Abstract
Dynamic outsourced data managed by an untrusted third party is prone to integrity violation. Data auditing is a well-known posterior mechanism to detect integrity violations. Existing integrity auditing schemes are centralized and take significant computation, storage, or communication cost at the data owner. Recently, a distributed auditing scheme involving three parties: the data owner, storage server, and end-users, is proposed. However, it uses redundant failure reports for a corrupt file increases the storage, computation, and communication costs. Also, the low-configured end-users may avoid auditing tasks for efficiency reasons. This paper proposes a secure and efficient distributed auditing scheme for outsourced data that utilizes blockchain and edge computing. The blockchain securely stores distinct failure reports, while edge nodes handle local auditing tasks. The scheme is compared with the existing distributed auditing scheme and found to be secure, and more efficient in terms of computational cost at the data owner and communication cost used by the scheme participants.
Similar content being viewed by others
Data Availability
No datasets are generated during and/ or analyzed during the current study. A preliminary version of this paper [36] appeared in the proceedings of ANTS 2022.
References
Arapinis, M., Bursuc, S., & Ryan, M. (2013). Privacy-supporting cloud computing by in-browser key translation. Journal of Computer Security, 21(6), 847–880.
Kumar, N., Mathuria, A.: Improved write access control and stronger freshness guarantee to outsourced data. In: Proceedings of the 18th International Conference on Distributed Computing and Networking, pp. 1–8 (2017)
G Filho, D.L., Barreto, P.S.L.M.: Demonstrating data possession and uncheatable data transfer. cryptology ePrint Archive (2006)
Garg, N., Bawa, S., Kumar, N.: An efficient data integrity auditing protocol for cloud computing. FGCS (2020)
Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D. (2007). Provable data possession at untrusted stores. In Proceedings of the 14th ACM conference on computer and communications security (pp. 598–609). ACM.
Ateniese, G., Di Pietro, R., Mancini, L.V., & Tsudik, G. (2008) Scalable and efficient provable data possession. In Proceedings of the 4th international conference on security and privacy in communication networks (p. 9). ACM.
Ateniese, G., Burns, R., Curtmola, R., Herring, J., Khan, O., Kissner, L., Peterson, Z., & Song, D. (2011). Remote data checking using provable data possession. ACM Transactions on Information and System Security (TISSEC), 14(1), 1–34.
Ateniese, G., Goodrich, M.T., Lekakis, V., Papamanthou, C., Paraskevas, E., & Tamassia, R. (2017). Accountable storage. In International conference on applied cryptography and network security (pp. 623–644). Springer.
Barsoum, A.F., & Hasan, M.A. (2010). Provable possession and replication of data over cloud servers. In Centre for Applied Cryptographic Research (CACR), University of Waterloo, Report (Vol. 32, pp. 21–22).
Erway, C. C., Küpçü, A., Papamanthou, C., & Tamassia, R. (2015). Dynamic provable data possession. ACM Transactions on Information and System Security, 17(4), 1–29.
Dwivedi, A.K., Kumar, N., & Pathela, M. (2020). Distributed and lazy auditing of outsourced data. In ICDCIT (pp. 364–379). Springer.
Dwivedi, A., Kumar, N., & Das, M.L. (2022). On accountable and distributed audit of outsourced data integrity. In 6th world conference on smart trends in systems, security and sustainability. Springer.
Popa, R.A., Lorch, J.R., Molnar, D., Wang, H.J., & Zhuang, L. (2011). Enabling security in cloud storage Slas with Cloudproof. In USENIX annual technical conference (Vol. 242, pp. 355–368).
Dwivedi, A. K., Kumar, N., & Das, M. L. (2022). Group data freshness scheme for outsourced data in distributed systems. FGCS, 133, 141–152.
Krawczyk, H., Bellare, M., & Canetti, R. (1997). RFC2104: HMAC: Keyed-hashing for message authentication. RFC Editor.
Rivest, R. L., Shamir, A., & Adleman, L. (1978). A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2), 120–126.
Hsiao, H.-C., Lin, Y.-H., Studer, A., Studer, C., Wang, K.-H., Kikuchi, H., Perrig, A., Sun, H.-M., & Yang, B.-Y. (2009). A study of user-friendly hash comparison schemes. In 2009 annual computer security applications conference (pp. 105–114). IEEE.
Dwivedi, A.K., Kumar, N., Gajera, H., Das, M.L., & Goswami, A. (2023). An efficient and verifiable ownership transfer of cloud data. https://doi.org/10.36227/techrxiv.23622513.v1
Far, S. B., Asaar, M. R., & Haghbin, A. (2023). Distributed auditing protocol for untraceable transactions. Journal of Information Security and Applications, 73, 103429.
Zhang, W., Jiao, H., Yan, Z., Wang, X., & Khan, M. K. (2023). Security analysis and improvement of a public auditing scheme for secure data storage in fog-to-cloud computing. Computers & Security, 125, 103019.
Li, X., Shang, S., Liu, S., Gu, K., Jan, M. A., Zhang, X., & Khan, F. (2022). An identity-based data integrity auditing scheme for cloud-based maritime transportation systems. IEEE Transactions on Intelligent Transportation Systems, 24(2), 2556–2567.
Saxena, R., & Dey, S. (2016). Cloud audit: A data integrity verification approach for cloud computing. Procedia Computer Science, 89, 142–151.
Zhang, Y., Xu, C., Liang, X., Li, H., Mu, Y., & Zhang, X. (2016). Efficient public verification of data integrity for cloud storage systems from indistinguishability obfuscation. IEEE Transactions on Information Forensics and Security, 12(3), 676–688.
Huang, K., Xian, M., Fu, S., & Liu, J. (2014). Securing the cloud storage audit service: Defending against frame and collude attacks of third party auditor. IET Communications, 8(12), 2106–2113.
Zhang, Y., Xu, C., Li, H., & Liang, X. (2016). Cryptographic public verification of data integrity for cloud storage systems. IEEE Cloud Computing, 5, 44–52.
Li, J., Wu, J., Jiang, G., & Srikanthan, T. (2020). Blockchain-based public auditing for big data in cloud storage. Information Processing & Management, 57(6), 102382.
Chang, A.-M., Bailey, A. D., & Whinston, A. B. (1993). Multi-auditor cooperation: A model of distributed reasoning. IEEE Transactions on Engineering Management, 40(4), 346–359. https://doi.org/10.1109/17.257727
Li, Z., Li, Y., Lu, L., & Ding, Y. (2023). Blockchain-based auditing with data self-repair: From centralized system to distributed storage. Journal of Systems Architecture, 137, 102854.
Shu, J., Zou, X., Jia, X., Zhang, W., & Xie, R. (2021). Blockchain-based decentralized public auditing for cloud storage. IEEE Transactions on Cloud Computing, 10(4), 2366–2380.
Zhang, Y., Xu, C., Lin, X., & Shen, X. S. (2019). Blockchain-based public integrity verification for cloud storage against procrastinating auditors. IEEE Transactions on Cloud Computing, 9(3), 923–937.
Yuan, Y., Zhang, J., Xu, W., & Li, Z. (2022). Identity-based public data integrity verification scheme in cloud storage system via blockchain. The Journal of Supercomputing, 78(6), 8509–8530.
Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system. Decentralized Business Review, 21260.
Maheshwari, R., Kumar, N., Shadi, M., & Tiwari, S. (2021). Consensus-based data replication protocol for distributed cloud. The Journal of Supercomputing, 77(8), 8653–8673.
Castro, M., & Liskov, B. (2002). Practical byzantine fault tolerance and proactive recovery. TOCS, 20(4), 398–461.
Hillmann, P., Knüpfer, M., Heiland, E., & Karcher, A. (2020). Selective deletion in a blockchain. In IEEE 40th ICDCS (pp. 1249–1256). IEEE.
Dwivedi, A.K., Kumar, N., & Das, M.L. (2022). Distributed integrity auditing of cloud data using edge computing and blockchain. In 2022 IEEE international conference on advanced networks and telecommunications systems (ANTS) (pp. 320–325). IEEE.
Funding
The authors declare that no funds, grants, or other support were received during the preparation of this manuscript.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors have no relevant financial or non-financial interests to disclose.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Dwivedi, A.K., Kumar, N. & Das, M.L. Edge Computing and Blockchain-Based Distributed Audit of Outsourced Dynamic Data. Wireless Pers Commun (2024). https://doi.org/10.1007/s11277-024-11094-3
Accepted:
Published:
DOI: https://doi.org/10.1007/s11277-024-11094-3