19-07-2013, 02:08 PM
ENABLING PUBLIC VERIFIABILITY AND DATA DYNAMICS FOR STORAGE SECURITY IN
CLOUD COMPUTING
ENABLING PUBLIC VERIFIABILITY.pdf (Size: 343.09 KB / Downloads: 28)
Abstract
Remote data integrity checking is a crucialtechnology in cloud computing. Recently many
worksfocus on providing data dynamics and publicverifiability to this type of protocols. Existingprotocols
can support both features with the help of athird party auditor. In a previous work, Seb ́e et al.’spropose a
remote data integrity checking protocolthat supports data dynamics. In this paper, adaptingthe Seb ́e et
al.’s protocol to support publicverifiability. The proposed protocol supports publicverifiability without
help of a third party auditor. Inaddition, the proposed protocol does not leak anyprivate information to
third party verifiers. Througha formal analysis, the correctness and security of the
protocol is being verified. After that, throughtheoretical analysis and experimental results, wedemonstrate
that the proposed protocol has a goodperformance.
INTRODUCTION
Storing data in the cloud has become a
trend.Increasing the number of clients store their
importantdata in remote servers in the cloud,
without leaving acopy in their local computers.
Sometimes the data storedin the cloud is so
important that the clients must ensure itis not
lost or corrupted. While it is easy to check
dataintegrity after completely downloading the
data to bechecked, downloading large amounts
of data just forchecking data integrity is a waste
of communicationbandwidth.
CLOUD MODEL
Treat a cloud for simplicity as a highly
resourced,monolithic entity, and denote each
entity relying onresources as a client. Denote the
set of n clients of theentity in the cloud. In the
model of cloud computing,clients are thin. They
have limited local computation andstorage,
delegating as much as possible to a cloud
provider. And they are not consistently on-line.
Theymay deposit data in the cloud and go
offline indefinitely.Consequently, a cloud
provider assumes responsibilityfor processing
data in the absence of its owners.Applications
that operate over the data of multipleclients
respect access-control policies. The client
storesher data in the server without keeping a
local copy.Hence, it is of critical importance that
the client shouldbe able to verify the integrity of
the data stored in the remote untrusted server. If
the server modifies any partof the client’s data,
the client should be able to detect it;furthermore,
any third party verifier should also be able to
detect it. In case a third party verifier verifies the
integrity of the client’s data, the data should be
kept private against the third party verifier.
PROBLEM STATEMENT
Mostly cloud data storage service
involving threedifferent entities, as illustrated in
Fig. 1: the cloud user,who has large amount of
data files to be stored in thecloud; the cloud
server (CS), which is managed by thecloud
service provider (CSP) to provide data
storageservice and has significant storage space
andcomputation resources; the third party
auditor (TPA),who has expertise and capabilities
that cloud users donot have and is trusted to
assess the cloud storage servicereliability on
behalf of the user upon request. Users relyon the
CS for cloud data storage and maintenance.
Asusers no longer possess their data locally, it is
to critical importance for users to ensure that
their data are beingcorrectly stored and
maintained. To save thecomputation resource as
well as the online burdenpotentially brought by
the periodic storage correctnessverification,
cloud users may resort to TPA for ensuringthe
storage integrity of their outsourced data,
whilehoping to keep their data private from
TPA.
DESIGN GOALS
To enable privacy-preserving technique for
cloud data storage under the aforementioned
model, proposed protocol design should achieve
the following guarantees.
1) Public Verifiability: To allow TPA to verify
the correctness of the cloud data on demand
without retrieving a copy of the whole data or
introducing additional online burden to the cloud
users.
2) Storage correctness: To ensure that there
exists no cheating cloud server that can pass the
TPA’s audit without indeed storing users’ data
intact.
3) Privacy-preserving: To ensure that the TPA
cannot derive users’ data content from the
information collected during the verifying
process.
4) Dynamic data operation support: To allow the
clients to perform block-level operations on the
data files while maintaining the same level of
data correctness assurance. The design should be
as efficient as possible so as to ensure the
seamless integration of public verifiability
and dynamic data operation support
CONCLUSION
This paper, propose a new remote data
integrity checking protocol for cloud storage.
The proposed protocol is suitable for providing
integrity protection of customers’ important
data. The proposed protocol supports data
insertion, modification and deletion at the
block level, and also supports public
verifiability. To ensure cloud data storage
security, it is critical to enable a third party
auditor to evaluate the service quality from
an objective and independent perspective. Public
verifiability also allows clients to delegate the
integrity verification tasks to TPA while they
themselves can be unreliable or not be able to
commit necessary
computation resources
performing continuous
verifications. The
proposed protocol is proved to be secure against
an untrusted server. It is also private against
third party verifiers. Both theoretical analysis
and experimental results demonstrate that the
proposed protocol has very good efficiency in
the aspects of communication, computation and
storage costs.