YANG Zhen, WANG Wenyu, HUANG Yongfeng, LI Xing. Privacy-Preserving Public Auditing Scheme for Data Confidentiality and Accountability in Cloud Storage[J]. Chinese Journal of Electronics, 2019, 28(1): 179-187. doi: 10.1049/cje.2018.02.017
Citation: YANG Zhen, WANG Wenyu, HUANG Yongfeng, LI Xing. Privacy-Preserving Public Auditing Scheme for Data Confidentiality and Accountability in Cloud Storage[J]. Chinese Journal of Electronics, 2019, 28(1): 179-187. doi: 10.1049/cje.2018.02.017

Privacy-Preserving Public Auditing Scheme for Data Confidentiality and Accountability in Cloud Storage

doi: 10.1049/cje.2018.02.017
Funds:  This work is supported by the National Key Research and Development Program of China (No.2016YFB0800402) and the National Natural Science Foundation of China (No.U1405254, No.U1536207).
  • Received Date: 2017-03-23
  • Rev Recd Date: 2017-08-05
  • Publish Date: 2019-01-10
  • Cloud data confidentiality need to be audited for the data owner's concern. Confidentiality auditing is usually based on logging schemes, whereas cloud data dynamics and sharing group dynamics result in massive logs, which makes confidentiality auditing a formidable task for user with limited resources. So we propose a public auditing scheme for data confidentiality, in which user resorts to a Third-party auditor (TPA) for auditing. Our scheme design a special log called attestation in which hash user pseudonym is used to preserve user privacy. Attestation-based data access identifying is presented in our scheme which brings no new vulnerabilities toward data confidentiality and no extra online burden for user. We further support accountability of responsible user for data leakage based on user pseudonym. Extensive security and performance analysis compare our scheme with existing auditing schemes. Results indicate that the proposed scheme is provably secure and highly efficient.
  • loading
  • Nour Zawawi, Mohamed Hamdy El-Eliemy, Rania El-Gohary, et al., "Security issues on cloud data services", Bio-inspiring Cyber Security and Cloud Services:Trends and Innovations, Springer, Berlin, Germany, pp.497-517, 2014.
    Ryan K.L. Ko, "Data accountability in cloud systems", Security, Privacy and Trust in Cloud Systems, Springer, Berlin, Germany, pp.211-238, 2014.
    Matt Blaze, "A cryptographic file system for UNIX", Proc. of the 1st ACM conference on Computer and communications security, Fairfax, Virginia, USA, pp.9-16, 1993.
    Shucheng Yu, Cong Wang, Kui Ren, et al., "Achieving secure, scalable, and fine-grained data access control in cloud computing", Proc. of the 29th Conference on Information Communications, San Diego, California, USA, pp.534-542, 2010.
    Tu Shanshan and Huang Yongfeng, "Towards efficient and secure access control system for mobile cloud computing", China Communications, Vol.12, No.12, pp.43-52, 2015.
    S.Z. Niu, S.S. Shan and Y.F. Huang, "An effective and secure access control system scheme in the cloud", Chinese Journal of Electronics, Vol.24, No.3, pp.524-528, 2015.
    Siani Pearson, Vasilis Tountopoulos, Daniele Catteddu, et al., "Accountability for cloud and other future internet services", Proc. of the 4th IEEE International Conference on Cloud Computing Technology and Science, Taipei, China, pp.629-632, 2012.
    Hui Tian, Yuxiang Chen, Chin-Chen Chang, et al., "Dynamichash-table based public auditing for secure cloud storage", IEEE Transactions on Services Computing, Vol.10, No.5, pp.701-714, 2015.
    Ryan K.L. Ko, Peter Jagadpramana, Miranda Mowbray, et al., "Trustcloud:A framework for accountability and trust in cloud computing", Proc. of the 7th IEEE World Congress on Services, Washington, DC, USA, pp.584-588, 2011.
    Ryan K.L. Ko, Markus Kirchberg and Bu Sung Lee, "From system-centric to data-centric logging-accountability, trust & security in cloud computing", Proc. of the 2011 Defense Science Research Conference and Expo, Singapore, pp.1-4, 2011.
    Smitha Sundareswaran, Anna Squicciarini, Dan Lin, et al., "Promoting distributed accountability in the cloud", Proc. of the 4th IEEE International Conference on Cloud Computing, Washington, DC, USA, pp.113-120, 2011.
    Smitha Sundareswaran, Anna Squicciarini and Dan Lin, "Ensuring distributed accountability for data sharing in the cloud", IEEE Transactions on Dependable and Secure Computing, Vol.9, No.4, pp.556-568, 2012.
    Yu Shyang Tan, Ryan K.L. Ko and Peter Jagadpramana, "Tracking of data leaving the cloud", Proc. of the 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, Liverpool, UK, pp.137-144, 2012.
    Jinyuan Li, Maxwell N. Krohn, David Mazieres, et al., "Secure untrusted data repository (SUNDR)", Proc. of the 6th Symposium on Operating Systems Design and Implementation, San Francisco, California, USA, pp.121-136, 2004.
    Wassim Itani, Ayman Kayssi and Ali Chehab, "Privacy as a service:Privacy-Aware data storage and processing in cloud computing architectures", Proc. of the 8th IEEE International Conference on Dependable, Autonomic and Secure Computing, Chengdu, China, pp.711-716, 2009.
    Raluca Ada Popa, Jacob R. Lorch, David Molnar, et al., "Enabling security in cloud storage SLAs with cloudproof", Proc. of the 2011 USENIX Annual Technical Conference, Portland, Oregon, USA, pp.355-368, 2011.
    Gwan-Hwan Hwang, Jenn-Zjone Peng and Wei-Sian Huang, "A mutual nonrepudiation protocol for cloud storage with interchangeable accesses of a single account from multiple devices", Proc. of the 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, Melbourne, Australia, pp.439-446, 2013.
    Jin Li, Gansen Zhao, Xiaofeng Chen, et al., "Fine-grained data access control systems with user accountability in cloud computing", Proc. of the 2nd IEEE International Conference on Cloud Computing Technology and Science, Indianapolis, Indiana, USA, pp.89-96, 2010.
    Boyang Wang, Hui Li and Ming Li, "Privacy-preserving public auditing for shared cloud data supporting group dynamics", Proc. of the 2013 IEEE International Conference on Communications, Budapest, Hungary, pp.1946-1950, 2013.
    Zhen Yang, Wenyu Wang and Yongfeng Huang, "Ensuring reliable logging for data accountability in untrusted cloud storage", Proc. of the 2017 IEEE International Conference on Communications, Paris, France, pp.1966-1971, 2017.
    Hui Tian, Zhaoyi Chen, Chin-Chen Chang, et al., "Enabling public auditability for operation behaviors in cloud storage", Soft Computing, Vol.21, No.8, pp.2175-2187, 2017.
    Pierre Karpman, Thomas Peyrin and Marc Stevens, "Practical free-start collision attacks on 76-step SHA-1", Proc. of the 35th Annual Cryptology Conference, Part I, Santa Barbara, California, USA, pp.623-642, 2015.
  • 加载中

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索

    Article Metrics

    Article views (141) PDF downloads(289) Cited by()
    Proportional views
    Related

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return