Skip to main content
SpringerLink
Log in

Auditing for Data Integrity and Reliability in Cloud Storage

  • Chapter
  • First Online:
Book cover Handbook on Data Centers

Abstract

Security has been identified as the most serious concern that prevents users from outsourcing sensitive data to the cloud. An efficient cloud auditing system will relieve users's concerns regarding the availability and integrity of their outsourced data by providing evidence and records to track the activities in the cloud. This chapter provides a complete view of cloud storage auditing systems from multiple perspectives, including a clear definition, applicable technologies, major challenges, current research status, and open questions. First of all, a systematical introduction to general design principles and focuses of information auditing is given from three different aspects: strategy oriented, process oriented, and resource oriented. Then, two useful technologies, Provable Data Possession (PDP) and Proof of Retrievability (POR), are discussed thoroughly, which have been developed to verify data integrity and availability in distributed storage systems. Several typical algorithms are analyzed to illustrate their design rationales and tradeoffs. Following that, the challenges in developing a cloud auditing system are discussed and current efforts in the cloud security community are introduced. Finally, several open questions are identified, which are expected to be addressed in the near future.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    In [12], the state α is not clearly defined. This interpretation of α is based on the σ in challenge function in Sect. 3.1 of [12].

References

  1. Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proceedings of the 14th ACM conference on Computer and communications security, CCS '07, pp. 598–609. ACM, New York, NY, USA (2007). DOI 10.1145/1315245.1315318. URL http://doi.acm.org/10.1145/1315245.1315318

  2. Ateniese, G., Di Pietro, R., Mancini, L.V., Tsudik, G.: Scalable and efficient provable data possession. In: Proceedings of the 4th international conference on Security and privacy in communication networks, SecureComm '08, pp. 9:1–9:10. ACM, New York, NY, USA (2008). DOI 10.1145/1460877.1460889. URL http://doi.acm.org/10.1145/1460877.1460889

  3. Ateniese, G., Kamara, S., Katz, J.: Proofs of Storage from Homomorphic Identification Protocols. In: M. Matsui (ed.) Advances in Cryptology - ASIACRYPT 2009, Lecture Notes in Computer Science, vol. 5912, chap. 19, pp. 319–333. Springer Berlin / Heidelberg, Berlin, Heidelberg (2009). DOI 10.1007/978-3-642-10366-7_19. URL http://dx.doi.org/10.1007/978-3-642-10366-7_19

  4. Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. Advances in Cryptology-EUROCRYPT 2003 pp. 641–641 (2003)

    Google Scholar 

  5. Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. Journal of Cryptology 17, 297–319 (2004). URL http://dx.doi.org/10.1007/s00145-004-0314-9. 10.1007/s00145-004-0314–9

  6. Buchanan, S., Gibb, F.: The information audit: Role and scope. International journal of information management 27(3), 159–172 (2007)

    Article  Google Scholar 

  7. Erway, C., Küpçü, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. In: Proceedings of the 16th ACM conference on Computer and communications security, CCS '09, pp. 213–222. ACM, New York, NY, USA (2009). DOI 10.1145/1653662.1653688. URL http://doi.acm.org/10.1145/1653662.1653688

  8. Feng, J., Chen, Y.: A fair non–repudiation framework for data integrity in cloud storage services. International Journal of Cloud Computing 2(1), 20–47 (2013)

    Article  Google Scholar 

  9. Feng, J., Chen, Y., Liu, P.: Bridging the missing link of cloud data storage security in aws. In: Consumer Communications and Networking Conference (CCNC), 2010 7th IEEE, pp. 1–2. IEEE (2010)

    Google Scholar 

  10. Feng, J., Chen, Y., Summerville, D., Ku, W.S., Su, Z.: Enhancing cloud storage security against roll-back attacks with a new fair multi-party non-repudiation protocol. In: Consumer Communications and Networking Conference (CCNC), 2011 IEEE, pp. 521–522. IEEE (2011)

    Google Scholar 

  11. Feng, J., Chen, Y., Summerville, D.H.: A fair multi-party non-repudiation scheme for storage clouds. In: Collaboration Technologies and Systems (CTS), 2011 International Conference on, pp. 457–465. IEEE (2011)

    Google Scholar 

  12. Juels, A., Kaliski Jr., B.S.: Pors: proofs of retrievability for large files. In: Proceedings of the 14th ACM conference on Computer and communications security, CCS '07, pp. 584–597. ACM, New York, NY, USA (2007). DOI 10.1145/1315245.1315317. URL http://doi.acm.org/10.1145/1315245.1315317

  13. Merkle, R.: Protocols for public key cryptosystems. In: IEEE Symposium on Security and privacy, vol. 1109, pp. 122–134 (1980)

    Google Scholar 

  14. Ould, M.A.: Business Processes: Modeling and Analysis for Re-engineering and Improvement. Wiley, Chichester (1995)

    Google Scholar 

  15. Pearson, S.: Toward accountability in the cloud. Internet Computing, IEEE 15(4), 64 –69 (2011). DOI 10.1109/MIC.2011.98

    Google Scholar 

  16. Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978). DOI 10.1145/359340.359342. URL http://doi.acm.org/10.1145/359340.359342

  17. Shacham, H., Waters, B.: Compact Proofs of Retrievability Advances in Cryptology - ASIACRYPT 2008. In: J. Pieprzyk (ed.) Advances in Cryptology - ASIACRYPT 2008, Lecture Notes in Computer Science, vol. 5350, chap. 7, pp. 90–107. Springer Berlin / Heidelberg, Berlin, Heidelberg (2008). DOI 10.1007/978-3-540-89255-7_7. URL http://dx.doi.org/10.1007/978-3-540-89255-7_7

  18. Wang, C., Chow, S., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for secure cloud storage. Computers, IEEE Transactions on PP(99), 1 (2011). DOI 10.1109/TC.2011.245

    Google Scholar 

  19. Wang, C., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for data storage security in cloud computing. In: INFOCOM, 2010 Proceedings IEEE, pp. 1–9 (2010). DOI 10.1109/INFCOM.2010.5462173

    Google Scholar 

  20. Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. Parallel and Distributed Systems, IEEE Transactions on 22(5), 84–7 –859 (2011). DOI 10.1109/TPDS.2010.183

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Electrical and Computer Engineering, Binghamton University, State University of New York, Binghamton, New York, USA

    Bingwei Liu & Yu Chen

Authors
  1. Bingwei Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yu Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bingwei Liu .

Editor information

Editors and Affiliations

  1. Department of Electrical and Computer Engineering, North Dakota State University, Fargo, North Dakota, USA

    Samee U. Khan

  2. School of Information Technologies, The University of Sydney, Sydney, New South Wales, Australia

    Albert Y. Zomaya

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer Science+Business Media New York

About this chapter

Cite this chapter

Liu, B., Chen, Y. (2015). Auditing for Data Integrity and Reliability in Cloud Storage. In: Khan, S., Zomaya, A. (eds) Handbook on Data Centers. Springer, New York, NY. https://doi.org/10.1007/978-1-4939-2092-1_17

Download citation

  • DOI: https://doi.org/10.1007/978-1-4939-2092-1_17

  • Published:

  • Publisher Name: Springer, New York, NY

  • Print ISBN: 978-1-4939-2091-4

  • Online ISBN: 978-1-4939-2092-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation