Abstract
Outsourced data, as the significant component of cloud service, has been widely used due to its convenience, low overhead, and high flexibility. To guarantee the integrity of outsourced data, data owner (DO) usually adopts a third party auditor (TPA) to execute the data integrity verification scheme. However, during the verification process, DO cannot fully confirm the reliability of the TPA, and handing over the verification of data integrity to the untrusted TPA may lead to data security threats. In this paper, we focus on the problem of integrity verification of outsourced data in untrusted environment, that is, how to improve the security and efficiency of data integrity verification without utilizing untrusted TPA. To address the problem, we design a decentralized model based on blockchain consisting of some collaborative verification peers (VPs), each of which maintains a replication of the entire blockchain to avoid maliciously tampering with. Based on the model, we present an advanced data integrity verification algorithm which allows DO to store and check the verification information by writing and retrieving the blockchain. In addition, in order to improve the concurrent performance, we extend the algorithm by introducing the verification group (VG) constituting by some VPs organized by Inner-Group and Inter-Group consensus protocols. We conduct a completed security analysis as well as extensive experiments of our proposed approach, and the evaluation results demonstrate that our proposed approaches achieve superior performance.
Similar content being viewed by others
References
1e96a1b27a6cb85df68d728cf3695b0c46dbd44d: Filecoin: A cryptocurrency operated file storage network (2014)
Apache hadoop. http://hadoop.apache.org/
Ali, M., Nelson, J., Shea, R., Freedman, M.J.: Blockstack: A global naming and storage system secured by blockchains. https://www.zurich.ibm.com/dccl/paper-s/nelson_dccl_slides.pdf (2016)
Ali, M., Nelson, J., Shea, R., Freedman, M.J.: Blockstack: A global naming and storage system secured by blockchains (2016)
Armknecht, F., Bohli, J.M., Karame, G.O., Liu, Z., Reuter, C.A.: Outsourced proofs of retrievability. In: ACM Sigsac conference on computer and communications security, pp. 831–843 (2014)
Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: ACM conference on computer and communications security, pp. 598–609 (2007)
Bajaj, S., Sion, R.: Trusteddb: a trusted hardware based database with privacy and data confidentiality. In: ACM SIGMOD international conference on management of data, SIGMOD 2011, Athens, Greece, June, pp. 205–216 (2011)
Becker, G.: Merkle signature schemes, merkle trees and their cryptanalysis. Ruhr-University Bochum, Tech. Rep (2008)
Brenner, S., Wulf, C., Kapitza, R.: Running zookeeper coordination services in untrusted clouds (2014)
Buterin, V.: A next-generation smart contract and decentralized application platform (2014)
Chen, W., Liu, M., Zhang, R., Zhang, Y., Liu, S.: Secure outsourced skyline query processing via untrusted cloud service providers. In: IEEE INFOCOM 2016 - the IEEE international conference on computer communications, pp. 1–9 (2016)
Dang, H., Dinh, T.T.A., Loghin, D., Chang, E.C., Lin, Q., Ooi, B.C.: Towards scaling blockchain systems via sharding. In: Proceedings of the 2019 international conference on management of data, pp. 123–140. ACM (2019)
Dinh, T.T.A., Wang, J., Chen, G., Liu, R., Ooi, B.C., Tan, K.L.: Blockbench: A framework for analyzing private blockchains (2017)
Feldman, A.J., Zeller, W.P., Freedman, M.J., Felten, E.W.: Sporc: group collaboration using untrusted cloud resources. In: Usenix conference on operating systems design and implementation, pp. 337–350 (2010)
Han, S., Xu, Z., Zeng, Y., Chen, L.: Fluid: A blockchain based framework for crowdsourcing. In: Proceedings of the 2019 international conference on management of data, pp. 1921–1924. ACM (2019)
Hao, K., Xin, J., Wang, Z., Jiang, Z., Wang, G.: Decentralized data integrity verification model in untrusted environment. In: Asia-Pacific Web (APWeb) and Web-age information management (WAIM) joint international conference on Web and big data, pp. 410–424. Springer (2018)
Jiye, W., Lingchao, G., Aiqiang, D.: Block chain based data security sharing network architecture research. J. Comput. Res. Development 54(4), 742–749 (2017)
Juels, A.: Pors: proofs of retrievability for large files. In: ACM conference on computer and communications security, pp. 584–597 (2007)
Li, Y., Zheng, K., Yan, Y., Liu, Q., Zhou, X.: Etherql: A query layer for blockchain system (2017)
Lin, C., Shen, Z., Chen, Q., Sheldon, F.T.: A data integrity verification scheme in mobile cloud computing. J. Netw. Comput. Appl. 77, 146–151 (2017)
Lowry, S., Wilkinson, J.: Metadisk: Blockchain-based decentralized file storage application. https://storj.io/metadisk.pdf March 2, 2017
Mao, J., Zhang, Y., Li, P., Li, T., Wu, Q., Liu, J.: A position-aware merkle tree for dynamic cloud data integrity verification. Soft. Comput. 21(8), 2151–2164 (2017)
McConaghy, T., Marques, R.: Bigchaindb: A scalable blockchain database. https://www.bigchaindb.com/whitepaper/bigchaindb-whitepaper.pdf January 11, 2017
Miller, A., Juels, A., Shi, E., Parno, B., Katz, J.: Permacoin: Repurposing bitcoin work for data preservation. In: IEEE symposium on security and privacy, pp. 475–490 (2014)
Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system (2008)
Ongaro, D., Ousterhout, J.K.: In search of an understandable consensus algorithm. In: USENIX annual technical conference, pp. 305–319 (2014)
Sengupta, B., Bag, S., Ruj, S., Sakurai, K.: Retricoin: Bitcoin based on compact proofs of retrievability. In: International conference on distributed computing and networking, pp. 14 (2016)
Shacham, H., Waters, B.: Compact proofs of retrievability. J. Cryptol. 26(3), 442–483 (2013)
Shraer, A., Cachin, C., Cidon, A., Keidar, I., Yan, M., Shaket, D.: Venus:verification for untrusted cloud storage. In: ACM workshop on cloud computing security workshop, pp. 19–30 (2010)
Tsai, W.T., Yu, L., Wang, R., Liu, N., Deng, E.Y.: Blockchain application development techniques (2017)
Wang, S., Dinh, T.T. A., Lin, Q., Xie, Z., Zhang, M., Cai, Q., Chen, G., Fu, W., Ooi, B.C., Ruan, P.: Forkbase: An efficient storage engine for blockchain and forkable applications. arXiv:1802.04949 (2018)
Waters, B.: Compact proofs of retrievability. J. Cryptol. 26(3), 442–483 (2008)
Weil, S.A., Brandt, S.A., Miller, E.L., Long, D.D., Maltzahn, C.: Ceph: A scalable, high-performance distributed file system. In: Proceedings of the 7th symposium on Operating systems design and implementation, pp. 307–320. USENIX Association (2006)
Wilkinson, S., Boshexski, T.: Metadisk: Blockchain-based decentralized file storage application. https://storj.io/storj.pdf January11, 2017
Xu, C., Zhang, C., Xu, J.: vchain: Enabling verifiable boolean range queries over blockchain databases. In: Proceedings of the 2019 international conference on management of data, pp. 141–158. ACM (2019)
Zhang, C., Xu, C., Xu, J., Tang, Y., Choi, B.: Gemˆ 2-tree: A gas-efficient structure for authenticated range queries in blockchain. In: 2019 IEEE 35th international conference on data engineering (ICDE), pp. 842–853. IEEE (2019)
Zhu, Y., Zhang, Z., Jin, C., Zhou, A., Yan, Y.: Sebdb: Semantics empowered blockchain database. In: 2019 IEEE 35th international conference on data engineering (ICDE), pp. 1820–1831. IEEE (2019)
Zyskind, G., Nathan, O., Pentland, A.S.: Decentralizing privacy: Using blockchain to protect personal data. In: IEEE security and privacy workshops, pp. 180–184 (2015)
Acknowledgments
This research was partially supported by the National Natural Science Foundation of China (Nos. 61472069, 61402089 and U1401256), China Postdoctoral Science Foundation (Nos. 2019T120216 and 2018M641705), the Fundamental Research Funds for the Central Universities (Nos. N161602003, N180408019 and N180101028), the CETC Joint Fund, the Open Program of Neusoft Institution of Intelligent Healthcare Technology, Co. Ltd. (No. NRIHTOP1802), and the fund of Acoustics Science and Technology Laboratory.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Hao, K., Xin, J., Wang, Z. et al. Outsourced data integrity verification based on blockchain in untrusted environment. World Wide Web 23, 2215–2238 (2020). https://doi.org/10.1007/s11280-019-00761-2
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11280-019-00761-2