilizing the modified dynamic hash table, which is a novel and small two‐dimensional data structure, data dynamics can be effectively achieved. Furthermore, we provide a detailed process for the third‐party auditors to perform batch audits for multiple users. Moreover, we give the detailed and rigorous security analysis in defending against forgery attack, replace attack, and replay attack. Performance evaluations demonstrate that our PDBPA scheme is effective and feasible.

Yang Zhen,Wang Wenyu,Huang Yongfeng,Li Xing

DOI: https://doi.org/10.1049/cje.2018.02.017

IF: 1.019

2019-01-01

Chinese Journal of Electronics

Abstract:Cloud data confidentiality need to be audited for the data owner’s concern. Confidentiality auditing is usually based on logging schemes, whereas cloud data dynamics and sharing group dynamics result in massive logs, which makes confidentiality auditing a formidable task for user with limited resources. So we propose a public auditing scheme for data confidentiality,in which user resorts to a Third-party auditor（TPA）for auditing. Our scheme design a special log called attestation in which hash user pseudonym is used to preserve user privacy. Attestation-based data access identifying is presented in our scheme which brings no new vulnerabilities toward data confidentiality and no extra online burden for user. We further support accountability of responsible user for data leakage based on user pseudonym. Extensive security and performance analysis compare our scheme with existing auditing schemes.Results indicate that the proposed scheme is provably secure and highly efficient.

Yining Qi,Yubo Luo,Yongfeng Huang,Xing Li

DOI: https://doi.org/10.32604/iasc.2023.030191

2023-01-01

Abstract:Cloud storage has been widely used to team work or cooperation development.Data owners set up groups, generating and uploading their data to cloud storage, while other users in the groups download and make use of it, which is called group data sharing.As all kinds of cloud service, data group sharing also suffers from hardware/software failures and human errors.Provable Data Possession (PDP) schemes are proposed to check the integrity of data stored in cloud without downloading.However, there are still some unmet needs lying in auditing group shared data.Researchers propose four issues necessary for a secure group shared data auditing: public verification, identity privacy, collusion attack resistance and traceability.However, none of the published work has succeeded in achieving all of these properties so far.In this paper, we propose a novel blockchain-based ring signature PDP scheme for group shared data, with an instance deployed on a cloud server.We design a linkable ring signature method called Linkable Homomorphic Authenticable Ring Signature (LHARS) to implement public anonymous auditing for group data.We also build smart contracts to resist collusion attack in group auditing.The security analysis and performance evaluation prove that our scheme is both secure and efficient.

Yapeng Miao,Ying Miao,Xuexue Miao

DOI: https://doi.org/10.1002/cpe.8285

2024-09-29

Concurrency and Computation Practice and Experience

Abstract:Summary Cloud storage provides a convenient way of collaboration and sharing. An increasing number of users are becoming more open to sharing their data with others. Consequently, the integrity of shared data has started to draw significant attention due to the loss control of it. Remote data integrity techniques can solve this problem. To resist the collusion between the third party auditor and the cloud server, existing integrity auditing schemes utilize blockchain to replace the third party auditor to do some work. However, these schemes still involve collusion between the third party auditor and the miners and cannot guarantee the third party auditor to execute the auditing process honestly. Considering this, we propose a blockchain‐based transparent and certificateless data integrity auditing scheme. Specifically, we design the smart contract combining the commitment technology to generate the challenge information and record the auditing information. Besides, we combine certificateless cryptography and the blind technology to achieve the privacy‐preserving. The proposed scheme can resist collusion, improve the transparency of the auditing process, protect the data privacy and reduce the overhead of certificate management and key management. The security analysis and performance evaluation demonstrate the security and efficiency of the scheme.

computer science, theory & methods, software engineering

Haoming Wang,Yuanhang Zhang,Xu An Wang,Xiaoyuan Yang

DOI: https://doi.org/10.1016/j.heliyon.2024.e36273

IF: 3.776

2024-08-20

Heliyon

Abstract:With the rapid development of informatization, a vast amount of data is continuously generated and accumulated, leading to the emergence of cloud storage services. However, data stored in the cloud is beyond the control of users, posing various security risks. Cloud data auditing technology enables the inspection of data integrity in the cloud without the necessity of data downloading. Among these, public auditing schemes have experienced rapid development due to their ability to avoid additional user auditing expenses. However, malicious third-party auditors can compromise data privacy. This paper proposes an improved identity-based cloud auditing scheme that can resist malicious auditors. This scheme is also constructed on an identity-based public auditing scheme using blockchain to prevent malicious auditing. We found the scheme is not secure because a malicious cloud server can forge authentication tags for outsourced data blocks, while our scheme has not these security flaws. Through security proofs and performance analysis, we further demonstrate that our scheme is secure and efficient. Additionally, our scheme has typical application scenarios.

Hao Wang,Hong Qin,Minghao Zhao,Xiaochao Wei,Hua Shen,Willy Susilo

DOI: https://doi.org/10.1016/j.ins.2020.01.051

IF: 8.1

2020-01-01

Information Sciences

Abstract:Cloud storage plays an important role in today’s cloud ecosystem. Increasingly clients tend to outsource their data to the cloud. In spite of its copious advantages, integrity has always been a significant issue. The audit method is commonly used to ensure integrity in cloud scenarios. However, traditional auditing schemes expect a third-party auditor (TPA), which is not always available in the real world. Also, the former scheme implies a limited pay-as-you-go service, as it requires the client to pay for the service in advance. In this paper, we aim to address the aforementioned drawback by adopting blockchain to replace TPA and designing a blockchain-based fair payment smart contract for public cloud storage auditing. In our system, data owner and cloud service provider (CSP) will run a blockchain-based smart contract. The contract ensures that the CSP is required to submit data possession proof regularly. The CSP gets paid only if the verification is passed; otherwise, it gets no remuneration but has to pay the penalties. To reduce the number of interactions in the execution of contract, we present the notion of non-interactive public provable data possession and design a blockchain-based smart contract for public cloud storage auditing based on this primitive.

Cheng Zhang,Yang Xu,Yupeng Hu,Jiajing Wu,Ju Ren,Yaoxue Zhang

DOI: https://doi.org/10.1109/tcc.2021.3057771

IF: 5.697

2022-01-01

IEEE Transactions on Cloud Computing

Abstract:Network storage services have benefited countless users worldwide due to the notable features of convenience, economy and high availability. Since a single service provider is not always reliable enough, more complex multi-cloud storage systems are developed for mitigating the data corruption risk. While a data auditing scheme is still needed in multi-cloud storage to help users confirm the integrity of their outsourced data. Unfortunately, most of the corresponding schemes rely on trusted institutions such as the centralized third-party auditor (TPA) and the cloud service organizer, and it is difficult to identify malicious service providers after service disputes. Therefore, we present a blockchain-based multi-cloud storage data auditing scheme to protect data integrity and accurately arbitrate service disputes. We not only introduce the blockchain to record the interactions among users, service providers, and organizers in data auditing process as evidence, but also employ the smart contract to detect service dispute, so as to enforce the untrusted organizer to honestly identify malicious service providers. We also use the blockchain network and homomorphic verifiable tags to achieve the low-cost batch verification without TPA. Theoretical analyses and experiments reveal that the scheme is effective in multi-cloud environments and the cost is acceptable.

Rahul Mishra,Dharavath Ramesh,Damodar Reddy Edla,Munesh Chandra Trivedi

DOI: https://doi.org/10.1007/s10586-021-03508-9

2022-01-27

Cluster Computing

Abstract:Cloud storage offers users to manage their remote data more efficiently. However, it comes with the threat of severe security concerns, i.e., integrity. Public auditing models have been intensively researched with the growing importance of data integrity. These public auditing models employed a third-party auditor (TPA) to check the integrity of stored data on behalf of users. However, these models are susceptible to procrastinating auditors who may not conduct the scheduled auditing on time. Therefore, this paper introduces a blockchain-based methodology to employ a certificateless public auditing model against malicious and procrastinating auditors with efficient user revocation to address these issues. It enables the storage of immutable time-stamped auditing results as a transaction on the blockchain. So, the users can verify whether TPA performs the auditing task on the scheduled time. This model supports efficient batch auditing in multiple cloud servers without an additional trusted organizer. A formal security analysis guarantees the computational intractability and the performance analysis illustrates the feasibility and practicability of the model.

Xiuyuan Chen,Chao Lin,Wei Wu,Debiao He

DOI: https://doi.org/10.1093/comjnl/bxae001

2024-01-27

The Computer Journal

Abstract:Abstract Cloud storage has been widely used in remote data management, although correct storage of the outsourced file is still challenging in practice. Proofs of Retrievability (PoRs), a storage-oriented cryptographic tool, support integrity checking and efficient retrieval of the file. However, due to the lack of a fully credible oversight mechanism or a serious dependence on a trusted third party, most PoRs are incapable of achieving essential and straightforward trust between participants (i.e. the client and server). While blockchain shows promise in solving this trust issue, existing blockchain-based storage systems are scenario-constrained as they require private/permissioned or special-construct blockchains. Consequently, none of these systems provide robust and decentralized trustworthiness. We propose a general Blockchain-based Automatic Audit (BAA) scheme for PoR without limitations based on specific blockchain types. Specifically, we present BAA via stitching together a carefully designed or chosen array of sub-components such as storage proofs and Turing-complete smart contracts. We also integrate BAA with specific PoR models to prove its strong generality and availability. To our best knowledge, our proposal is the first blockchain-based approach that enhances traditional PoR models with both automatic audit and fair payment. The final analysis and implemented prototype on Ethereum demonstrate the utility of BAA.

computer science, information systems, theory & methods, software engineering, hardware & architecture

Jiahao Jiang,Xiao Tan,Lidong Han,Qi Xie,Shengbao Wang

DOI: https://doi.org/10.1109/access.2023.3295248

IF: 3.9

2023-01-01

IEEE Access

Abstract:We propose a credible alliance-chain-based public auditing scheme (CACPA) to properly address the trust problem of third-party auditor (TPA) in the traditional audit scheme for cloud storage. Based on the non-tamperability and traceability of blockchain, we design a novel incentive mechanism to enforce honest and reliable behaviors of TPA. The basic idea is to organize TPA as a group of blockchain nodes conducting mutual surveillance. Any behavior of a TPA node will be inspected by other nodes to maintain good reputation of the group, and malicious behaviors will bring severe punishments. Accordingly, we develop system model of the proposed CACPA, as well as smart contracts to deal with transactions-related issues, such as dispute resolution. Finally, performance evaluation validates that our scheme enjoys acceptable efficiency and suits for real-world applications.

computer science, information systems,telecommunications,engineering, electrical & electronic

Hong Lei,Zijian Bao,Qinghao Wang,Yongxin Zhang,Wenbo Shi

DOI: https://doi.org/10.1007/978-981-15-9213-3_21

2020-01-01

Abstract:With the continuous growth of data resources, outsourcing data storage to cloud service providers is becoming the norm. Unfortunately, once data are stored on the cloud platform, they will be out of data owners’ control. Thus, it is critical to guarantee the integrity of the remote data. To solve this problem, researchers have proposed many data auditing schemes, which often employ a trusted role named Third Party Auditor (TPA) to verify the integrity. However, the TPA may not be reliable as expected. For example, it may collude with cloud service providers to hide the fact of data corruption for benefits. Blockchain has the characteristics of decentralization, non-tampering, and traceability, which provides a solution to trace the malicious behaviors of the TPA. Moreover, Intel SGX, as the popular trusted computing technology, can be used to protect the correctness of the auditing operations with a slight performance cost, which excellently serves as the of the blockchain-based solution. In this paper, we propose a secure auditing scheme based on the blockchain and Intel SGX technology, termed SDABS. The scheme follows the properties of storage correctness, data-preserving, accountability, and anti-collusion. The experiment results show that our scheme is efficient.

Yongliang Xu,Chunhua Jin,Wenyu Qin,Jie Zhao,Guanhua Chen,Fugeng Zeng

DOI: https://doi.org/10.1016/j.sysarc.2023.103053

IF: 5.836

2023-12-17

Journal of Systems Architecture

Abstract:Public auditing enables data owners to entrust a third-party auditor (TPA) to perform auditing tasks periodically. To resist malicious TPAs, a plethora of blockchain-based public auditing mechanisms have been proposed. However, existing schemes cannot effectively mitigate single point of failure and collusion between TPAs and miners. These schemes are burdened by significant wastage of storage resources due to the presence of redundant data. In this paper, we propose a blockchain-based decentralized auditing scheme supporting ciphertext deduplication (BDACD). BDACD leverages a decentralized blockchain, which takes over the role traditionally played by a centralized TPA. A decentralized autonomous organization is incorporated to enhance resistance against collusion attacks. By integrating advanced ciphertext deduplication techniques, BDACD effectively mitigates storage overhead. Furthermore, we introduce a novel concept, T-Merkle hash tree, along with a corresponding search algorithm. This innovation significantly enhances blockchain storage utilization and enables efficient half-interval searches within a block. To ensure accountability and fairness, a smart contract is employed to establish an arbitration mechanism. This mechanism serves a dual purpose: penalizing any malevolent actions by cloud servers and providing adequate compensation to data owners whose data integrity has been compromised. Detailed security analysis and performance evaluation demonstrate BDACD has desirable security and efficiency.

computer science, software engineering, hardware & architecture

Yilin Yuan,Jianbiao Zhang,Wanshan Xu,Zheng Li

DOI: https://doi.org/10.1007/s11227-021-04193-6

IF: 3.3

2022-01-10

The Journal of Supercomputing

Abstract:Almost all existing data integrity verification schemes upload outsourced files and tags set to the CSP simultaneously. Thus, in this paper, we provide a novel idea to construct the integrity verification scheme via blockchain. The construction of the proposed scheme is based on identity-based encryption (IBE) which avoids the complex certificate management caused by the public key infrastructure (PKI). Our scheme decides to upload tags set to the blockchain to achieve the separate storage of the tags set and files. The characteristics of the blockchain determine that the tags set will not be forged. But separate storage may cause the information returned by the three parties participating in the public auditing to be out of sync; thus, a small data structure—audit log is introduced to solve this problem. The advantages of audit log can not only guarantee the correct and smooth implementation of the proposed scheme, but also prove the TPA’s innocence when necessary. Moreover, the security of our scheme is strictly proved. Finally, a series of performance evaluations demonstrate that our scheme is efficient and feasible.

computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

S. M. Udhaya Sankar,D. Selvaraj,G.K. Monica,Jeevaa Katiravan

DOI: https://doi.org/10.14445/22315381/IJETT-V71I3P204

2023-04-24

Abstract:With the help of a shared pool of reconfigurable computing resources, clients of the cloud-based model can keep sensitive data remotely and access the apps and services it offers on-demand without having to worry about maintaining and storing it locally. To protect the privacy of the public auditing system that supports the cloud data exchange system. The data's owner has the ability to change it using the private key and publishes it in the cloud. The RSA Technique is used to produce key codes for the cloud services atmosphere's privacy utilizing the system's baseboard number, disc number, and client passcode for validation. The method is based on a cutting-edge User End Generated (UEG) privacy technique that minimizes the involvement of a third party and improves security checks by automatically documenting destructive activities. To strengthen extensibility, various authorization-assigning modalities and block access patterns were established together with current operational design approaches. In order to meet the demands for decentralization, fine-grained auditability, extensibility, flexibility, and privacy protection for multilevel data access in networked environments, the suggested approach makes use of blockchain technology. According to a thorough performance and security assessment, the current proposal is exceptionally safe and effective.

Cryptography and Security

Yang Xu,Ju Ren,Yan Zhang,Cheng Zhang,Bo Shen,Yaoxue Zhang

DOI: https://doi.org/10.1109/tsc.2019.2953033

IF: 11.019

2019-01-01

IEEE Transactions on Services Computing

Abstract:The maturity of network storage technology drives users to outsource local data to remote servers. Since these servers are not reliable enough for keeping users' data, remote data auditing mechanisms are studied for mitigating the threat to data integrity. However, many traditional schemes achieve verifiable data integrity for users only without resolutions to data possession disputes, while others depend on centralized third-party auditors (TPAs) for credible arbitrations. Recently, the emergence of blockchain technology promotes inspiring countermeasures. In this article, we propose a decentralized arbitrable remote data auditing scheme for network storage service based on blockchain techniques. We use a smart contract to notarize integrity metadata of outsourced data recognized by users and servers on the blockchain, and also utilize the blockchain network as the self-recording channel for achieving non-repudiation verification interactions. We also propose a fairly arbitrable data auditing protocol with the support of the commutative hash technique, defending against dishonest provers and verifiers. Additionally, a decentralized adjudication mechanism is implemented by using the smart contract technique for creditably resolving data possession disputes without TPAs. The theoretical analysis and experimental evaluation reveal its effectiveness in undisputable data auditing and the limited requirement of costs.