Skip to main content
SpringerLink
Log in

Enabling online/offline remote data auditing for secure cloud storage

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

The notion of Remote Data Auditing (RDA) has been put forward to achieve the integrity verification for cloud data. However, most of the existing RDA techniques suffer from heavy computational overhead or security attacks. To address this challenge, we introduce an online/offline remote data auditing (OORDA) framework that defines the data auditing process as online and offline phases. Then a concrete OORDA scheme is proposed to ensure secure integrity checking for cloud data. Since some expensive computations are performed offline in advance, the online computational cost can be greatly reduced, which can well solve the performance bottleneck for auditing large-scale data on the auditor. Based on the Computational Diffie–Hellman problem, the proposed OORDA scheme is provably secure in the random oracle model. Performance analysis confirms that the proposed scheme has the optimized efficiency compared with existing schemes, where the average online computational cost can be improved by more than 68% during auditing. Subsequently, a Batch OORDA scheme is presented to support batch data auditing operations, which can reduce the number of pairing operations to constant size at the online phase, independent of the number of data owners. Furthermore, we discuss that the designed file block tag and auditing process can be applied to other related fields, such as verifiable keyword search, verifiable SQL query.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Ateniese, G., Burns, R., Curtmola, R., Herring, J., Khan, O., Kissner, L., Peterson, Z., Song, D.: Remote data checking using provable data possession. ACM Trans. Inf. Syst. Security 14(1), 12 (2011)

    Article  Google Scholar 

  2. Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 598–609. ACM (2007)

  3. Bellare, M., Neven, G.: Multi-signatures in the plain public-key model and a general forking lemma. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 390–399. ACM (2006)

  4. Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. J. Cryptol. 17(4), 297–319 (2004)

    Article  MathSciNet  Google Scholar 

  5. Chen, L.: Using algebraic signatures to check data possession in cloud storage. Future Gen. Comput. Syst. 29(7), 1709–1715 (2013)

    Article  Google Scholar 

  6. Chen, X., Shang, T., Zhang, F., Liu, J., Guan, Z.: Dynamic data auditing scheme for big data storage. Front. Comput. Sci. 14(1), 219–229 (2020)

    Article  Google Scholar 

  7. Daniel, E., Vasanthi, N.: Ldap: a lightweight deduplication and auditing protocol for secure data storage in cloud environment. Clust. Comput. 22(1), 1247–1258 (2019)

    Article  Google Scholar 

  8. Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)

    Article  MathSciNet  Google Scholar 

  9. Even, S., Goldreich, O., Micali, S.: On-line/off-line digital signatures. J. Cryptol. 9(1), 35–67 (1996)

    Article  MathSciNet  Google Scholar 

  10. Gan, Q., Wang, X., Fang, X.: Efficient and secure auditing scheme for outsourced big data with dynamicity in cloud. Sci. China Inf. Sci. 61(12), 122104 (2018)

    Article  Google Scholar 

  11. Gao, X., Yu, J., Shen, W.T., Chang, Y., Zhang, S.B., Yang, M., Wu, B.: Achieving low-entropy secure cloud data auditing with file and authenticator deduplication. Inf. Sci. 546, 177–191 (2021)

    Article  MathSciNet  Google Scholar 

  12. He, D., Wang, H., Zhang, J., Wang, L.: Insecurity of an identity-based public auditing protocol for the outsourced data in cloud storage. Inf. Sci. 375, 48–53 (2017)

    Article  Google Scholar 

  13. Hohenberger, S., Waters, B.: Online/offline attribute-based encryption. In: International Workshop on Public Key Cryptography, pp. 293–310. Springer, Berlin (2014)

  14. Hou, H., Yu, J., Zhang, H., Xu, Y., Hao, R.: Enabling secure auditing and deduplicating data without owner-relationship exposure in cloud storage. Clust. Comput. 21(4), 1849–1863 (2018)

    Article  Google Scholar 

  15. Juels, A., Kaliski Jr, B.S.: Pors: Proofs of retrievability for large files. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 584–597. ACM (2007)

  16. Li, J., Yan, H., Zhang, Y.: Certificateless public integrity checking of group shared data on cloud storage. IEEE Trans. Serv. Comput. 14(1), 71–81 (2021)

    Google Scholar 

  17. Li, J., Zhang, L., Liu, J.K., Qian, H., Dong, Z.: Privacy-preserving public auditing protocol for low-performance end devices in cloud. IEEE Trans. Inf. Foren. Security 11(11), 2572–2583 (2016)

    Article  Google Scholar 

  18. Li, J., Zhang, Y., Chen, X., Xiang, Y.: Secure attribute-based data sharing for resource-limited users in cloud computing. Comput. Security 72, 1–12 (2018)

    Article  Google Scholar 

  19. Li, Y., Yu, Y., Min, G., Susilo, W., Ni, J., Choo, K.K.R.: Fuzzy identity-based data integrity auditing for reliable cloud storage systems. IEEE Trans. Depend. Secure Comput. 16(1), 72–83 (2019)

    Article  Google Scholar 

  20. Liu, J.K., Zhou, J.: An efficient identity-based online/offline encryption scheme. In: International Conference on Applied Cryptography and Network Security, pp. 156–167. Springer, Berlin (2009)

  21. Luo, W., Ma, W., Gao, J.: MHB*T based dynamic data integrity auditing in cloud storage. Clust. Comput. (2021). https://doi.org/10.1007/s10586-021-03248-w

    Article  Google Scholar 

  22. Mishra, R., Ramesh, D., Elda, D.R.: Dynamic large branching hash tree based secure and efficient dynamic auditing protocol for cloud environment. Clust. Comput. 24, 1361 (2020)

    Article  Google Scholar 

  23. Ni, J., Yu, Y., Mu, Y., Xia, Q.: On the security of an efficient dynamic auditing protocol in cloud storage. IEEE Trans. Parallel Distrib. Syst. 25(10), 2760–2761 (2014)

    Article  Google Scholar 

  24. Rabaninejad, R., Asaar, M.R., Attari, M.A., Aref, M.R.: An identity-based online/offline secure cloud storage auditing scheme. Clust. Comput. 23(2), 1455–1468 (2020)

    Article  Google Scholar 

  25. Rabaninejad, R., Attari, M.A., Asaar, M.R., Aref, M.R.: Comments on a lightweight cloud auditing scheme: security analysis and improvement. J. Netw. Comput. Appl. 139, 49–56 (2019)

    Article  Google Scholar 

  26. Shacham, H., Waters, B.: Compact proofs of retrievability. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 90–107. Springer, Berlin (2008)

  27. Shen, J., Shen, J., Chen, X., Huang, X., Susilo, W.: An efficient public auditing protocol with novel dynamic structure for cloud data. IEEE Trans. Inf. Forensic Security 12(10), 2402–2415 (2017)

    Article  Google Scholar 

  28. Shen, W., Qin, J., Yu, J., Hao, R., Hu, J.: Enabling identity-based integrity auditing and data sharing with sensitive information hiding for secure cloud storage. IEEE Trans. Inf. Forensic Security 14(2), 331–346 (2019)

    Article  Google Scholar 

  29. Shen, W., Yu, J., Xia, H., Zhang, H., Lu, X., Hao, R.: Light-weight and privacy-preserving secure cloud auditing scheme for group users via the third party medium. J. Netw. Comput. Appl. 82, 56–64 (2017)

    Article  Google Scholar 

  30. Sookhak, M., Gani, A., Talebian, H., Akhunzada, A., Khan, S.U., Buyya, R., Zomaya, A.Y.: Remote data auditing in cloud computing environments: a survey, taxonomy, and open issues. ACM Comput. Surv. 47(4), 1–34 (2015)

    Article  Google Scholar 

  31. Suguna, M., Shalinie, S.M.: Privacy preserving auditing protocol for remote data storage. Clust. Comput. 22(3), 6891–6898 (2019)

    Article  Google Scholar 

  32. Tian, H., Nan, F., Jiang, H., Chang, C.C., Ning, J., Huang, Y.: Public auditing for shared cloud data with efficient and secure group management. Inf. Sci. 472, 107–125 (2019)

    Article  Google Scholar 

  33. Wang, C., Chow, S.S., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for secure cloud storage. IEEE Trans. Comput. 62(2), 362–375 (2013)

    Article  MathSciNet  Google Scholar 

  34. Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)

    Article  Google Scholar 

  35. Wang, Y., Wu, Q., Qin, B., Tang, S., Susilo, W.: Online/offline provable data possession. IEEE Trans. Inf. Forensic Security 12(5), 1182–1194 (2017)

    Article  Google Scholar 

  36. Yang, K., Jia, X.: An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans. Parallel Distrib. Syst. 24(9), 1717–1726 (2013)

    Article  Google Scholar 

  37. Yu, Y., Zhang, Y., Ni, J., Au, M.H., Chen, L., Liu, H.: Remote data possession checking with enhanced security for cloud storage. Future Gen. Comput. Syst. 52, 77–85 (2015)

    Article  Google Scholar 

  38. Yuan, J., Yu, S.: Pcpor: public and constant-cost proofs of retrievability in cloud. J. Comput. Security 23(3), 403–425 (2015)

    Article  Google Scholar 

  39. Zhang, J., Dong, Q.: Efficient id-based public auditing for the outsourced data in cloud storage. Inf. Sci. 343, 1–14 (2016)

    MathSciNet  Google Scholar 

  40. Zhang, J., Wang, B., He, D., Wang, X.A.: Improved secure fuzzy auditing protocol for cloud data storage. Soft Comput. 23(10), 3411–3422 (2019)

    Article  Google Scholar 

  41. Zheng, W., Lai, C., He, D., Kumar, N., Chen, B.: Secure storage auditing with efficient key updates for cognitive industrial iot environment. IEEE Trans. Ind. Inf. 17(6), 4238–4247 (2021)

    Article  Google Scholar 

Download references

Acknowledgements

The authors would like to thank the anonymous reviewers for the helpful comments and suggestions. This work was partially supported by National Natural Science Foundation of China (No.61932010). This work was also supported by the Zhuhai Top Discipline-Information Security.

Author information

Authors and Affiliations

  1. Department of Computer Science, Jinan University, Guangzhou, 510632, China

    Qingqing Gan, Xiaoming Wang, Jianwei Li, Jiajun Yan & Suyu Li

Authors
  1. Qingqing Gan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xiaoming Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jianwei Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jiajun Yan
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Suyu Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xiaoming Wang.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Gan, Q., Wang, X., Li, J. et al. Enabling online/offline remote data auditing for secure cloud storage. Cluster Comput 24, 3027–3041 (2021). https://doi.org/10.1007/s10586-021-03303-6

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-021-03303-6

Keywords

Search

Navigation