Browse > Article
http://dx.doi.org/10.3837/tiis.2017.10.019

Efficient and Secure Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy  

Yu, Haiyang (Faculty of Information, Beijing University of Technology)
Cai, Yongquan (Faculty of Information, Beijing University of Technology)
Kong, Shanshan (Faculty of Information, Beijing University of Technology)
Ning, Zhenhu (Faculty of Information, Beijing University of Technology)
Xue, Fei (College of Information, Beijing Wuzi University)
Zhong, Han (College of Information Technology and Network Security, Peoples Public Security University of China)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.11, no.10, 2017 , pp. 5039-5061 More about this Journal
Abstract
Cloud storage becomes a new trend that more and more users move their data to cloud storage servers (CSSs). To ensure the security of cloud storage, many cloud auditing schemes are proposed to check the integrity of users' cloud data. However, most of them are based on public key infrastructure, which leads to complex certificates management and verification. Besides, most existing auditing schemes are inefficient when user uploads a large amount of data or a third party auditor (TPA) performs auditing for multiple users' data on different CSSs. To overcome these problems, in this paper, we propose an efficient and secure auditing scheme based on identity-based cryptography. To relieve user's computation burden, we introduce a proxy, which is delegated to generate and upload homomorphic verifiable tags for user. We extend our auditing scheme to support auditing for dynamic data operations. We further extend it to support batch auditing in multiple users and multiple CSSs setting, which is practical and efficient in large scale cloud storage system. Extensive security analysis shows that our scheme is provably secure in random oracle model. Performance analysis demonstrates that our scheme is highly efficient, especially reducing the computation cost of proxy and TPA.
Keywords
Identity-based cryptography; public auditing; cloud storage; integrity checking; proxy;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 J. Zhang and Q. Dong, "Efficient ID-based public auditing for the outsourced data in cloud storage," Information Sciences, vol.343, pp. 1-14, 2016.
2 Y. Yu, Y. Zhang, Y. Mu, W. Susilo and H. Liu, "Provably secure identity based provable data possession," in Proc. of International Conference on Provable Security, pp. 310-325, 2015.
3 Y. Yu, L. Xue, M. H. Au, W. Susilo, J. Ni, Y. Zhang, A. V. Vasilakos and J. Shen, "Cloud data integrity checking with an identity-based auditing mechanism from RSA," Future Generation Computer Systems, vol. 62, pp. 85-91, 2016.   DOI
4 Y. Yu, M. H. Au, G. Ateniese, X. Huang,W. Susilo, Y. Dai and G. Min, "Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage," IEEE Transactions on Information Forensics and Security, vol. 12, no. 4, pp. 767-778, 2016.   DOI
5 H. Wang, D. He and S. Tang, "Identity-based proxy-oriented data uploading and remote data integrity checking in public cloud," IEEE Transactions on Information Forensics and Security, vol. 11, no. 6, pp. 1165-1176, 2016.   DOI
6 J. Zhang, W. Tang and J. Mao, "Efficient public verification proof of retrievability scheme in cloud," Cluster computing, vol. 17, no. 4, pp. 1401-1411, 2014.   DOI
7 M. Sookhak, A. Gani, H. Talebian, A. Akhunzada, S. U. Khan, R. Buyya and A. Y. Zomaya, "Remote data auditing in cloud computing environments: A survey, taxonomy, and open issues," ACM Computing Surveys (CSUR), vol. 47, no. 4, Article 65, 2015.
8 A. Shamir, "Identity-based cryptosystems and signature schemes," in Proc. of Workshop on the Theory and Application of Cryptographic Techniques, pp. 47-53, 1984.
9 A. Juels and B. S. Kaliski Jr, "PORs: Proofs of retrievability for large files," in Proc. of the 14th ACM Conference on Computer and Communications Security, pp. 584-597, 2007.
10 G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson and D. Song, "Provable data possession at untrusted stores," in Proc. of the 14th ACM Conference on Computer and Communications Security, pp. 598-609, 2007.
11 G. Ateniese, R. Di Pietro, L. V. Mancini and G. Tsudik, "Scalable and efficient provable data possession," in Proc. of the 4th International Conference on Security and Privacy in Communication Netowrks. pp. 1-10, 2008.
12 Y. Zhu, H. Wang, Z. Hu, G.-J. Ahn, H. Hu and S. S. Yau, "Dynamic audit services for integrity verication of outsourced storages in clouds," in Proc. of the 2011 ACM Symposium on Applied Computing, pp. 1550-1557, 2011.
13 C. C. Erway, A. Kupcu, C. Papamanthou and R. Tamassia, "Dynamic provable data possession," ACM Transactions on Information and System Security (TISSEC), vol. 17, no. 4, 2015.
14 K. Yang and X. Jia, "An efficient and secure dynamic auditing protocol for data storage in cloud computing," IEEE Transactions on Parallel and Distributed Systems, vol. 24, no. 9, pp. 1717-1726, 2013.   DOI
15 Q. Wang, C. Wang, J. Li, K. Ren and W. Lou, "Enabling public verifiability and data dynamics for storage security in cloud computing," in Proc. of European Symposium on Research in Computer Security. pp. 355-370, 2009.
16 R. Curtmola, O. Khan, R. Burns and G. Ateniese. "MR-PDP: Multiple-replica provable data possession," in Proc. of the 28th International Conference on Distributed Computing Systems, pp. 411-420, 2008.
17 A. F. Barsoum and M. A. Hasan, "On Verifying Dynamic Multiple Data Copies over Cloud Servers," IACR Cryptology ePrint Archive, vol.1, no. 1, pp. 447-455, 2011.
18 C. Wang, K. Ren, W. Lou and J. Li, "Toward publicly auditable secure cloud data storage services," IEEE Network, vol. 24, no. 4, pp. 19-24, 2010.   DOI
19 Y. Zhu, H. Hu, G.-J. Ahn and M. Yu, "Cooperative provable data possession for integrity verification in multicloud storage," IEEE Transactions on Parallel and Distributed Systems, vol. 23, no. 12, pp. 2231-2244, 2012.   DOI
20 C. Wang, S. S. Chow, Q. Wang, K. Ren and W. Lou, "Privacy-preserving public auditing for secure cloud storage," IEEE Transactions on Computers, vol. 62, no. 2, pp. 362-375, 2013.   DOI
21 M. Sookhak, A. Akhunzada, A. Gani, M. Khurram Khan and N. B. Anuar, "Towards dynamic remote data auditing in computational clouds," The Scientific World Journal 2014, vol. 12, 2014.
22 W. Shen, J. Yu, G. Yang, Y. Zhang, Z. Fu, and R. Hao, "Access-authorizing and privacy-preserving auditing with group dynamic for shared cloud data," KSII Transactions on Internet and Information Systems, vol. 10, no. 7, 2016.
23 J. Zhao, C. Xu, F. Li, and W. Zhang, "Identity-based public verification with privacy-preserving for data storage security in cloud computing," IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, vol. 96, no. 12, pp. 2709-2716, 2013.
24 J. Wang, X. Chen, X. Huang, I. You and Y. Xiang, "Verifiable auditing for outsourced database in cloud computing," IEEE Transactions on Computers, vol. 64, no. 11, pp. 3293-3303, 2015.   DOI
25 Y. Yu, M. H. Au, Y. Mu, S. Tang, J. Ren, W. Susilo and L. Dong, "Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage," International Journal of Information Security, vol. 14, no. 4, pp. 307-318, 2015.   DOI
26 C. Xu, Y. Zhang, Y. Yu, X. Zhang and J. Wen, "An efficient provable secure public auditing scheme for cloud storage," KSII Transactions on Internet and Information Systems, vol. 8, no. 11, pp. 4226-4241, 2014.   DOI
27 T. Jiang, X. Chen and J. Ma, "Public integrity auditing for shared dynamic cloud data with group user revocation," IEEE Transactions on Computers, vol. 65, no. 8, pp. 2363-2373, 2015.   DOI
28 A. F. Barsoum and M. A. Hasan, "Provable multicopy dynamic data possession in cloud computing systems," IEEE Transactions on Information Forensics and Security, vol.10, no. 3, pp. 485-497, 2015.   DOI
29 H. Wang, Q. Wu, B. Qin and J. Domingo-Ferrer, "Identity-based remote data possession checking in public clouds," IET Information Security, vol. 8, no. 2, pp. 114-121, 2014.   DOI
30 H Wang, "Identity-based distributed provable data possession in multicloud storage," IEEE Transactions on Services Computing, vol. 8, no. 2, pp. 328-340, 2015.   DOI
31 J. Zhang, P. Li and J. Mao, "IPad: ID-based public auditing for the outsourced data in the standard model," Cluster Computing, vol. 19, no. 1, pp. 127-138, 2016.   DOI