Skip to main content
SpringerLink
Log in

Secure public data auditing scheme for cloud storage in smart city

  • Original Article
  • Published:
Personal and Ubiquitous Computing Aims and scope Submit manuscript

Abstract

In the smart city construction, massive data collected from various fields need to be outsourced to the cloud for convenience and resource saving. However, integrity and confidentiality of the data in cloud remains a challenge issue due to the loss of data possession. As a solution, some public data auditing schemes have been proposed in last several years. Most recently, Li et al. proposed an efficient public auditing scheme and claimed that it could reduce the cost of clients on generating verification metadata. In this paper, we analyze the security of Li et al.’s scheme and point out two weaknesses in it. We demonstrate that it cannot achieve the confidentiality for outsourced data and it is vulnerable to the proof forgery attack. To address these weaknesses, we propose an improved public auditing scheme, which can not only preserve the data privacy but also resist the proof forgery attack. Security analysis shows that our scheme is provably secure in a robust security model. Performance analysis shows that the proposed scheme can overcome the weaknesses in Li et al.’s scheme at the cost of increasing computation overhead slightly.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Neirotti P, De Marco A, Cagliano A C, Mangano G, Scorrano F (2014) Current trends in smart city initiatives Somestylised facts. Cities 38:25–36

    Article  Google Scholar 

  2. Li Y, Dai W, Ming Z, Qiu M (2016) Privacy protection for preventing data over-collection in smart city. IEEE Trans Comput 65(5):1339–1350

    Article  MathSciNet  Google Scholar 

  3. Yamamoto S, Matsumoto S, Nakamura M (2012) Using cloud technologies for large-scale house data in smart city 2012 IEEE 4th international conference on cloud computing technology and science (CloudCom). IEEE, pp 141–148

  4. Dey S, Chakraborty A, Naskar S, Misra P (2012) Smart city surveillance: Leveraging benefits of cloud data stores 2012 IEEE 37th conference on local computer networks workshops (LCN Workshops). IEEE, pp 868–876

  5. Ren K, Wang C, Wang Q (2012) Security challenges for the public cloud. IEEE Internet Comput

  6. Song D, Shi E, Fischer I, Shankar U (2012) Cloud data protection for the masses. Computer

  7. Behl A, Behl K (2012) An analysis of cloud computing security issues 2012 world congress on information and communication technologies (WICT). IEEE, pp 109–114

  8. Chen D, Zhao H (2012) Data security and privacy protection issues in cloud computing 2012 data international conference on computer science and electronics engineering (ICCSEE), volume 1. IEEE, pp 647–651

  9. Tate S R, Vishwanathan R, Everhart L (2013) Multi-user dynamic proofs of data possession using trusted hardware Proceedings of the 3rd ACM conference on data and application security and privacy. ACM, pp 353–364

  10. Yuan J, Yu S (2013) Proofs of retrievability with public verifiability and constant communication cost in cloud Proceedings of the 2013 international workshop on security in cloud computing. ACM, pp 19–26

  11. Wang Q, Wang C, Ren K, Lou W, Li J (2011) Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans Parallel Distrib Syst 22(5):847–859

    Article  Google Scholar 

  12. Shuang T, Lin T, Li X, Yan J (2014) An efficient method for checking the integrity of data in the cloud. Commun China 11(9):68–81

    Article  Google Scholar 

  13. Ren Y, Shen J, Wang J, Han J, Lee S (2015) Mutual verifiable provable data auditing in public cloud storage. J Internet Technol 16(2):317–323

    Google Scholar 

  14. Fu Z, Sun X, Qi L, Zhou L, Shu J (2015) Achieving efficient cloud search services: multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE Trans Commun 98(1):190–200

    Article  Google Scholar 

  15. Xia Z, Wang X, Sun X, Wang Q (2016) A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data. IEEE IEEE Trans Parallel Distrib Syst 27(2):340–352

    Article  Google Scholar 

  16. Fu Z, Ren K, Shu J, Sun X, Huang F (2016) Enabling personalized search over encrypted outsourced data with efficiency improvement. IEEE Trans Parallel Distrib Syst 27(9):2546–2559

    Article  Google Scholar 

  17. Guo P, Wang J, Geng X, Chang S K, Kim J-U (2014) A variable threshold-value authentication architecture for wireless mesh networks. J Internet Technol 15(6):929–935

    Google Scholar 

  18. Shen J, Tan H, Wang J, Wang J, Lee S (2015) A novel routing protocol providing good transmission reliability in underwater sensor networks. J Internet Technol 16(1):171–178

    Google Scholar 

  19. He D, Zeadally S, Kumar N, Lee J H (2016) Anonymous authentication for wireless body area networks with provable security. IEEE Syst J. doi:10.1109/JSYST.2016.2544805

  20. He D, Huang B, Chen J (2013) New certificateless short signature scheme. IET Inf Secur 7(7):113–117

    Article  Google Scholar 

  21. Hwang J Y, Chen L, Cho H S, Nyang D H (2015) Short dynamic group signature scheme supporting controllable linkability. IEEE Trans Inf Forensics Secur 10(6):1109–1124

    Article  Google Scholar 

  22. He D, Kumar N, Choo K-K R, Wu W (2016) Efficient hierarchical identity-based signature with batch verification for automatic dependent surveillance-broadcast system. IEEE Trans Inf Forensics Secur. doi:10.1109/TIFS.2016.2622682

  23. Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peterson Z, Song D (2007) Provable data possession at untrusted stores Proceedings of the 14th ACM conference on computer and communications security. ACM, pp 598–609

  24. Juels A, Kaliski Jr B S (2007) Pors: Proofs of retrievability for large files Proceedings of the 14th ACM conference on computer and communications security. ACM, pp 584–597

  25. Shacham H (2008) Compact proofs of retrievability. Trans ASIACRYPT (2008)

  26. Shacham H, Waters B (2013) Compact proofs of retrievability. J Cryptol 26(3):442–483

    Article  MathSciNet  MATH  Google Scholar 

  27. He D, Zeadally S, Wu L (2015) Certificateless public auditing scheme for cloud-assisted wireless body area networks. IEEE Syst J. doi:10.1109/JSYST.2015.2428620

  28. Boneh D, Lynn B, Shacham H (2001) Short signatures from the weil pairing Advances in cryptology—ASIACRYPT 2001. Springer, pp 514–532

  29. Wang B, Li H, Li M (2013) Privacy-preserving public auditing for shared cloud data supporting group dynamics 2013 IEEE international conference on communications (ICC). IEEE, pp 1946–1950

  30. Wang B, Li B, Li H, Li F (2013) Certificateless public auditing for data integrity in the cloud 2013 IEEE conference on communications and network security (CNS). IEEE, pp 136–144

  31. Wang B, Li B, Li H (2015) Panda: public auditing for shared data with efficient user revocation in the cloud. IEEE Trans Serv Comput 8(1):92–106

    Article  Google Scholar 

  32. Yang T, Yu B, Wang H, Li J, Lv Z (2015) Cryptanalysis and improvement of panda-public auditing for shared data in cloud and internet of things. Multimedia Tools and Applications

  33. Wang B, Chow S S M, Li M, Li H (2013) Storing shared data on the cloud via security-mediator 2013 IEEE 33rd international conference on distributed computing systems (ICDCS). IEEE, pp 124–133

  34. Wang B, Li B, Li H (2013) Public auditing for shared data with efficient user revocation in the cloud IEEE INFOCOM. IEEE, pp 2904–2912

  35. Li A, Tan S, Jia Y (2016) A method for achieving provable data integrity in cloud computing. J Supercomput

  36. Yu Y, Xue L, Au M H, Susilo W, Ni J, Zhang Y, Vasilakos A V, Shen J (2016) Cloud data integrity checking with an identity-based auditing mechanism from rsa. Futur Gener Comput Syst 62:85–91

    Article  Google Scholar 

  37. Tang C-M, Zhang X-J (2015) A new publicly verifiable data possession on remote storage. J Supercomput:1–15

Download references

Acknowledgments

We thank the anonymous reviewers for the constructive comments which help improve the quality and presentation of this paper. The work of L. Wu was supported by the National Natural Science Foundation of China (Nos.61272112, 61472287). The work of D. He was supported in part by the National Natural Science Foundation of China (Nos. 61572379, 61501333, U1536204), in part by the National High-Tech Research and Development Program of China (863 Program) (No. 2015AA016004), in part by the open fund of Guangxi Key Laboratory of Cryptography and Information Security, and in part by the Natural Science Foundation of Hubei Province of China (No. 2015CFB257).

Author information

Authors and Affiliations

  1. State Key Lab of Software Engineering, Computer School, Wuhan University, Wuhan, China

    Libing Wu, Jing Wang & Debiao He

  2. Department of Computer Science and Engineering, Thapar University, Patiala, India

    Neeraj Kumar

  3. Guangxi Key Laboratory of Cryptography and Information Security, Guilin University Of Electronic Technology, Guilin, China

    Debiao He

Authors
  1. Libing Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jing Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Neeraj Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Debiao He
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Debiao He.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wu, L., Wang, J., Kumar, N. et al. Secure public data auditing scheme for cloud storage in smart city. Pers Ubiquit Comput 21, 949–962 (2017). https://doi.org/10.1007/s00779-017-1048-7

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00779-017-1048-7

Keywords

Search

Navigation