CLC number: TP309.2
On-line Access: 2024-08-27
Received: 2023-10-17
Revision Accepted: 2024-05-08
Crosschecked: 2014-08-11
Cited: 7
Clicked: 10472
Shuang Tan, Yan Jia. NaEPASC: a novel and efficient public auditing scheme for cloud data[J]. Journal of Zhejiang University Science C, 2014, 15(9): 794-804.
@article{title="NaEPASC: a novel and efficient public auditing scheme for cloud data",
author="Shuang Tan, Yan Jia",
journal="Journal of Zhejiang University Science C",
volume="15",
number="9",
pages="794-804",
year="2014",
publisher="Zhejiang University Press & Springer",
doi="10.1631/jzus.C1400045"
}
%0 Journal Article
%T NaEPASC: a novel and efficient public auditing scheme for cloud data
%A Shuang Tan
%A Yan Jia
%J Journal of Zhejiang University SCIENCE C
%V 15
%N 9
%P 794-804
%@ 1869-1951
%D 2014
%I Zhejiang University Press & Springer
%DOI 10.1631/jzus.C1400045
TY - JOUR
T1 - NaEPASC: a novel and efficient public auditing scheme for cloud data
A1 - Shuang Tan
A1 - Yan Jia
J0 - Journal of Zhejiang University Science C
VL - 15
IS - 9
SP - 794
EP - 804
%@ 1869-1951
Y1 - 2014
PB - Zhejiang University Press & Springer
ER -
DOI - 10.1631/jzus.C1400045
Abstract: Cloud computing is deemed the next-generation information technology (IT) platform, in which a data center is crucial for providing a large amount of computing and storage resources for various service applications with high quality guaranteed. However, cloud users no longer possess their data in a local data storage infrastructure, which would result in auditing for the integrity of outsourced data being a challenging problem, especially for users with constrained computing resources. Therefore, how to help the users complete the verification of the integrity of the outsourced data has become a key issue. public verification is a critical technique to solve this problem, from which the users can resort to a third-party auditor (TPA) to check the integrity of outsourced data. Moreover, an identity-based (ID-based) public key cryptosystem would be an efficient key management scheme for certificate-based public key setting. In this paper, we combine ID-based aggregate signature and public verification to construct the protocol of provable data integrity. With the proposed mechanism, the TPA not only verifies the integrity of outsourced data on behalf of cloud users, but also alleviates the burden of checking tasks with the help of users’ identity. Compared to previous research, the proposed scheme greatly reduces the time of auditing a single task on the TPA side. Security analysis and performance evaluation results show the high efficiency and security of the proposed scheme.
[1]Ateniese, G., Burns, R., Curtmola, R., et al., 2007. Provable data possession at untrusted stores. Proc. 14th ACM Conf. on Computer and Communications Security, p.598-609.
[2]Ateniese, G., di Pietro, R., Mancini, L.V., et al., 2008. Scalable and efficient provable data possession. Proc. 4th Int. Conf. on Security and Privacy in Communication Networks, Article 9.
[3]Ateniese, G., Burns, R., Curtmola, R., et al., 2011. Remote data checking using provable data possession. ACM Trans. Inform. Syst. Secur., 14(1):1-12.
[4]Boneh, D., Boyen, X., 2004. Efficient selective-ID secure identity-based encryption without random oracles. Advances in Cryptology-EUROCRYPT, p.223-238.
[5]Boneh, D., Franklin, M., 2001. Identity-based encryption from the weil pairing. Advances in Cryptology-CRYPTO, p.213-229.
[6]Boneh, D., Boyen, X., Goh, E.J., 2005. Hierarchical identity based encryption with constant size ciphertext. Advances in Cryptology-EUROCRYPT, p.440-456.
[7]Chen, B., Curtmola, R., 2012. Robust dynamic provable data possession. 32nd Int. Conf. on Distributed Computing Systems Workshops, p.515-525.
[8]Erway, C., Kupcu, A., Papamanthou, C., et al., 2009. Dynamic provable data possession. Proc. 16th ACM Conf. on Computer and Communications Security, p.213-222.
[9]Gartner, 2010. Gartner Identifies the Top 10 Strategic Technologies for 2011. Available from http://www.gartner.com/newsroom/id/1454221.
[10]Gentry, C., Ramzan, Z., 2006. Identity-based aggregate signatures. Public Key Cryptography, p.257-273.
[11]Gentry, C., Silverberg, A., 2002. Hierarchical ID-based cryptography. Advances in Cryptology-CRYPTO, p.548-566.
[12]Hao, Z., Zhong, S., Yu, N.H., 2011. A privacy-preserving remote data integrity checking protocol with data dynamics and public verifiability. IEEE Trans. Knowl. Data Eng., 23(9):1432-1437.
[13]Hashizume, K., Rosado, D.G., Fernandez-Medina, E., et al., 2013. An analysis of security issues for cloud computing. J. Internet Serv. Appl., 4:5.
[14]Hochmuth, P., Richmond, C., Hudson, S., et al., 2013. 2013 U.S. Cloud Security Survey. Technical Report No. 242836, International Data Corporation (IDC), USA. Available from http://www.idc.com/getdoc.jsp?containerId=242836.
[15]Juels, A., Kaliski, B.S.Jr., 2007. Pors: proofs of retrievability for large files. Proc. 14th ACM Conf. on Computer and Communications Security, p.584-597.
[16]Khan, A., Kiah, M.L.M., Khan, S.U., et al., 2013a. A study of incremental cryptography for security schemes in mobile cloud computing environments. IEEE Symp. on Wireless Technology and Applications, p.62-67.
[17]Khan, A., Othman, M., Madani, S.A., et al., 2013b. A survey of mobile cloud computing application models. IEEE Commun. Surv. Tutor., 16(1):393-413.
[18]Lokantas, F., Salonu, H.S., 2013. IDC’s Cloud Computing and Datacenter Roadshow 2013. Available from http://idc-cema.com/eng/events/50527-idc-s-cloud-computing-and-datacenter-roadshow-2013.
[19]Mell, P., Grance, T., 2009. The NIST Definition of Cloud Computing. Technical Report No. SP 800-145, National Institute of Standards and Techninology (NIST), USA.
[20]Ristenpart, T., Tromer, E., Shacham, H., et al., 2009. Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. Proc. 16th ACM Conf. on Computer and Communications Security, p.199-212.
[21]Shacham, H., Waters, B., 2008. Compact proofs of retrievability. Advances in Cryptology-ASIACRYPT, p.90-107.
[22]Shacham, H., Waters, B., 2013. Compact proofs of retrievability. J. Cryptol., 26(3):442-483.
[23]Shamir, A., 1985. Identity-based cryptosystems and signature schemes. Advances in Cryptology-ASIACRYPT, p.47-53.
[24]Wang, C., Wang, Q., Ren, K., et al., 2009. Ensuring data storage security in cloud computing. 17th Int. Workshop on Quality of Service, p.1-9.
[25]Wang, C., Wang, Q., Ren, K., et al., 2010. Privacy-preserving public auditing for data storage security in cloud computing. Proc. IEEE INFOCOM, p.1-9.
[26]Wang, C., Wang, Q., Ren, K., et al., 2012. Toward secure and dependable storage services in cloud computing. IEEE Trans. Serv. Comput., 5(2):220-232.
[27]Wang, C., Chow, S., Wang, Q., et al., 2013. Privacy-preserving public auditing for secure cloud storage. IEEE Trans. Comput., 62(2):362-375.
[28]Wang, Q., Wang, C., Li, J., et al., 2009. Enabling public verifiability and data dynamics for storage security in cloud computing. Computer Security-ESORICS, p.355-370.
[29]Waters, B., 2005. Efficient identity-based encryption without random oracles. Advances in Cryptology-EUROCRYPT, p.114-127.
[30]Zhu, Y., Hu, H.X., Ahn, G.J., et al., 2011a. Collaborative integrity verification in hybrid clouds. 7th Int. Conf. on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), p.191-200.
[31]Zhu, Y., Wang, H.X., Hu, Z.X., et al., 2011b. Zero-knowledge proofs of retrievability. Sci. China Inform. Sci., 54(8):1608-1617.
Open peer comments: Debate/Discuss/Question/Opinion
<1>