Skip to main content
SpringerLink
Log in

Improved dynamic remote data auditing protocol for smart city security

  • Original Article
  • Published:
Personal and Ubiquitous Computing Aims and scope Submit manuscript

Abstract

Smart city has been greatly promoted by the adoption of information and communication technology. At the same time, data integrity becomes an urgent necessity in cloud storage scenario. When smart city meets cloud, if the data are damaged or corrupted, it will be a serious security loophole of smart city. Recently, numerous remote data auditing (RDA) protocols have been presented, among which Sookhak et al. put forward a dynamic remote data auditing protocol to deal with this major concern. In this paper, we found that this protocol has inherent security flaws, thus fails to achieve its original goal. Specifically, this protocol is vulnerable to two types of attacks, namely replace attack and replay attack. We show the details that how a malicious server can deceive data owners to believe that the data are maintained well by launching such attacks. Then, we describe an improved RDA protocol with provable security by utilizing algebraic signature to fix those security flaws. We employ the rank-based Merkle Hash Tree to achieve verifiable dynamic data operations for our RDA protocol. We also provide detailed security proof of the proposed RDA protocol.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Dirks S, Keeling M (2009) A vision of smarter cities: how cities can lead the way into a prosperous and sustainable future. IBM Global Business Services, Somers

    Google Scholar 

  2. Dirks S, Gurdgiev C, Keeling M (2010) Smarter cities for smarter growth: how cities can optimize their systems for the talent-based economy. IBM Institute for Business Value

  3. Chourabi H, Nam T, Walker S et al (2012) Understanding smart cities: an integrative framework. In: 45th Hawaii International conference on system science (HICSS). IEEE, pp 2289–2297

  4. Ballon P, Glidden J, Kranas P et al (2011) Is there a need for a cloud platform for European smart cities? eChallenges e-2011 Conference Proceedings, IIMC International Information Management Corporation

  5. Suciu G, Vulpe A, Halunga S et al (2013) Smart cities built on resilient cloud computing and secure internet of things. In: 19th International conference on control systems and computer science. IEEE, pp 513–518

  6. Yu Y, Ni J, Au M H, et al (2015) Comments on a public auditing mechanism for shared cloud data service[J]. Serv Comput IEEE Trans 8(6):998–999

    Article  Google Scholar 

  7. Wang W, Zeng G, Tang D, et al (2012) Cloud-DLS: dynamic trusted scheduling for cloud computing. Expert Syst Appl 39(3):2321–2329

    Article  Google Scholar 

  8. Ateniese G, Burns R, Curtmola R, et al (2007) Provable data possession at untrusted stores. In: Proceedings of the 14th ACM conference on computer and communications security. ACM, pp 598–609

  9. Ateniese G, Burns R, Curtmola R, et al (2011) Remote data checking using provable data possession. ACM Trans Inf Syst Secur (TISSEC) 14(1):12

    Article  Google Scholar 

  10. Juels A, Kaliski B S Jr (2007) PORs: proofs of retrievability for large files. In: Proceedings of the 14th ACM conference on computer and communications security. ACM, pp 584–597

  11. Shacham H, Waters B (2008) Compact proofs of retrievability. International conference on the theory and application of cryptology and information security. Springer, Berlin, pp 90–107

    MATH  Google Scholar 

  12. Shacham H, Waters B (2013) Compact proofs of retrievability. J Cryptol 26(3):442–483

    Article  MathSciNet  MATH  Google Scholar 

  13. Wang Q, Wang C, Ren K, et al (2011) Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans Parallel Distrib Syst 22(5):847–859

    Article  Google Scholar 

  14. Yu Y, Xue L, Man H A et al (2016) Cloud data integrity checking with an identity-based auditing mechanism from RSA. Fut Gen Comput Syst 62(C):85–91

    Article  Google Scholar 

  15. Wang C, Wang Q, Ren K et al (2010) Privacy-preserving public auditing for data storage security in cloud computing. INFOCOM, Proceedings IEEE. IEEE, pp 1–9

  16. Wang C, Chow S S M, Wang Q et al (2013) Privacy-preserving public auditing for secure cloud storage. IEEE Trans Comput 62(2):362–375

    Article  MathSciNet  MATH  Google Scholar 

  17. Yu Y, Zhang Y, Ni J et al (2015) Remote data possession checking with enhanced security for cloud storage. Futur Gener Comput Syst 52(C):77–85

    Article  Google Scholar 

  18. Zhu Y, Ahn G J, Hu H et al (2013) Dynamic audit services for outsourced storages in clouds. IEEE Trans Serv Comput 6(2):227–238

    Article  Google Scholar 

  19. Yu Y, Ni J, Au M H et al (2014) Improved security of a dynamic remote data possession checking protocol for cloud storage. Expert Syst Appl 41(17):7789–7796

    Article  Google Scholar 

  20. Zhu Y, Hu H, Ahn G J et al (2012) Cooperative provable data possession for integrity verification in multicloud storage. IEEE Trans Parallel Distrib Syst 23(12):2231–2244

    Article  Google Scholar 

  21. Yu Y, Man H A A, Ateniese G et al (2016) Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage PP(99): 1–1

  22. Ateniese G, Di Pietro R, Mancini L V et al (2008) Scalable and efficient provable data possession. In: Proceedings of the 4th international conference on security and privacy in communication netowrks. ACM, pp 1–10

  23. Wang Q, Wang C, Ren K et al (2011) Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans Parallel Distrib Syst 22(5):847–859

    Article  Google Scholar 

  24. Merkle R C (1980) Protocols for public key cryptosystems. IEEE Symp Secur Privacy. (3)vol 122

  25. Sookhak M, Gani A, Khan M K et al (2015) Dynamic remote data auditing for securing big data storage in cloud computing. Inf Sci. doi:10.1016/j.ins.2015.09.004

  26. Yang K, Jia X (2013) An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans Parallel Distrib Syst 24(9):1717–1726

    Article  Google Scholar 

  27. Liu C, Ranjan R, Yang C, et al (2015) MUR-DPA: top-down levelled multi-replica merkle hash tree based secure public auditing for dynamic big data storage on cloud. IEEE Trans Comput 64(9):2609–2622

    Article  MathSciNet  MATH  Google Scholar 

  28. Schwarz T S J, Miller E L (2006) Store, forget, and check: using algebraic signatures to check remotely administered storage. In: 26th IEEE international conference on distributed computing systems (ICDCS’06). IEEE, pp 12–12

  29. Zhang Y, Ni J, Tao X et al (2016) Provable multiple replication data possession with full dynamics for secure cloud storage. Concurr Comput: Pract Exper (4)

Download references

Acknowledgements

This work is supported by the Fundamental Research Funds for the Central Universities under Grants GK201702004, ZYGX2015J059, ZYGX2014J062, Guangxi Cooperative Innovation Center of cloud computing and Big Data (No. YD16504), and Guangxi Colleges and Universities Key Laboratory of cloud computing and complex systems (No.15201).

Author information

Authors and Affiliations

  1. School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, 611731, China

    Li Zang, Yong Yu, Liang Xue & Yannan Li

  2. School of Computer Science, Shaanxi Normal University, Xi’an, 710062, China

    Yong Yu & Yujie Ding

  3. Guangxi Colleges and Universities Key Laboratory of Cloud Computing and Complex Systems, Guilin University of Electronic Technology, Guilin, 541004, China

    Yong Yu & Xiaoling Tao

Authors
  1. Li Zang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yong Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Liang Xue
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yannan Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yujie Ding
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Xiaoling Tao
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yong Yu.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zang, L., Yu, Y., Xue, L. et al. Improved dynamic remote data auditing protocol for smart city security. Pers Ubiquit Comput 21, 911–921 (2017). https://doi.org/10.1007/s00779-017-1052-y

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00779-017-1052-y

Keywords

Search

Navigation