International Journal of Information Security

, Volume 13, Issue 2, pp 191–198 | Cite as

Enhanced GeoProof: improved geographic assurance for data in the cloud

  • Aiiad Albeshri
  • Colin Boyd
  • Juan González Nieto
Special Issue Paper

Abstract

The geographic location of cloud data storage centres is an important issue for many organisations and individuals due to various regulations that require data and operations to reside in specific geographic locations. Thus, cloud users may want to be sure that their stored data have not been relocated into unknown geographic regions that may compromise the security of their stored data. Albeshri et al. (2012) combined proof of storage (POS) protocols with distance-bounding protocols to address this problem. However, their scheme involves unnecessary delay when utilising typical POS schemes due to computational overhead at the server side. The aim of this paper is to improve the basic GeoProof protocol by reducing the computation overhead at the server side. We show how this can maintain the same level of security while achieving more accurate geographic assurance.

Keywords

Cloud computing Cloud security Cloud storage Geographic assurance 

References

  1. 1.
    Albeshri, A.A., Boyd, C., Nieto, J.M.G.: Geoproof: proofs of geographic location for cloud computing environment. In: 3rd International Workshop on Security and Privacy in Cloud Computing Part of the 32nd International Conference on Distributed Computing Systems Workshops (ICDCS 2012), pp. 506–514. IEEE, Macau, China (2012)Google Scholar
  2. 2.
    Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS ’07, pp. 598–609. ACM, New York, NY (2007)Google Scholar
  3. 3.
    Benson, K., Dowsley, R., Shacham, H.: Do you know where your cloud files are? In: Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop, CCSW ’11, pp. 73–82. ACM, New York, NY (2011)Google Scholar
  4. 4.
    Chow, R., Golle, P., Jakobsson, M., Shi, E., Staddon, J., Masuoka, R., Molina, J.: Controlling data in the cloud: outsourcing computation without outsourcing control. In: Proceedings of the 2009 ACM Workshop on Cloud Computing Security, pp. 85–90. ACM (2009)Google Scholar
  5. 5.
    Erway, C., Küpçü, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS ’09, pp. 213–222. ACM, New York, NY (2009)Google Scholar
  6. 6.
    Juels, A., Kaliski, B.S. Jr.: PORs: proofs of retrievability for large files. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS ’07, pp. 584–597. ACM, New York, NY (2007)Google Scholar
  7. 7.
    Kamara, S., Lauter, K.: Cryptographic cloud storage. In: Sion, R., et al. (eds.) Financial Cryptography and Data Security, vol. 6054 of Lecture Notes in Computer Science, pp. 136–149. Springer, Berlin (2010)Google Scholar
  8. 8.
    Katz-Bassett, E., John, J.P., Krishnamurthy, A., Wetherall, D., Anderson, T., Chawathe, Y.: Towards IP geolocation using delay and topology measurements. In: Proceedings of the 6th ACM SIGCOMM Conference on Internet Measurement, IMC ’06, pp. 71–84. ACM, New York, NY (2006)Google Scholar
  9. 9.
    Peterson, Z.N.J., Gondree, M., Beverly, R.: A position paper on data sovereignty: the importance of geolocating data in the cloud. In: Proceedings of the 8th USENIX Conference on Networked Systems Design and Implementation (2011) Google Scholar
  10. 10.
    Shacham, H., Waters, B.: Compact proofs of retrievability. In: Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology, ASIACRYPT ’08, pp. 90–107. Springer, Berlin (2008)Google Scholar
  11. 11.
    Wang, Q., Wang, C., Li, J., Ren, K., Lou, W.: Enabling public verifiability and data dynamics for storage security in cloud computing. In: Proceedings of the 14th European Conference on Research in Computer Security, ESORICS’09, pp. 355–370. Springer, Berlin (2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Aiiad Albeshri
    • 1
    • 2
  • Colin Boyd
    • 3
  • Juan González Nieto
    • 1
  1. 1.Queensland University of TechnologyBrisbaneAustralia
  2. 2.Faculty of Computing and ITKing Abdulaziz UniversityJeddahSaudi Arabia
  3. 3.Norwegian University of Science and TechnologyTrondheimNorway

Personalised recommendations