Abstract
Cloud computing is a current phrase in marketing for an idea which has been recognized for years: Outsourcing. Cloud computing provides a large amount of gratuities for each customer and enterprise agency. “Cloud model” is a more of a notion in which the data are hosted online and accessed in a time-anywhere manner, on a pay-per-use model. However, the users may not fully trust the cloud service providers (CSPs) in that environment. So, it is hard to decide whether the CSP meet their expectations to provide the proper secrecy to shared data. Moreover, in the environment of outsourcing, users have no longer control and ownership of data which may cause serious major issues related to data integrity. Previously, many researchers have committed themselves to draft auditing protocols for attaining proper public verification schemes through third-party auditor (TPA). On the other hand, these schemes may leak identity or data value to the third-party auditor. Therefore, to deal with these problems, we introduce an efficient public auditing protocol by constructing binary binomial tree (BBT)-like data structure with Boneh–Lynn–Shacham signature-based Homomorphic Verifiable Authenticator (BLS-HVA). This model also consists an index hash table (IHT), situated at TPA to record the information about the data block’s properties for auditing procedure. This model supports sampling blockless verification, batch auditing, and dynamic updating operations. Moreover, with such novel dynamic data structure, the proposed model guarantees that user’s group can easily trace any type of data changes through the designated BBT. Along with this, the users can also easily recover the accurate data blocks whenever the current data blocks are corrupted. The experimental results demonstrate that the proposed auditing model efficiently attains secure auditing for the cloud environment and outperforms the existing models in terms of communication and computation overhead.
Similar content being viewed by others
References
Abbasi AA, Abbasi A, Shamshirband S, Chronopoulos AT, Persico V, Pescapè A (2019) Software-defined cloud computing: a systematic review on latest trends and developments. IEEE Access 7:93294–93314
Miyachi C (2018) What is “Cloud”? It is time to update the NIST definition? IEEE Cloud Comput 3:6–11
Hsien WF, Yang CC, Hwang MS (2016) A survey of public auditing for secure data storage in cloud computing. IJ Netw Secur 18(1):133–142
Singh A, Chatterjee K (2017) Cloud security issues and challenges: a survey. J Netw Comput Appl 79:88–115
Shen W, Qin J, Yu J, Hao R, Hu J (2018) Enabling identity-based integrity auditing and data sharing with sensitive information hiding for secure cloud storage. IEEE Trans Inf Forensics Secur 14(2):331–346. https://doi.org/10.1109/TIFS.2018.2850312
Kumar R, Goyal R (2019) On cloud security requirements, threats, vulnerabilities and countermeasures: a survey. Comput Sci Rev 33:1–48
Yu J, Ren K, Wang C, Varadharajan V (2015) Enabling cloud storage auditing with key-exposure resistance. IEEE Trans Inf Forensics Secur 10(6):1167–1179. https://doi.org/10.1109/TIFS.2015.2400425
Yang G, Yu J, Shen W, Su Q, Fu Z, Hao R (2016) Enabling public auditing for shared data in cloud storage supporting identity privacy and traceability. J Syst Softw 113:130–139
Yu Y, Niu L, Yang G, Mu Y, Susilo W (2014) On the security of auditing mechanisms for secure cloud storage. Future Gener Comput Syst 30:127–132
Juels A, Kaliski Jr BS (2007) PORs: proofs of retrievability for large files. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, p 584–597. ACM. https://doi.org/10.1145/1315245.1315317
Ateniese G, Di Pietro R, Mancini LV, Tsudik G (2008) Scalable and efficient provable data possession. In: Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks, p 9. ACM. https://doi.org/10.1145/1460877.1460889
Wang C, Chow SS, Wang Q, Ren K, Lou W (2013) Privacy-preserving public auditing for secure cloud storage. IEEE Trans Comput 62(2):362–375. https://doi.org/10.1109/TC.2011.245
Worku SG, Xu C, Zhao J, He X (2014) Secure and efficient privacy-preserving public auditing scheme for cloud storage. Comput Electr Eng 40(5):1703–1713. https://doi.org/10.1016/j.compeleceng.2013.10.004
Shen J, Shen J, Chen X, Huang X, Susilo W (2017) An efficient public auditing protocol with novel dynamic structure for cloud data. IEEE Trans Inf Forensics Secur 12(10):2402–2415
Liu C, Ranjan R, Yang C, Zhang X, Wang L, Chen J (2015) MUR-DPA: top-down levelled multi-replica merkle hash tree based secure public auditing for dynamic big data storage on cloud. IEEE Trans Comput 9:2609–2622. https://doi.org/10.1109/TC.2014.2375190
Wang H, He D, Yu J, Wang Z (2016) Incentive and unconditionally anonymous identity-based public provable data possession. IEEE Trans Serv Comput. https://doi.org/10.1109/TSC.2016.2633260
Erway CC, Küpçü A, Papamanthou C, Tamassia R (2015) Dynamic provable data possession. ACM Trans Inf Syst Secur (TISSEC) 17(4):15. https://doi.org/10.1145/2699909
Shacham H, Waters B (2008) Compact proofs of retrievability. In: International Conference on the Theory and Application of Cryptology and Information Security, p 90–107. Springer, Berlin. https://doi.org/10.1007/978-3-540-89255-7
Ramesh D, Mishra R, Edla DR (2017) Secure data storage in cloud: an e-stream cipher-based secure and dynamic updation policy. Arabian J Sci Eng 42(2):873–883. https://doi.org/10.1007/s13369-016-2357-2
Ramesh D, Mishra R, Pandit AK (2018) An efficient stream cipher based secure and dynamic updation method for cloud data centre. In: International Conference on Soft Computing Systems, p 505–516. Springer, Singapore. https://doi.org/10.1007/978-981-13-1936-5_53
Wang H, He D, Tang S (2016) Identity-based proxy-oriented data uploading and remote data integrity checking in public cloud. IEEE Trans Inf Forensics Secur 11(6):1165–1176. https://doi.org/10.1109/TIFS.2016.2520886
Tian H, Chen Y, Chang CC, Jiang H, Huang Y, Chen Y, Liu J (2017) Dynamic-hash-table based public auditing for secure cloud storage. IEEE Trans Serv Comput 10(5):701–714. https://doi.org/10.1109/TSC.2015.2512589
Wu L, Wang J, Zeadally S, He D (2018) Privacy-preserving auditing scheme for shared data in public clouds. J Supercomput 74(11):6156–6183
Li Y, Yu Y, Min G, Susilo W, Ni J, Choo KKR (2017) Fuzzy identity-based data integrity auditing for reliable cloud storage systems. IEEE Trans Dependable Secure Comput. https://doi.org/10.1109/TDSC.2017.2662216
Fu A, Yu S, Zhang Y, Wang H, Huang C (2017) NPP: a new privacy-aware public auditing scheme for cloud data sharing with group users. IEEE Trans Big Data. https://doi.org/10.1109/TBDATA.2017.2701347
Li J, Yan H, Zhang Y (2020) Identity-based privacy preserving remote data integrity checking for cloud storage. IEEE Syst J
Xue L, Ni J, Li Y, Shen J (2017) Provable data transfer from provable data possession and deletion in cloud storage. Comput Stand Interfaces 54:46–54
Aujla GS, Chaudhary R, Kumar N, Das AK, Rodrigues JJ (2018) SecSVA: secure storage, verification, and auditing of big data in the cloud environment. IEEE Commun Mag 56(1):78–85
Zhang J, Dong Q (2016) Efficient ID-based public auditing for the outsourced data in cloud storage. Inf Sci 343:1–14
Tian H, Nan F, Jiang H, Chang CC, Ning J, Huang Y (2019) Public auditing for shared cloud data with efficient and secure group management. Inf Sci 472:107–125
Zhu Y, Ahn GJ, Hu H, Yau SS, An HG, Hu CJ (2013) Dynamic audit services for outsourced storages in clouds. IEEE Trans Serv Comput 6(2):227–238. https://doi.org/10.1109/TSC.2011.51
Wang B, Li B, Li H (2015) Panda: public auditing for shared data with efficient user revocation in the cloud. IEEE Trans Serv Comput 8(1):92–106. https://doi.org/10.1109/TSC.2013.2295611
Liu C, Chen J, Yang LT, Zhang X, Yang C, Ranjan R, Kotagiri R (2014) Authorized public auditing of dynamic big data storage on cloud with efficient verifiable fine-grained updates. IEEE Trans Parallel Distrib Syst 25(9):2234–2244. https://doi.org/10.1109/TPDS.2013.191
Wang B, Li B, Li H (2014) Oruta: privacy-preserving public auditing for shared data in the cloud. IEEE Trans Cloud Comput 2(1):43–56. https://doi.org/10.1109/TCC.2014.2299807
Boneh D, Gentry C, Lynn B, Shacham H (2003) Aggregate and verifiably encrypted signatures from bilinear maps. In: International Conference on the Theory and Applications of Cryptographic Techniques, p 416–432. Springer, Berlin. https://doi.org/10.1007/3-540-39200-9_26
Boneh D, Lynn B, Shacham H (2004) Short signatures from the Weil pairing. J Cryptol 17(4):297–319. https://doi.org/10.1007/s00145-004-0314-9
Arabacı O, Kiraz MS, Sertkaya I, Uzunkol O (2015). More efficient secure outsourcing methods for bilinear maps. Cryptology ePrint Archive, Report 2015/960
Yao X, Chen Z, Tian Y (2015) A lightweight attribute-based encryption scheme for the internet of things. Future Gener Comput Syst 49:104–112. https://doi.org/10.1016/j.future.2014.10.010
He D, Kumar N, Wang H, Wang L, Choo KKR (2017) Privacy-preserving certificateless provable data possession scheme for big data storage on cloud. Appl Math Comput 314:31–43
Li J, Yan H, Zhang Y (2018) Certificateless public integrity checking of group shared data on cloud storage. IEEE Trans Serv Comput
Nayak SK, Tripathy S (2018) SEPDP: secure and efficient privacy preserving provable data possession in cloud storage. IEEE Trans Serv Comput. https://doi.org/10.1109/TSC.2018.2820713
Wang T, Yang B, Liu H, Yu Y, Qiu G, Xia Z (2018) An alternative approach to public cloud data auditing supporting data dynamics. Soft Comput. https://doi.org/10.1007/s00500-018-3155-4
Tian H, Chen Y, Jiang H, Huang Y, Nan F, Chen Y (2019) Public auditing for trusted cloud storage services. IEEE Secur Priv 17(1):10–22. https://doi.org/10.1109/MSEC.2018.2875880
Li A, Tan S, Jia Y (2019) A method for achieving provable data integrity in cloud computing. J Supercomput 75(1):92–108. https://doi.org/10.1007/s11227-015-1598-2
Mishra R, Ramesh D, Edla DR, Sah MK (2020) Binary binomial tree based secure and efficient electronic healthcare record storage in cloud environment. International Conference on Innovations for Community Services. Springer, Cham, pp 173–186
Syam Kumar P, Subramanian R (2012) RSA-based dynamic public audit service for integrity verification of data storage in cloud computing using Sobol sequence. Int J Cloud Comput 1(2–3):167–200
Liu CW, Hsien WF, Yang CC, Hwang MS (2016) A survey of public auditing for shared data storage with user revocation in cloud computing. IJ Netw Secur 18(4):650–666
Ren YJ, Shen J, Wang J, Han J, Lee SY (2015) Mutual verifiable provable data auditing in public cloud storage. 16(2):317–323
Menezes AJ, Katz J, Van Oorschot PC, Vanstone SA (1996) Handbook of applied cryptography. CRC Press, Boca Raton
Yacobi Y (2002) A note on the bilinear Diffie-Hellman assumption. IACR Cryptol. ePrint Arch. 2002, 113
Galbraith SD, Gaudry P (2016) Recent progress on the elliptic curve discrete logarithm problem. Des Codes Cryptogr 78(1):51–72
Lu JZ, Zhou J (2012) Preventing delegation-based mobile authentications from man-in-the-middle attacks. Comput Stand Interfaces 34(3):314–326
Acknowledgements
This research work is supported by Indian Institute of Technology (ISM), Dhanbad, Govt. of India. The authors wish to express their gratitude and heartiest thanks to the Department of Computer Science and Engineering, Indian Institute of Technology (ISM), Dhanbad, India for providing their research support. A preliminary version of this manuscript has been presented at the 20th International Conference on Innovations for Community Services (I4CS 2020)[45]. In the preliminary version [45], the proposed methodology is designed for storage of Electronic healthcare records in cloud environment. In this extended version, we further enhance the model in terms of proper formal security model, security proofs, resistance against replace and reply attack, global verification, proper explanation about traceability and recoverability with proper retrievability.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Mishra, R., Ramesh, D. & Edla, D.R. BB-tree based secure and dynamic public auditing convergence for cloud storage. J Supercomput 77, 4917–4956 (2021). https://doi.org/10.1007/s11227-020-03456-y
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-020-03456-y