An Auditing Scheme for Cloud-Based Checkout Systems

  • Tao-Ku ChangEmail author
  • Cheng-Yen Lu
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 895)


The goal of this paper is to design and implement a security mechanism for cloud-based checkout systems based on chain-hashing scheme. Many cloud-based checkout systems are developed for merchants. However, storing transaction data in cloud storage is associated with serious security risks. The repudiation problem exists between merchants and service providers. We need a scheme that enables the service provider to prove its innocence and the merchant to prove its guilt. The proof of innocence is also called auditing. This paper designs a secure cloud-based checkout system. We use chain hashing to design auditing scheme for checkout systems.


Cloud security E-commerce Auditing 


  1. 1.
    Feng, J., Chen, Y., Summerville, D., Ku, W.-S., Su, Z.: Enhancing cloud storage security against roll-back attacks with a new fair multi-party non-repudiation protocol. In: 8th IEEE Consumer Communications and Networking Conference (CCNC), pp. 521–522 (2011)Google Scholar
  2. 2.
    Shraer, A., Keidar, I., Cachin, C., Michalevsky, Y., Cidon, A., Shaket, D.: Venus: verification for untrusted cloud storage. In: 17th ACM Cloud Computing Security Workshop (CCSW) (2010)Google Scholar
  3. 3.
    Shah, M.A., Baker, M., Mogul, J., Swaminathan, R: Auditing to keep online storage services honest. In: USENIX HotOS XI: 11st Workshop on Hot Topics in Operating Systems (2007)Google Scholar
  4. 4.
    Li, J., Krohn, M., Mazières, D., Shasha, D.: Secure untrusted data repository (SUNDR). In: USENIX 6th Symposium on Operating Systems Design and Implementation (OSDI 2004) (2004)Google Scholar
  5. 5.
    Mazières, D., Shasha, D.: Building secure file systems out of Byzantine storage. In: 21st Annual ACM Symposium on Principles of Distributed Computing (PODC), pp. 108–117 (2002)Google Scholar
  6. 6.
    Cachin, C., Shelat, A., Shraer, A.: Efficient fork-linearizable access to untrusted shared memory. In: ACM 26th PODC, pp. 129–138 (2007)Google Scholar
  7. 7.
    Majuntje, M., Dobre, D., Serafini, M., Suri, N.: Abortable fork-linearizable storage. In: ACM 13th OPODIS, pp. 255–269 (2009)Google Scholar
  8. 8.
    Cachin, C., Shelat, A., Shraer, A.: Integrity protection for revision control. In: ACM 7th ACNS, pp. 382–399 (2009)Google Scholar
  9. 9.
    Popa, R.A., Lorch, J.R., Molnar, D., Wang, H., Zhuang, L.: Enabling security in cloud storage SLAs with CloudProof. In: USENIX Annual Technical Conference (USENIXATC 2011), p. 31 (2011)Google Scholar
  10. 10.
    Hwang, G.-H., Peng, J.-Z., Huang, W.-S.: A mutual nonrepudiation protocol for cloud storage with interchangeable accesses of a single account from multiple devices. In: 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom 2013) (2013)Google Scholar
  11. 11.
    Merkle, R.C.: A digital signature based on a conventional encryption function. In: A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology (CRYPTO 1987), pp. 369–378 (1988)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Department of Computer Science and Information EngineeringNational Dong Hwa UniversityHualienTaiwan

Personalised recommendations