ase-PoW: A Proof of Ownership Mechanism for Cloud Deduplication in Hierarchical Environments

  • Lorena González-ManzanoEmail author
  • Jose Maria de Fuentes
  • Kim-Kwang Raymond Choo
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 198)


Proof-of-Ownership (PoW) can be an effective deduplication technique to reduce storage requirements, by providing cloud storage servers the capability to guarantee that clients only upload and download files that they are in possession of. In this paper, we propose an attribute symmetric encryption PoW scheme (ase-PoW) for hierarchical environments such as corporations, in which (1) the external cloud service provider is honest-but-curious and (2) there is a flexible access control in place to ensure only users with the right privilege can access sensitive files. This is, to the best of our knowledge, the first such scheme and it is built upon the ce-PoW scheme of González-Manzano and Orfila (2015). ase-PoW outperforms ce-PoW in thaact it does not suffer from content-guessing attacks, it reduces client storage needs and computational workload.


Deduplication technique Proof of Ownership Symmetric encryption Access control 



This work was partially supported by the MINECO grant TIN2013-46469-R (SPINY: Security and Privacy in the Internet of You) and the CAM grant S2013/ICE-3095 CIBERDINE-CM (CIBERDINE: Cybersecurity, Data, and Risks) funded by Madrid Autonomous Community and co-funded by European funds. L. González and J.M. de Fuentes were also supported by the Programa de Ayudas para la Movilidad of Carlos III University of Madrid, Spain.


  1. 1.
    Girardi, R.: New drive for education with unlimited storage (2014).
  2. 2.
    Quick, D., Choo, K.-K.R.: Impacts of increasing volume of digital forensic data: a survey and future research challenges. Digit. Invest. 11(4), 273–294 (2014)CrossRefGoogle Scholar
  3. 3.
    Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Future Gener. Comput. Syst. 28(3), 583–592 (2012)CrossRefGoogle Scholar
  4. 4.
    Martini, B., Choo, K.-K.R.: Cloud storage forensics: owncloud as a case study. Digit. Invest. 10(4), 287–299 (2013)CrossRefGoogle Scholar
  5. 5.
    Quick, D., Martini, B., Choo, K.-K.R.: Cloud Storage Forensics. Syngress Publishing/Elsevier, Waltham (2013)Google Scholar
  6. 6.
    Quick, D., Choo, K.-K.R.: Dropbox analysis: data remnants on user machines. Digit. Invest. 10(1), 3–18 (2013)CrossRefGoogle Scholar
  7. 7.
    Li, L., Lu, R., Choo, K.-K.R., Datta, A., Shao, J.: Privacy-preserving outsourced association rule mining on vertically partitioned databases. IEEE Trans. Inf. Forensics Secur. 11(8), 1 (2016)CrossRefGoogle Scholar
  8. 8.
    Liu, X., Choo, K., Deng, R., Lu, R., Weng, J.: Efficient and privacy-preserving outsourced calculation of rational numbers. IEEE Trans. Dependable Secure Comput. PP(99), 1–14 (2016)Google Scholar
  9. 9.
    Liu, X., Deng, R.H., Choo, K.-K.R., Weng, J.: An efficient privacy-preserving outsourced calculation toolkits with multiple keys. IEEE Trans. Inf. Forensics Secur. 11(11), 2401–2414 (2016)CrossRefGoogle Scholar
  10. 10.
    Harnik, D., Pinkas, B., Shulman-Peleg, A.: Side channels in cloud services: deduplication in cloud storage. IEEE Secur. Priv. 8(6), 40–47 (2010)CrossRefGoogle Scholar
  11. 11.
    Halevi, S., Harnik, D., Pinkas, B., Shulman-Peleg, A.: Proofs of ownership in remote storage systems. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 491–500. ACM (2011)Google Scholar
  12. 12.
    Di Pietro, R., Sorniotti, A.: Boosting efficiency and security in proof of ownership for deduplication. In: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, pp. 81–82. ACM (2012)Google Scholar
  13. 13.
    Blasco, J., Orfila, A., Pietro, R.D., Sorniotti, A.: A tunable proof of ownership scheme for deduplication using bloom filters. In: Proceedings of the IEEE Conference on Communications and Network Security, CNS (2014)Google Scholar
  14. 14.
    González-Manzano, L., Orfila, A.: An efficient confidentiality-preserving proof of ownership for deduplication. J. Netw. Comput. Appl. 50, 49–59 (2015)CrossRefGoogle Scholar
  15. 15.
    Jin, X., Wei, L., Yu, M., Yu, N., Sun, J.: Anonymous deduplication of encrypted data with proof of ownership in cloud storage. In: Proceedings of the 13th IEEE/CIC International Conference on Communications in China (ICCC), pp. 224–229 (2013)Google Scholar
  16. 16.
    Puzio, P., Molva, R., Önen, M., Loureiro, S.: Block-level de-duplication with encrypted data. Open J. Cloud Comput. (OJCC) 1(1), 10–18 (2014)Google Scholar
  17. 17.
    Bellare, M., Keelveedhi, S., Ristenpart, T.: Dupless: server-aided encryption for deduplicated storage. In: Proceedings of the 22nd USENIX Conference on Security, pp. 179–194. USENIX Association (2013)Google Scholar
  18. 18.
    Zhou, Y., Feng, D., Xia, W., Fu, M., Huang, F., Zhang, Y., Li, C.: Secdep: a user-aware efficient fine-grained secure deduplication scheme with multi-level key management. In: 2015 31st Symposium on Mass Storage Systems and Technologies (MSST), pp. 1–14 (2015)Google Scholar
  19. 19.
    Li, J., Li, Y.K., Chen, X., Lee, P.P., Lou, W.: A hybrid cloud approach for secure authorized deduplication. IEEE Trans. Parallel Distrib. Syst. 26(5), 1206–1216 (2015)CrossRefGoogle Scholar
  20. 20.
    Naresh, V., Kumar, G.: A novel secure deduplication implementation with efficient and reliable. Int. J. Innov. Technol. 3(6), 1001–1006 (2015)Google Scholar
  21. 21.
    Miao, M., Wang, J., Li, H., Chen, X.: Secure Multi-server-Aided Data Deduplication in Cloud Computing. Elsevier, Amsterdam (2015)Google Scholar
  22. 22.
    Storer, M.W., Greenan, K., Long, D.D., Miller, E.L.: Secure data deduplication. In: Proceedings of the 4th ACM International Workshop on Storage Security and Survivability, pp. 1–10. ACM (2008)Google Scholar
  23. 23.
    Arbour, F.M., Reker, M.M.: System and method for exporting data directly from deduplication storage to non-deduplication storage. US Patent Application 11/731,178, 30 March 2007Google Scholar
  24. 24.
    Stanek, J., Sorniotti, A., Androulaki, E., Kencl, L.: A secure data deduplication scheme for cloud storage. Technical report, IBM (2013)Google Scholar
  25. 25.
    Xu, J., Zhou, J.: Leakage resilient proofs of ownership in cloud storage, revisited. In: Boureanu, I., Owesarski, P., Vaudenay, S. (eds.) ACNS 2014. LNCS, vol. 8479, pp. 97–115. Springer, Cham (2014). doi: 10.1007/978-3-319-07536-5_7 Google Scholar
  26. 26.
    Li, J., Chen, X., Li, M., Li, J., Lee, P., Lou, W.: Secure deduplication with efficient and reliable convergent key management. IEEE Trans. Parallel Distrib. Syst. 25(6), 1615–1625 (2014)CrossRefGoogle Scholar
  27. 27.
    Ng, W.K., Wen, Y., Zhu, H.: Private data deduplication protocols in cloud storage. In: Proceedings of the 27th Annual ACM Symposium on Applied Computing, SAC 2012, pp. 441–446. ACM (2012)Google Scholar
  28. 28.
    Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: INFOCOM, 2010 Proceedings IEEE, pp. 1–9. IEEE (2010)Google Scholar
  29. 29.
    Wang, G., Liu, Q., Wu, J.: Hierarchical attribute-based encryption for fine-grained access control in cloud storage services. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 735–737. ACM (2010)Google Scholar
  30. 30.
    Chow, S.S.: A framework of multi-authority attribute-based encryption with outsourcing and revocation. In: Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies, pp. 215–226. ACM (2016)Google Scholar
  31. 31.
    Yang, Y., Liu, J.K., Liang, K., Choo, K.-K.R., Zhou, J.: Extended proxy-assisted approach: achieving revocable fine-grained encryption of cloud data. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015. LNCS, vol. 9327, pp. 146–166. Springer, Cham (2015). doi: 10.1007/978-3-319-24177-7_8 CrossRefGoogle Scholar
  32. 32.
    Shin, Y., Koo, D., Hur, J., Yun, J.: Secure proof of storage with deduplication for cloud storage systems. Multimedia Tools Appl. 1–16 (2015)Google Scholar
  33. 33.
    Laurie, B., Clayton, R.: “Proof-of-work” proves not to work; version 0.2. In: Workshop on Economics and Information, Security (2004)Google Scholar
  34. 34.
    Chen, L.: Using algebraic signatures to check data possession in cloud storage. Future Gener. Comput. Syst. 29(7), 1709–1715 (2013)CrossRefGoogle Scholar

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2017

Authors and Affiliations

  • Lorena González-Manzano
    • 1
    Email author
  • Jose Maria de Fuentes
    • 1
  • Kim-Kwang Raymond Choo
    • 2
  1. 1.University Carlos III of MadridLeganésSpain
  2. 2.Department of Information Systems and Cyber SecurityUniversity of Texas at San AntonioSan AntonioUSA

Personalised recommendations