Skip to main content
SpringerLink
Log in

A secure remote data integrity checking cloud storage system from threshold encryption

  • Original Research
  • Published:
Journal of Ambient Intelligence and Humanized Computing Aims and scope Submit manuscript

Abstract

The confidentiality and integrity are the most important issues in cloud storage system. We address the privacy issue of decentralized cloud storage system using threshold cryptography. Once the user uploads his data and deletes the local copy, he might lost the full control of the data. The major challenges of designing this cloud storage system are to provide a better privacy guarantee and ensure the integrity of data at untrusted servers in distributed cloud storage system. To achieve this goal, we propose a threshold encryption scheme and integrate it with a secure decentralized erasure code to form a secure cloud storage system, where the user generates a secret parameter participated in system encryption and decryption of plaintext blocks in the combine process. So our systems can prevent cloud storage servers from modifying data by providing remote data check and meets the requirements of data robustness, confidentiality and integrity.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  • Agrawal R, Kiernan J, Srikant R, Xu Y (2004) Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD International Conference on Management of data. ACM, pp 563–574

  • Amazon. Amazon simple storage service (amazon s3) (2014). http://www.amazon.com/gp/browse.html?node=16427261

  • Ateniese G, Burns RC, Curtmola R, Herring J, Kissner L, Peterson ZNJ, Song DX (2007) Provable data possession at untrusted stores. In: Ning P, De Capitani di Vimercati S, Syverson PF (eds) ACM Conference on Computer and Communications Security. ACM, pp 598–609 (ISBN 978-1-59593-703-2)

  • Ateniese G, Burns RC, Curtmola R, Herring J, Khan O, Kissner L, Peterson ZNJ, Song D (2011) Remote data checking using provable data possession. ACM Trans Inf Syst Secur 14(1):12

    Article  Google Scholar 

  • Baldwin A, Shiu S (2005) Enabling shared audit data. Int J Inf Secur 4(4):263–276

    Article  Google Scholar 

  • Castro M, Liskov B (1999) Practical byzantine fault tolerance. In: Seltzer MI, Leach PJ (eds) OSDI. USENIX Association, pp 173–186 (ISBN 1-880446-39-1)

  • Deswarte Y, Quisquater JJ, Saïdane A (2004) Remote integrity checking. In: Integrity and internal control in information systems VI. Springer, New York, pp 1–11

  • Dimakis AG, Prabhakaran VM, Ramchandran K (2006) Decentralized erasure codes for distributed networked storage. IEEE Trans Inf Theory 52(6):2809–2816

    Article  MATH  MathSciNet  Google Scholar 

  • Dingledine R, Freedman MJ, Molnar D (2000) The free haven project: distributed anonymous storage service. In: Federrath H (ed) Workshop on design issues in anonymity and unobservability, Lecture Notes in Computer Science, vol 2009. Springer, New York, pp 67–95 (ISBN 3-540-41724-9)

  • Druschel P, Rowstron AIT (2001) Past: a large-scale, persistent peer-to-peer storage utility. In: HotOS. IEEE Computer Society, pp 75–80 (ISBN 0-7695-1040-X)

  • Du J, Gu X, Yu T (2010a) On verifying stateful dataflow processing services in large-scale cloud systems. In: Al-Shaer E, Keromytis AD, Shmatikov V (eds) ACM Conference on Computer and Communications Security. ACM, pp 672–674 (ISBN 978-1-4503-0245-6)

  • Du J, Wei W, Gu X, Yu T (2010b) Runtest: assuring integrity of dataflow processing in cloud computing infrastructures. In: Feng D, Basin DA, Liu P (eds) ASIACCS. ACM, pp 293–304 (ISBN 978-1-60558-936-7)

  • Du J, Gu X, Shah N (2011) Adaptive data-driven service integrity attestation for multi-tenant cloud systems. In: IWQoS. IEEE, pp 1–9 (ISBN 978-1-4577-0103-0)

  • Fernandes DAB, Soares LFB, Gomes JV, Freire MM, Inácio PRM (2013) Security issues in cloud environments: a survey. Int J Inf Secur 13(2):1–58

  • Filho D, Barreto P (2006) Demonstrating data possession and uncheatable data transfer. IACR Cryptology ePrint Archive 150. http://eprint.iacr.org/2006/150

  • Ghemawat S, Gobioff H, Leung ST (2003) The google file system. In: Scott ML, Peterson LL (eds) SOSP. ACM, pp 29–43 (ISBN 1-58113-757-5)

  • Gohel MR, Gohil BN (2012) A new data integrity checking protocol with public verifiability in cloud storage. In: Dimitrakos T, Moona R, Patel D, McKnight DH (eds) IFIPTM, IFIP Advances in Information and Communication Technology, vol 374. Springer, New York, pp 240–246 (ISBN 978-3-642-29851-6)

  • Hacigümüs H, Mehrotra S (2005) Efficient key updates in encrypted database systems. In: Jonker W, Petkovic M (eds) Secure data management, Lecture Notes in Computer Science, vol 3674. Springer, New York, pp 1–15 (ISBN 3-540-28798-1)

  • Hacıgümüş H, Iyer B, Mehrotra S (2004) Efficient execution of aggregation queries over encrypted relational databases. In: Database systems for advanced applications. Springer, Berlin, pp 125–136

  • Hao Z, Zhong S, Nenghai Y (2011) A privacy-preserving remote data integrity checking protocol with data dynamics and public verifiability. IEEE Trans Knowl Data Eng 23(9):1432–1437

    Article  Google Scholar 

  • Kiani SL, A Anjum, Bessis N, Hill R, Knappmeyer M (2013) Energy conservation in mobile devices and applications: a case for context parsing, processing and distribution in clouds. Mob Inf Syst 9(1):1–17

    Google Scholar 

  • Kubiatowicz J, Bindel D, Chen Y, Czerwinski SE, Eaton PR, Geels D, Gummadi R, Rhea SC, Weatherspoon H, Weimer W, Wells C, Zhao BY (2000) Oceanstore: an architecture for global-scale persistent storage. In: Rudolph L, Gupta A (eds) ASPLOS. ACM Press, pp 190–201 (ISBN 1-58113-317-0)

  • Kumar P (2008) A low-cost hybrid coordinated checkpointing protocol for mobile distributed systems. Mob Inf Syst 4(1):13–32

    Google Scholar 

  • Lin HY, Tzeng WG (2010) A secure decentralized erasure code for distributed networked storage. IEEE Trans Parallel Distrib Syst 21(11):1586–1594

    Article  Google Scholar 

  • Luby M, Mitzenmacher M, Shokrollahi MA, Spielman DA (2001) Efficient erasure correcting codes. IEEE Trans Inf Theory 47(2):569–584

    Article  MATH  MathSciNet  Google Scholar 

  • Luo W, Bai G (2011) Ensuring the data integrity in cloud data storage. In: 2011 IEEE International Conference on Cloud Computing and Intelligence Systems (CCIS). IEEE, pp 240–243

  • Parakh A, Kak S (2011) Space efficient secret sharing for implicit data security. Inf Sci 181(2):335–341

    Article  MathSciNet  Google Scholar 

  • Rhea SC, Wells C, Eaton PR, Geels D, Zhao BY, Weatherspoon H, Kubiatowicz J (2001) Maintenance-free global data storage. IEEE Internet Comput 5(5):40–49

    Article  Google Scholar 

  • Rowstron AIT, Druschel P (2001) Pastry: scalable, decentralized object location, and routing for large-scale peer-to-peer systems. In: Guerraoui R (ed) Middleware, Lecture Notes in Computer Science, vol 2218. Springer, Berlin, pp 329–350 (ISBN 3-540-42800-3)

  • Sandhu R, Bellare M, Ganesan R (2002) Password-enabled PKI: virtual smartcards versus virtual soft tokens. In: Proceedings of the 1st Annual PKI Research, Workshop, pp 89–96

  • Subbiah A, Blough DM (2005) An approach for fault tolerant and secure data storage in collaborative work environments. In: Vijay A, Pierangela S, William Y, Larry B, Yuanyuan Z (eds) StorageSS. ACM, pp 84–93 (ISBN 1-59593-233-X)

  • Tysowski PK, Hasan MA (2011) Re-encryption-based key management towards secure and scalable mobile applications in clouds. IACR Cryptology ePrint Archive 668. http://eprint.iacr.org/2011/668

  • Wang C, Chow SSM, Wang Q, Ren K, Lou W (2013) Privacy-preserving public auditing for secure cloud storage. IEEE Trans Comput 62(2):362–375

    Article  MathSciNet  Google Scholar 

  • Wilcox-O’Hearn Z, Warner B (2008) Tahoe: the least-authority filesystem. In: Kim Y, Yurcik W (eds) StorageSS. ACM, pp 21–26 (ISBN 978-1-60558-299-3)

Download references

Acknowledgments

This work is supported by National Natural Science Foundation of China (No. 61072080 and No. 61202450), Ph.D. Programs Foundation of Ministry of Education of China (Grant No. 20123503120001), Distinguished Young Scholars Fund of Department of Education, Fujian Province, China (JA13062), A-Class Project (Grant No. JA12 076), Fok Ying Tung Education Foundation (Grant No. 141065), Fujian Normal University Innovative Research Team (No. IRTL1207), Department of Education, Fujian Province, Open Project of Key Lab of Broadband Wireless Communication and Sensor Network Technology (Nanjing University of Posts and Telecommunications), Ministry of Education(No. NYKL201307) and the development project of Fujian provincial strategic emerging industries technologies: Key technologies in development of next generation Integrated High Performance Gateway, Fujian development and reform commission high-technical [2013]266.

Author information

Authors and Affiliations

  1. Fujian Provincial Key Laboratory of Network Security and Cryptology, School of Mathematics and Computer Science, Fujian Normal University, Fuzhou, 350108, China

    Chuan Yao, Li Xu & Xinyi Huang

  2. Key Lab of Broadband Wireless Communication and Sensor Network Technology, Nanjing University of Posts and Telecommunications, Ministry of Education, Nanjing, China

    Li Xu

  3. Institute for Infocomm Research, Singapore, Singapore

    Joseph K. Liu

Authors
  1. Chuan Yao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Li Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xinyi Huang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Joseph K. Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Li Xu.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Yao, C., Xu, L., Huang, X. et al. A secure remote data integrity checking cloud storage system from threshold encryption. J Ambient Intell Human Comput 5, 857–865 (2014). https://doi.org/10.1007/s12652-014-0236-9

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12652-014-0236-9

Keywords

Search

Navigation