Abstract
Low cost, high performance and on-demand access of cloud infrastructure facilitates individuals and organizations to outsource their high volume of data to cloud storage system. With continuously increasing demand of cloud storage, security of users’ data in cloud is becoming a great challenge. One of the security concerns is ensuring integrity of the data stored in the cloud, and trusted third-party based public auditing is a standard technique for cloud data authentication. In this paper, for the first time, we propose an auditing scheme for cloud data without requiring a third party. We exploit the block-chain data structure of Bitcoins to propose an auditing mechanism whereby any user can perform the validation of selected files efficiently. In case a user does not possess the required computational resource for verification, or a user is reluctant to do the verification, our scheme provides the option for third party verification as well, without any additional overhead of data structure, computation or storage.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
Since “block” in the context of block-chain means a node in the chain, we use the term “file-block” to denote the smallest unit of data-chunk in the file.
- 2.
A file-block may be further divided into s smaller parts. In our scheme, s is taken to be 1. Hence for fair comparison, we have taken \(s=1\) for the other schemes as well.
References
Alkhojandi, N., Miri, A.: Privacy-preserving public auditing in cloud computing with data deduplication. In: Cuppens, F., Garcia-Alfaro, J., Zincir Heywood, N., Fong, P.W.L. (eds.) FPS 2014. LNCS, vol. 8930, pp. 35–48. Springer, Heidelberg (2015). doi:10.1007/978-3-319-17040-4_3
Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Ning, P., et al. [13], pp. 598–609
Coelho, F.: An (almost) constant-effort solution-verification proof-of-work protocol based on merkle trees. IACR Cryptology ePrint Archive 2007:433 (2007)
Deswarte, Y., Quisquater, J.-J., Saïdane, A.: Remote integrity checking. In: Jajodia, S., Strous, L. (eds.) Integrity and Internal Control in Information Systems VI. IIFIP, vol. 140, pp. 1–11. Springer, Heidelberg (2004). doi:10.1007/1-4020-7901-X_1
Ederov, B.: Merkle tree traversal techniques. Bachelor thesis, Technische Universität Darmstadt (2007)
Erway, C.C., Küpçü, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. ACM Trans. Inf. Syst. Secur. 17(4), 15 (2015)
Gazzoni Filho, D.L., Barreto, P.S.L.M.: Demonstrating data possession, uncheatable data transfer. IACR Cryptology ePrint Archive, 2006:150 (2006)
Juels, A., Kaliski Jr., B.S.: PORs: proofs of retrievability for large files. In: Ning, P., et al. [13], pp. 584–597
Li, L., Xu, L., Li, J., Zhang, C.: Study on the third-party audit in cloud storage service. In: Proceedings of the International Conference on Cloud and Service Computing, CSC 2011, pp. 220–227. IEEE Computer Society, Washington, DC (2011)
Merkle, R.C.: Secrecy, Authentication, and Public Key Systems. PhD thesis, Stanford, CA, USA, AAI8001972 (1979)
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system, May 2009
Naor, M., Rothblum, G.N.: The complexity of online memory checking. J. ACM 56(1), 2:1–2:46 (2009)
Ning, P., di Vimercati, S.D.C., Syverson, P.F. (eds.) Proceedings of the ACM Conference on Computer and Communications Security, CCS, Alexandria, Virginia, USA, 28–31 October 2007. ACM (2007)
Tian, H., Chen, Y., Chang, C.-C., Jiang, H., Huang, Y., Chen, Y., Liu, J.: Dynamic-hash-table based public auditing for secure cloud storage. IEEE Trans. Serv. Comput. (2016). doi:10.1109/TSC.2015.2512589
Wang, C., Ren, K., Lou, W., Li, J.: Toward publicly auditable secure cloud data storage services. IEEE Network 24(4), 19–24 (2010)
Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)
Yang, K., Jia, X.: Data storage auditing service in cloud computing: challenges, methods and opportunities. World Wide Web 15(4), 409–428 (2012)
Yang, K., Jia, X.: An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans. Parallel Distrib. Syst. 24(9), 1717–1726 (2013)
Zhu, Y., Ahn, G.-J., Hongxin, H., Yau, S.S., An, H.G., Changjun, H.: Dynamic audit services for outsourced storages in clouds. IEEE Trans. Serv. Comput. 6(2), 227–238 (2013)
Zhu, Y., Hongxin, H., Ahn, G.-J., Mengyang, Y.: Cooperative provable data possession for integrity verification in multicloud storage. IEEE Trans. Parallel Distrib. Syst. 23(12), 2231–2244 (2012)
Acknowledgments
We are grateful to the Project CoEC (Centre of Excellence in Cryptology), Indian Statistical Institute, Kolkata, funded by the Government of India, for partial support towards this project.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this paper
Cite this paper
Ghoshal, S., Paul, G. (2016). Exploiting Block-Chain Data Structure for Auditorless Auditing on Cloud Data. In: Ray, I., Gaur, M., Conti, M., Sanghi, D., Kamakoti, V. (eds) Information Systems Security. ICISS 2016. Lecture Notes in Computer Science(), vol 10063. Springer, Cham. https://doi.org/10.1007/978-3-319-49806-5_19
Download citation
DOI: https://doi.org/10.1007/978-3-319-49806-5_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-49805-8
Online ISBN: 978-3-319-49806-5
eBook Packages: Computer ScienceComputer Science (R0)