Results 1 - 10
of
21
H.: Knox: Privacy-Preserving Auditing for Shared Data with Large Groups in the Cloud
, 2012
"... Abstract. With cloud computing and storage services, data is not only stored in the cloud, but routinely shared among a large number of users in a group. It remains elusive, however, to design an efficient mechanism to audit the integrity of such shared data, while still preserving identity privacy. ..."
Abstract
-
Cited by 33 (5 self)
- Add to MetaCart
Abstract. With cloud computing and storage services, data is not only stored in the cloud, but routinely shared among a large number of users in a group. It remains elusive, however, to design an efficient mechanism to audit the integrity of such shared data, while still preserving identity privacy. In this paper, we propose Knox, a privacy-preserving auditing mechanism for data stored in the cloud and shared among a large number of users in a group. In particular, we utilize group signatures to construct homomorphic authenticators, so that a third party auditor (TPA) is able to verify the integrity of shared data for users without retrieving the entire data. Meanwhile, the identity of the signer on each block in shared data is kept private from the TPA. With Knox, the amount of information used for verification, as well as the time it takes to audit with it, are not affected by the number of users in the group. In addition, Knox exploits homomorphic MACs to reduce the space used to store such verification information. Our experimental results show that Knox is able to efficiently audit the correctness of data, shared among a large number of users.
On Verifying Dynamic Multiple Data Copies over Cloud Servers
, 2011
"... Currently, many individuals and organizations outsource their data to remote cloud service providers (CSPs) seeking to reduce the maintenance cost and the burden of large local data storage. The CSP offers paid storage space on its infrastructure to store customers ’ data. Replicating data on multip ..."
Abstract
-
Cited by 12 (2 self)
- Add to MetaCart
Currently, many individuals and organizations outsource their data to remote cloud service providers (CSPs) seeking to reduce the maintenance cost and the burden of large local data storage. The CSP offers paid storage space on its infrastructure to store customers ’ data. Replicating data on multiple servers across multiple data centers achieves a higher level of scalability, availability, and durability. The more copies the CSP is asked to store, the more fees the customers are charged. Therefore, customers need to be strongly convinced that the CSP is storing all data copies that are agreed upon in the service contract, and the data-update requests issued by the customers have been correctly executed on all remotely stored copies. In this paper we propose two dynamic multi-copy provable data possession schemes that achieve two main goals: i) they prevent the CSP from cheating and using less storage by maintaining fewer copies, and ii) they support dynamic behavior of data copies over cloud servers via operations such as block modification, insertion, deletion, and append. We prove the security of the proposed schemes against colluding servers. Through theoretical analysis and experimental results, we demonstrate the performance of these schemes. Additionally, we discuss how to identify corrupted copies by slightly modifying the proposed schemes.
Towards Efficient Proofs of Retrievability
"... Proofs of Retrievability (POR) is a cryptographic formulation for remotely auditing the integrity of files stored in the cloud, without keeping a copy of the original files in local storage. In a POR scheme, a user Alice backups her data file together with some authentication data to a potentially d ..."
Abstract
-
Cited by 2 (2 self)
- Add to MetaCart
Proofs of Retrievability (POR) is a cryptographic formulation for remotely auditing the integrity of files stored in the cloud, without keeping a copy of the original files in local storage. In a POR scheme, a user Alice backups her data file together with some authentication data to a potentially dishonest cloud storage server Bob. Later, Alice can periodically and remotely verify the integrity of her data file using the authentication data, without retrieving back the data file. Besides security, performances in communication, storage overhead and computation are major considerations. Shacham and Waters (Asiacrypt ’08) gave a fast scheme with O(sλ) bits communication cost and a factor of 1/s file size expansion where λ is the security parameter. In this paper, we incorporate a recent construction of constant size polynomial commitment scheme (Kate, Zaverucha and Goldberg, Asiacrypt ’10) into Shacham and Waters scheme. The resulting scheme requires O(λ) communication bits (particularly, 920 bits if a 160 bits elliptic curve group is used or 3512 bits if a 1024 bits modulo group is used) per verification and a factor of 1/s file size expansion. Experiment results show that our proposed scheme is indeed efficient and practical. Our security proof is based on Strong Diffie-Hellman Assumption.
Hasan,” Provable MultiCopy Dynamic Data Possession in Cloud Computing Systems
- IEEE Transaction on Information Forensics and Security
, 2015
"... Abstract-Increasingly more and more organizations are opting for outsourcing data to remote cloud service providers (CSPs). Customers can rent the CSPs storage infrastructure to store and retrieve almost unlimited amount of data by paying fees metered in gigabyte/month. For an increased level of sc ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
Abstract-Increasingly more and more organizations are opting for outsourcing data to remote cloud service providers (CSPs). Customers can rent the CSPs storage infrastructure to store and retrieve almost unlimited amount of data by paying fees metered in gigabyte/month. For an increased level of scalability, availability, and durability, some customers may want their data to be replicated on multiple servers across multiple data centers. The more copies the CSP is asked to store, the more fees the customers are charged. Therefore, customers need to have a strong guarantee that the CSP is storing all data copies that are agreed upon in the service contract, and all these copies are consistent with the most recent modifications issued by the customers. In this paper, we propose a map-based provable multicopy dynamic data possession (MB-PMDDP) scheme that has the following features: 1) it provides an evidence to the customers that the CSP is not cheating by storing fewer copies; 2) it supports outsourcing of dynamic data, i.e., it supports block-level operations, such as block modification, insertion, deletion, and append; and 3) it allows authorized users to seamlessly access the file copies stored by the CSP. We give a comparative analysis of the proposed MB-PMDDP scheme with a reference model obtained by extending existing provable possession of dynamic single-copy schemes. The theoretical analysis is validated through experimental results on a commercial cloud platform. In addition, we show the security against colluding servers, and discuss how to identify corrupted copies by slightly modifying the proposed scheme.
Enabling Data Dynamic and Indirect Mutual Trust for Cloud Computing Storage Systems
"... Currently, the amount of sensitive data produced by many organizations is outpacing their storage ability. The management of such huge amount of data is quite expensive due to the requirements of high storage capacity and qualified personnel. Storage-as-a-Service (SaaS) offered by cloud service prov ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Currently, the amount of sensitive data produced by many organizations is outpacing their storage ability. The management of such huge amount of data is quite expensive due to the requirements of high storage capacity and qualified personnel. Storage-as-a-Service (SaaS) offered by cloud service providers (CSPs) is a paid facility that enables organizations to outsource their data to be stored on remote servers. Thus, SaaS reduces the maintenance cost and mitigates the burden of large local data storage at the organization’s end. A data owner pays for a desired level of security and must get some compensation in case of any misbehavior committed by the CSP. On the other hand, the CSP needs a protection from any false accusation that may be claimed by the owner to get illegal compensations. In this paper, we propose a cloud-based storage scheme that allows the data owner to benefit from the facilities offered by the CSP and enables indirect mutual trust between them. The proposed scheme has four important features: (i) it allows the owner to outsource sensitive data to a CSP, and perform full block-level dynamic operations on the outsourced data, i.e., block modification, insertion, deletion, and append, (ii) it ensures that authorized users (i.e., those who have the right to access the owner’s file) receive the latest version of the outsourced data, (iii) it enables indirect mutual trust between the owner and the CSP, and (iv) it allows the owner to grant or revoke access to the outsourced data. We discuss the security issues of the proposed scheme. Besides, we justify its performance through theoretical analysis and experimental evaluation of storage, communication, and computation overheads.
Controlling Data-Flow in the Cloud
"... Abstract—A big obstacle for using cloud services is that users have no control over the locations where their data are stored or processed, respectively. This paper presents a program analysis approach that enables clients to negotiate services with undesired locations. Clients may only use services ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
Abstract—A big obstacle for using cloud services is that users have no control over the locations where their data are stored or processed, respectively. This paper presents a program analysis approach that enables clients to negotiate services with undesired locations. Clients may only use services that guarantee not to use (directly or indirectly) services on undesired locations for processing or storing the clients ’ data. In order to increase trust in the answers given by services during the negotiation process, a cryptographic approach similar to Web page certification is proposed. We show that a static data-flow analysis combined with a cryptographic approach ensures that clients ’ data do not reach undesired locations in the cloud. Keywords- data-flow; service-level agreement; cloud security. I.
TCLOUD: A Trusted Storage Architecture for Cloud Computing
"... The cloud storage provides a least cost means of data storage for the small and large enterprises across the globe. But the main barricade to wide spread adoption of cloud storage is the lake of trust in the technology by its user. The data is stored on multiple servers and the location is concealed ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
The cloud storage provides a least cost means of data storage for the small and large enterprises across the globe. But the main barricade to wide spread adoption of cloud storage is the lake of trust in the technology by its user. The data is stored on multiple servers and the location is concealed from the customers and they are no more in control of the data. This distinctive feature of the cloud storage presents many security and trust challenges. In this paper we present a trusted architecture of cloud data storage. The architecture presents a unique way of secure storage and accessing of data from the cloud data center. It also ensured that only authorized user will be able to access the data. Additionally, if there is any violation of the security parameter at the data center, the data will still be safe i.e. the data will be stored in encrypted form.
Improving Data Integrity for Data Storage Security in Cloud Computing
"... Abstract- With the provision of innumerable benefits, cloud has become an emerging standard that brings about various technologies and computing ideas for internet. Massive storage centers are provided by the cloud which can be accessed easily from any corner of the world and at any time. The on-dem ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Abstract- With the provision of innumerable benefits, cloud has become an emerging standard that brings about various technologies and computing ideas for internet. Massive storage centers are provided by the cloud which can be accessed easily from any corner of the world and at any time. The on-demand service provision with utilization of fewer resources of client system benefits the client. However, data outsourcing paradigm in cloud is one of the biggest security concerns. Frequent integrity checking is needed to keep an eye on data. The proposed scheme makes use of Merkle Hash Tree (MHT) and AES algorithm to maintain data integrity at the untrusted server. In most of the previously proposed schemes, RSA algorithm was used for storage security. AES being faster in encryption-decryption and the buffer-space requirement being less as compared to RSA, we try to improve the performance by making use of AES algorithm. The cloud must not impose on user the responsibility to verify his / her stored data. Taking this into consideration and relieve client from the overhead of data integrity verification, we introduce an entity called the Third Party Auditor (TPA), which acts on behalf of client for data integrity checking and send an alert to notify the status of the stored data. The proposed storage security scheme also assures recovery of data, in case of data loss or corruption, by providing a recovery system. Thus the proposed scheme aims at keeping the user data integrated and support data restore. The system also reduces the server computation time when compared with previous systems.
Provable Data Possession in Single Cloud Server: A Survey, Classification and Comparative Study
"... Storage-as-a-Service (SaaS) offered by cloud service providers is a paid facility that enables organizations to outsource their data to be stored on remote servers. Thus, SaaS reduces the maintenance cost and mitigates the burden of large local data storage at the orga-nization’s end. However, the f ..."
Abstract
- Add to MetaCart
(Show Context)
Storage-as-a-Service (SaaS) offered by cloud service providers is a paid facility that enables organizations to outsource their data to be stored on remote servers. Thus, SaaS reduces the maintenance cost and mitigates the burden of large local data storage at the orga-nization’s end. However, the fact that data owners no longer physi-cally possess their sensitive data raises new challenges to the tasks of data confidentiality and integrity in cloud computing systems. Many researchers have focused on the problem of provable data possession (PDP), and proposed different schemes to audit data on remote storage sites. In this paper, we investigate the concept of PDP and provide an extensive survey for different PDP schemes on a single cloud server. Moreover, the paper discusses the design principles for var-ious PDP constructions, highlights some limitations, and present a comparative analysis for numerous PDP models. We classify PDP schemes into protocols for static data, and models that support out-sourcing of dynamic data.
1 Survey on Privacy-Preserving Methods for Storage in Cloud Computing
"... At present the mankind are progressively relying more on a number of online storage stores to back up our data or for using it in real time which gives an anywhere, anytime access. All these services bring with it, concerns of security and privacy weaknesses for all the services provided by them sin ..."
Abstract
- Add to MetaCart
(Show Context)
At present the mankind are progressively relying more on a number of online storage stores to back up our data or for using it in real time which gives an anywhere, anytime access. All these services bring with it, concerns of security and privacy weaknesses for all the services provided by them since the user‟s data are stored and maintained out of user‟s premises. This paper portrays the various issues associated to privacy while storing the user‟s data on third party service providers, which is more commonly termed as cloud service. Cloud computing refers to the fundamental infrastructure for an up-coming model of service provision that has the benefit of dropping cost by sharing computing and storage resources, united with an on-demand provisioning mechanism depending on a pay-per-use business model. Without appropriate security and privacy solutions designed for clouds this computing paradigm could become a huge failure. There is a lot of research being made to spot out the issues with these cloud service providers and cloud security in general. This paper is on regard of one of the key issue-privacy that occur in the context of cloud computing and analyze the various works being done to solve the issues in privacy and thus to ensure privacy to outsourced data on cloud storage.
