Abstract
Big data offers significant benefits; however, security and privacy problems must be considered, especially with regard to outsourced big data. Auditing outsourced big data is an important factor in security and privacy. However, most of the existing auditing techniques are not suitable for outsourced big data due to their high computational and communication costs at the auditor and the data owner (DO) side. In this paper, we propose an efficient auditing scheme for outsourced big data based on algebraic signatures and an XOR-homomorphic function, that can achieve numerous advantages, such as fewer challenges and proofs, non-block verification, data privacy preservation, and lower computational and communication costs. The proposed scheme enables a trusted third-party auditor, on behalf of DOs, to audit the outsourced data in a cloud. Thus, reducing the computational burden on the DOs. Subsequently, we construct a new data structure called a Record Table (RTable) and extend the basic auditing scheme to support the data dynamic operations. As our extended scheme does not use public key encryption, the entire process of updating the data incurs only a small computational and communication overhead with regard to the auditor, the DOs, and the cloud server. Finally, the proposed basic scheme is proved secure under the security model against various attacks. Analysis of the performance shows that both our basic scheme and extended scheme are highly efficient.
Similar content being viewed by others
References
Demchenko Y, Ngo C, de Laat C, et al. Big security for big data: addressing security challenges for the big data infrastructure. In: Proceedings of Secure Data Management, Trento, 2013. 76–94
Wang B Y, Li B C, Li H. Oruta: privacy-preserving public auditing for shared data in the cloud. IEEE Trans Cloud Comput, 2014, 2: 43–56
Wang C, Chow S S M, Wang Q, et al. Privacy-preserving public auditing for secure cloud storage. IEEE Trans Comput, 2013, 62: 362–375
Shacham H, Waters B. Compact proofs of retrievability. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security, Melbourne, 2008. 90–107
Wang Q, Wang C, Ren K, et al. Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans Parall Distrib Syst, 2011, 22: 847–859
Chen L, Zhou S, Huang X, et al. Data dynamics for remote data possession checking in cloud storage. Comput Electrical Eng, 2013, 39: 2413–2424
Zhang J, Dong Q. Efficient ID-based public auditing for the outsourced data in cloud storage. Inf Sci, 2016, 343: 1–14
Li J, Zhang L, Liu J K, et al. Privacy-preserving public auditing protocol for low-performance end devices in cloud. IEEE Trans Inform Forensic Secur, 2016, 11: 2572–2583
Wang Z, Han Z, Liu J. Public verifiability for shared data in cloud storage with a defense against collusion attacks. Sci China Inf Sci, 2016, 59: 039101
Wang H, He D, Tang S. Identity-based proxy-oriented data uploading and remote data integrity checking in public cloud. IEEE Trans Inform Forensic Secur, 2016, 11: 1165–1176
Yu Y, Au M H, Ateniese G, et al. Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage. IEEE Trans Inform Forensic Secur, 2017, 12: 767–778
Zhang R, Ma H, Lu Y, et al. Provably secure cloud storage for mobile networks with less computation and smaller overhead. Sci China Inf Sci, 2017, 60: 122104
Sookhak M, Gani A, Khan M K, et al. Dynamic remote data auditing for securing big data storage in cloud computing. Inf Sci, 2017, 380: 101–116
Schwarz T S J, Miller E L. Store, forget, and check: Using algebraic signatures to check remotely administered storage. In: Proceedings of the 26th IEEE International Conference on Distributed Computing Systems, Lisboa, 2006. 12–21
Chen L. Using algebraic signatures to check data possession in cloud storage. Future Generation Comput Syst, 2013, 29: 1709–1715
Sookhak M, Akhunzada A, Gani A, et al. Towards dynamic remote data auditing in computational clouds. Sci World J, 2014, 2014: 269357
Luo Y C, Fu S J, Xu M, et al. Enable data dynamics for algebraic signatures based remote data possession checking in the cloud storage. China Commun, 2014, 11: 114–124
Litwin W, Schwarz T. Algebraic signatures for scalable distributed data structures. In: Proceedings of the 20th International Conference on Data Engineering, Boston, 2004. 412–423
Ateniese G, Burns R, Curtmola R, et al. Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 598–609
Juels A, Kaliski B S. PORs: proofs of retrievability for large files. In: Proceedings of ACM Conference on Computer and Communications Security, Alexandria, 2007. 584–597
Yu Y, Zhang Y, Ni J, et al. Remote data possession checking with enhanced security for cloud storage. Future Generation Comput Syst, 2015, 52: 77–85
Ateniese G, Pietro R D, Mancini L V, et al. Scalable and efficient provable data possession. In: Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, Istanbul, 2008. 1–10
Erway C C, Papamanthou C, Tamassia R. Dynamic provable data possession. ACM Trans Inf Syst Secur, 2009, 17: 213–222
Cash D, Küpçü A, Wichs D. Dynamic proofs of retrievability via oblivious RAM. J Cryptol, 2017, 30: 22–57
Yang K, Jia X. An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans Parallel Distrib Syst, 2013, 24: 1717–1726
Shen J, Shen J, Chen X, et al. An efficient public auditing protocol with novel dynamic structure for cloud data. IEEE Trans Inform Forensic Secur, 2017, 12: 2402–2415
Thangavel M, Varalakshmi P, Preethi T, et al. A review on public auditing in cloud environment. In: Proceedings of Information Communication and Embedded Systems, Chennai, 2016. 1–6
Ateniese G, Burns R, Curtmola R, et al. Remote data checking using provable data possession. ACM Trans Inf Syst Secur, 2011, 14: 1165–1182
Ren S Q, Tan B H M, Sundaram S, et al. Secure searching on cloud storage enhanced by homomorphic indexing. Future Generation Comput Syst, 2016, 65: 102–110
Ade-Ibijola A O. A simulated enhancement of Fisher-Yates algorithm for shuffling in virtual card games using domainspecific data structures. Int J Comput Appl, 2012, 54: 24–28
Barsoum A, Hasan A. On verifying dynamic multiple data copies over cloud servers. IACR Cryptol Eprint Arch, 2011, 2011: 447–476
Barsoum A, Hasan A. Enabling dynamic data and indirect mutual trust for cloud computing storage systems. IEEE Trans Parall Distrib Syst, 2013, 24: 2375–2385
Acknowledgements
This work was partially supported by National Natural Science Foundation of China (Grant Nos. 61070164, 61272415), Natural Science Foundation of Guangdong Province, China (Grant No. S2012010008767), and Science and Technology Planning Project of Guangdong Province, China (Grant No. 2013B010401015). This work was also supported by the Zhuhai Top Discipline-Information Security.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Gan, Q., Wang, X. & Fang, X. Efficient and secure auditing scheme for outsourced big data with dynamicity in cloud. Sci. China Inf. Sci. 61, 122104 (2018). https://doi.org/10.1007/s11432-017-9410-9
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s11432-017-9410-9