[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ Skip to main content

Advertisement

Springer Nature Link
Log in

Privacy-preserving auditing scheme for shared data in public clouds

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Recent advances in cloud storage have enabled users to outsource large amounts of data to a remote cloud server in order to reduce storage and management costs, and share files among many users in a group. However, how to efficiently audit the integrity of shared data while maintaining data privacy and user identity anonymity, is still a critical issue. We propose a novel public auditing scheme for data stored in a remote cloud server and shared among users in a large group. In particular, the proposed scheme incorporates group signature, homomorphic message authentication code to create data block tags, so that it can support public auditing and provide user identity anonymity. Furthermore, we use the random masking technique in the proposed scheme to preserve data privacy from the third-party auditor. The correctness and security analyses demonstrate that the proposed scheme is correct and provably secure under a robust security model. The performance evaluation and experimental results show that the proposed scheme is efficient while maintaining the desirable security properties.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (United Kingdom)

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Selvaraj A, Sundararajan S (2015) Survey on public auditability to ensure data integrity in cloud storage. Int J Comput Appl 37(3–4):102–110

    Google Scholar 

  2. Garg N, Bawa S (2016) Comparative analysis of cloud data integrity auditing protocols. J Netw Comput Appl 66:17–32

    Article  Google Scholar 

  3. El-Dein RE, Youssef B, ElGamal S (2016) Content auditing in the cloud environment. Data Min Knowl Eng 8(10):311–317

    Google Scholar 

  4. Cisco Global Cloud Index Cisco (2014) Forecast and methodology, 2013–2018. Cited on, page 23

  5. Xue L, Ni J, Li Y, Shen J (2017) Provable data transfer from provable data possession and deletion in cloud storage. Comput Stand Interfaces 54:46–54

    Article  Google Scholar 

  6. Ho T-H, Yen L-H, Tseng C-C (2015) Simple-yet-efficient construction and revocation of group signatures. Int J Found Comput Sci 26(5):611–624

    Article  MathSciNet  Google Scholar 

  7. Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peterson Z, Song D (2007) Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security. ACM, pp 598–609

  8. Shacham H, Waters B (2008) Compact proofs of retrievability. In: International Conference on the Theory and Application of Cryptology and Information Security. Springer, pp 90–107

  9. Boneh D, Lynn B, Shacham H (2004) Short signatures from the weil pairing. J Cryptol 17(4):297–319

    Article  MathSciNet  Google Scholar 

  10. Bellare M, Rogaway P (1993) Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security. ACM, pp 62–73

  11. Wang C, Chow SSM, Wang Q, Ren K, Lou W (2013) Privacy-preserving public auditing for secure cloud storage. IEEE Trans Comput 62(2):362–375

    Article  MathSciNet  Google Scholar 

  12. Liu C, Chen J, Yang LT, Zhang X, Yang C, Ranjan R, Kotagiri R (2014) Authorized public auditing of dynamic big data storage on cloud with efficient verifiable fine-grained updates. IEEE Trans Parallel Distrib Syst 25(9):2234–2244

    Article  Google Scholar 

  13. Zhang J, Li P, Mao J (2016) IPad: ID-based public auditing for the outsourced data in the standard model. Clust Comput 19(1):127–138

    Article  Google Scholar 

  14. Yang G, Jia Y, Shen W, Qianqian S, Zhangjie F, Hao R (2016) Enabling public auditing for shared data in cloud storage supporting identity privacy and traceability. J Syst Softw 113:130–139

    Article  Google Scholar 

  15. Kim D, Jeong IR (2017) Certificateless public auditing protocol with constant verification time. Secur Commun Netw 5:1–14

    Google Scholar 

  16. Wang B, Li B, Li H (2015) Panda: public auditing for shared data with efficient user revocation in the cloud. IEEE Trans Serv Comput 8(1):92–106

    Article  Google Scholar 

  17. Xu Z, Wu L, Khan MK, Choo K-KR, He D (2017) A secure and efficient public auditing scheme using RSA algorithm for cloud storage. J Supercomput 73:1–25

    Article  Google Scholar 

  18. Wang H (2015) Identity-based distributed provable data possession in multicloud storage. IEEE Trans Serv Comput 8(2):328–340

    Article  Google Scholar 

  19. Zhang J, Dong Q (2016) Efficient ID-based public auditing for the outsourced data in cloud storage. Inf Sci 343:1–14

    MathSciNet  Google Scholar 

  20. Yu Y, Zhang Y, Mu Y, Susilo W, Liu H (2015) Provably secure identity based provable data possession. In: International Conference on Provable Security. Springer, pp 310–325

  21. Wang H, He D, Tang S (2016) Identity-based proxy-oriented data uploading and remote data integrity checking in public cloud. IEEE Trans Inf Forensics Secur 11(6):1165–1176

    Article  Google Scholar 

  22. Li Y, Yu Y, Min G, Susilo W, Ni J, Choo K-KR (2017) Fuzzy identity-based data integrity auditing for reliable cloud storage systems. IEEE Trans Dependable Secure Comput. https://doi.org/10.1109/TDSC.2017.2662216

    Article  Google Scholar 

  23. Wang B, Li B, Li H, Li F (2013) Certificateless public auditing for data integrity in the cloud. In: IEEE Conference on Communications and Network Security (CNS). IEEE, pp 136–144

  24. Zhang Y, Chunxiang X, Shui Y, Li H, Zhang X (2015) SCLPV: secure certificateless public verification for cloud-based cyber-physical-social systems against malicious auditors. IEEE Trans Comput Soc Syst 2(4):159–170

    Article  Google Scholar 

  25. He D, Zeadally S, Wu L (2018) Certificateless public auditing scheme for cloud-assisted wireless body area networks. IEEE Syst J 12(1):64–73

    Article  Google Scholar 

  26. Yang T, Yu B, Wang H, Li J, Lv Z (2015) Cryptanalysis and improvement of panda–public auditing for shared data in cloud and internet of things. Multimed Tools Appl 76:1–18

    Google Scholar 

  27. Tang CM, Zhang XJ (2015) A new publicly verifiable data possession on remote storage. J Supercomput 1–15. https://doi.org/10.1007/s11227-015-1556-z

  28. Xu Z, Wu L, He D, Khan MK (2017) Security analysis of a publicly verifiable data possession scheme for remote storage. J Supercomput 73(11):4923–4930

    Article  Google Scholar 

  29. Li J, Zhang L, Liu JK, Qian H, Dong Z (2016) Privacy-preserving public auditing protocol for low-performance end devices in cloud. IEEE Trans Inf Forensics Secur 11(11):2572–2583

    Article  Google Scholar 

  30. Shen W, Jia Y, Xia H, Zhang H, Xiuqing L, Hao R (2017) Light-weight and privacy-preserving secure cloud auditing scheme for group users via the third party medium. J Netw Comput Appl 82:56–64

    Article  Google Scholar 

  31. Luo Y, Xu M, Fu S, Wang D, Deng J (2015) Efficient integrity auditing for shared data in the cloud with secure user revocation. In: Trustcom/BigDataSE/ISPA, 2015 IEEE, vol 1, pp 434–442. IEEE

  32. Wang H, Li K, Ota K, Shen J (2016) Remote data integrity checking and sharing in cloud-based health internet of things. IEICE Trans Inf Syst 99(8):1966–1973

    Article  Google Scholar 

  33. He K, Huang C, Yang K, Shi J (2015) Identity-preserving public auditing for shared cloud data. In: IEEE 23rd International Symposium on Quality of Service (IWQoS). IEEE, pp 159–164

  34. Wang B, Li B, Li H (2014) Oruta: privacy-preserving public auditing for shared data in the cloud. IEEE Trans Cloud Comput 2(1):43–56

    Article  MathSciNet  Google Scholar 

  35. Wang B, Li B, Li H (2012) Knox: privacy-preserving auditing for shared data with large groups in the cloud. In: Bao F, Samarati P, Zhou J (eds) Applied cryptography and network security. Springer, Berlin, pp 507–525

    Chapter  Google Scholar 

  36. Agrawal S, Boneh D (2009) Homomorphic MACs: Mac-based integrity for network coding. In: ACNS, vol 9. Springer, pp 292–305

  37. Wu L, Wang J, Kumar N, He D (2017) Secure public data auditing scheme for cloud storage in smart city. Pers Ubiquitous Comput 21(5):949–962

    Article  Google Scholar 

  38. Wang H (2013) Proxy provable data possession in public clouds. IEEE Trans Serv Comput 6(4):551–559

    Article  Google Scholar 

  39. Li A, Tan S, Jia Y (2016) A method for achieving provable data integrity in cloud computing. J Supercomput 1–17. https://doi.org/10.1007/s11227-015-1598-2

  40. Yuan J, Yu S (2014) Efficient public integrity checking for cloud data sharing with multi-user modification. In: INFOCOM, 2014 Proceedings IEEE. IEEE, pp 2121–2129

  41. Fu A, Yu S, Zhang Y, Wang H, Huang C (2017) NPP: a new privacy-aware public auditing scheme for cloud data sharing with group users. IEEE Trans Big Data

  42. Boyen X (2008) The uber-assumption family. In: International Conference on Pairing-Based Cryptography. Springer, pp 39–56

  43. MIRACL Cryptographic Library: Multiprecision Integer and Rational Arithmetic C/C++ Library(MIRACL)

  44. Park JH, Lee DH (2016) An efficient IBE scheme with tight security reduction in the random oracle model. Des Codes Cryptog 79(1):63–85

    Article  MathSciNet  Google Scholar 

  45. Lee E, Lee H-S, Park C-M (2009) Efficient and generalized pairing computation on Abelian varieties. IEEE Trans Inf Theory 55(4):1793–1803

    Article  MathSciNet  Google Scholar 

Download references

Acknowledgements

We greatly appreciate the invaluable suggestions provided by the anonymous reviewers and the associate editor. The work was supported in part by the National Natural Science Foundation of China under (Nos. 61501333, 61772377, 61572379, 61572370), and in part by the Natural Science Foundation of Hubei Province of China (Nos. 2017CFA007, 2015CFA068).

Author information

Authors and Affiliations

  1. School of Computer Science, Wuhan University, Wuhan, China

    Libing Wu, Jing Wang & Debiao He

  2. State Key Laboratory of Cryptology, Beijing, China

    Libing Wu, Jing Wang & Debiao He

  3. College of Communication and Information, University of Kentucky, Lexington, USA

    Sherali Zeadally

  4. Key Laboratory of Aerospace Information Security and Trusted Computing, Ministry of Education, School of Cyber Science and Engineering, Wuhan University, Wuhan, China

    Debiao He

Authors
  1. Libing Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jing Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sherali Zeadally
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Debiao He
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Debiao He.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wu, L., Wang, J., Zeadally, S. et al. Privacy-preserving auditing scheme for shared data in public clouds. J Supercomput 74, 6156–6183 (2018). https://doi.org/10.1007/s11227-018-2527-y

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-018-2527-y

Keywords