Abstract
In the cloud storage applications, the cloud service provider (CSP) may delete or damage the user’s data. In order to avoid the responsibility, CSP will not actively inform the users after the data damage, which brings the loss to the user. Therefore, increasing research focuses on the public auditing technology recently. However, most of the current auditing schemes rely on the trusted third public auditor (TPA). Although the TPA brings the advantages of fairness and efficiency, it cannot get rid of the possibility of malicious auditors, because there is no fully trusted third party in the real world. As an emerging technology, blockchain technology can effectively solve the trust problem among multiple individuals, which is suitable to solve the security bottleneck in the TPA based public auditing scheme. This paper proposed a public auditing scheme with the blockchain technology to resist the malicious auditors. In addition, through the experimental analysis, we demonstrate that our scheme is feasible and efficient.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Armbrust, M., et al.: A view of cloud computing. Commun. ACM 53(4), 50–58 (2010)
Feng, D.-G., Zhang, M., Zhang, Y., et al.: Study on cloud computing security. J. Softw. 22(1), 71–83 (2011)
Shen, W., Yu, J., Xia, H., et al.: Light-weight and privacy-preserving secure cloud auditing scheme for group users via the third party medium. J. Netw. Comput. Appl. 82, 56–64 (2017)
Ren, K., Wang, C., Wang, Q.: Security challenges for the public cloud. IEEE Internet Comput. 16(1), 69–73 (2012)
Song, D., Shi, E., Fischer, I., Shankar, U.: Cloud data protection for the masses. IEEE Comput. 45(1), 39–45 (2012)
Juels, A., Oprea, A.: New approaches to security and availability for cloud data. Commun. ACM 56(2), 64–73 (2013)
Deswarte, Y., Quisquater, J.-J., Saïdane, A.: Remote integrity checking. In: Jajodia, S., Strous, L. (eds.) Integrity and Internal Control in Information Systems VI. IIFIP, vol. 140, pp. 1–11. Springer, Boston, MA (2004). https://doi.org/10.1007/1-4020-7901-X_1
Sebe, F., Martinez-Balleste, A., Deswarte, Y., et al.: Time-bounded remote file integrity checking. Technical report 04429 (2004)
Oprea, A., Reiter, M.K.: Space-efficient block storage integrity. In: Network and Distributed System Security Symposium, NDSS 2005, San Diego, California, USA. DBLP (2005)
Schwarz, T.S.J., Miller, E.L.: Store, forget, and check: using algebraic signatures to check remotely administered storage. In: IEEE International Conference on Distributed Computing Systems. IEEE (2006)
Li, J., Zhang, L., Liu, J.K., et al.: Privacy-preserving public auditing protocol for low-performance end devices in cloud. IEEE Trans. Inf. Forensics Secur. 11(11), 2572–2583 (2016)
Wang, Q., Wang, C., Li, J., Ren, K., Lou, W.: Enabling public verifiability and data dynamics for storage security in cloud computing. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 355–370. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04444-1_22
Wang, C., Wang, Q., Ren, K., et al.: Privacy-preserving public auditing for data storage security in cloud computing. In: 29th IEEE International Conference on Computer Communications, Joint Conference of the IEEE Computer and Communications Societies, INFOCOM 2010, 15–19 March 2010, San Diego, CA, USA. IEEE (2010)
Wang, B., Li, B., Li, H.: Knox: privacy-preserving auditing for shared data with large groups in the cloud. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 507–525. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31284-7_30
Ateniese, G., Bums, R., Curtmola, R., et al.: Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 598–609. ACM (2007)
Shacham, H., Waters, B.: Compact proofs of retrievability. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 90–107. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89255-7_7
Ateniese, G., Pietro, R.D., Mancini, L.V., et al.: Scalable and efficient provable data possession. In: Proceedings of the 4th International Conference on Security and Privacy in Communication Networks. ACM (2008)
Erway, C.C., Küpçü, A., Papamanthou, C., et al.: Dynamic provable data possession. ACM Trans. Inf. Syst. Secur. (TISSEC) 17(4), 1–29 (2015)
Zhu, Y., Hu, H., Ahn, G., et al.: Cooperative provable data possession for integrity verification in multicloud storage. IEEE Trans. Parallel Distrib. Syst. 23(12), 2231–2244 (2012)
Hao, Z., Zhong, S., Yu, N.: A privacy-preserving remote data integrity checking protocol with data dynamics and public verifiability. IEEE Trans. Knowl. Data Eng. 23(9), 1432–1437 (2011)
Wang, B., Li, B., Li, H.: Oruta: privacy-preserving public auditing for shared data in the cloud. IEEE Trans. Cloud Comput. 2(1), 43–56 (2014)
He, D., Zeadally, S., Wu, L.: Certificateless public auditing scheme for cloud-assisted wireless body area networks. IEEE Syst. J. 12(1), 64–73 (2015)
Li, Y., Yu, Y., Min, G., et al.: Fuzzy identity-based data integrity auditing for reliable cloud storage systems. IEEE Trans. Dependable Secur. Comput. 16(1), 72–83 (2017)
Xue, J., Xu, C., Zhao, J., Ma, J.: Identity-based public auditing for cloud storage systems against malicious auditors via blockchain. Sci. China Inf. Sci. 62(3), 32104 (2019)
Yu, J., Wang, H.: Strong key-exposure resilient auditing for secure cloud storage. IEEE Trans. Inf. Forensics Secur. 12(8), 1931–1940 (2017)
Liu, C., Chen, J., Yang, L.T., et al.: Authorized public auditing of dynamic big data storage on cloud with efficient verifiable fine-grained updates. IEEE Trans. Parallel Distrib. Syst. 25(9), 2234–2244 (2013)
Yang, K., Jia, X.: An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans. Parallel Distrib. Syst. 24(9), 1717–1726 (2013)
Yong, L., Ge, Y., Linan, L., Xiaofei, Z., Kun, Y.: LBT-based cloud data integrity verification scheme. J. Tsinghua Univ. (Sci. Technol.) 56(5), 504–510 (2016)
Garg, N., Bawa, S.: RITS-MHT: relative indexed and time stamped Merkle hash tree based data auditing protocol for cloud computing. J. Netw. Comput. Appl. 84, 1–13 (2017)
Zhang, Y., Yu, J., Hao, R., et al.: Enabling efficient user revocation in identity-based cloud storage auditing for shared big data. IEEE Trans. Dependable Secur. Comput. 17, 608–619 (2018)
Youn, T.Y., Chang, K.Y., Rhee, K.H., et al.: Efficient client-side deduplication of encrypted data with public auditing in cloud storage. IEEE Access 6, 26578–26587 (2018)
Shen, W., Qin, J., Yu, J., et al.: Enabling identity-based integrity auditing and data sharing with sensitive information hiding for secure cloud storage. IEEE Trans. Inf. Forensics Secur. 14(2), 331–346 (2018)
Tian, H., Nan, F., Jiang, H., et al.: Public auditing for shared cloud data with efficient and secure group management. Inf. Sci. 472, 107–125 (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Li, S., Liu, J., Yang, G. (2021). A Public Auditing Framework Against Malicious Auditors for Cloud Storage Based on Blockchain. In: Wang, D., Meng, W., Han, J. (eds) Security and Privacy in New Computing Environments. SPNCE 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 344. Springer, Cham. https://doi.org/10.1007/978-3-030-66922-5_20
Download citation
DOI: https://doi.org/10.1007/978-3-030-66922-5_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-66921-8
Online ISBN: 978-3-030-66922-5
eBook Packages: Computer ScienceComputer Science (R0)