With the rapid advancement of cloud computing,cloud storage services have developed rapidly.One issue that has attracted particular attention in such remote storage services is that cloud storage servers are not enoug...With the rapid advancement of cloud computing,cloud storage services have developed rapidly.One issue that has attracted particular attention in such remote storage services is that cloud storage servers are not enough to reliably save and maintain data,which greatly affects users’confidence in purchasing and consuming cloud storage services.Traditional data integrity auditing techniques for cloud data storage are centralized,which faces huge security risks due to single-point-of-failure and vulnerabilities of central auditing servers.Blockchain technology offers a new approach to this problem.Many researchers have endeavored to employ the blockchain for data integrity auditing.Based on the search of relevant papers,we found that existing literature lacks a thorough survey of blockchain-based integrity auditing for cloud data.In this paper,we make an in-depth survey on cloud data integrity auditing based on blockchain.Firstly,we cover essential basic knowledge of integrity auditing for cloud data and blockchain techniques.Then,we propose a series of requirements for evaluating existing Blockchain-based Data Integrity Auditing(BDIA)schemes.Furthermore,we provide a comprehensive review of existing BDIA schemes and evaluate them based on our proposed criteria.Finally,according to our completed review and analysis,we explore some open issues and suggest research directions worthy of further efforts in the future.展开更多
Storage auditing and client-side deduplication techniques have been proposed to assure data integrity and improve storage efficiency, respectively. Recently, a few schemes start to consider these two different aspects...Storage auditing and client-side deduplication techniques have been proposed to assure data integrity and improve storage efficiency, respectively. Recently, a few schemes start to consider these two different aspects together. However, these schemes either only support plaintext data file or have been proved insecure. In this paper, we propose a public auditing scheme for cloud storage systems, in which deduplication of encrypted data and data integrity checking can be achieved within the same framework. The cloud server can correctly check the ownership for new owners and the auditor can correctly check the integrity of deduplicated data. Our scheme supports deduplication of encrypted data by using the method of proxy re-encryption and also achieves deduplication of data tags by aggregating the tags from different owners. The analysis and experiment results show that our scheme is provably secure and efficient.展开更多
In certain cloud Electronic Medical Records (EMRs) applications, the data ownership may need to be transferred. In practice, not only the data but also the auditing ability should be transferred securely and efciently...In certain cloud Electronic Medical Records (EMRs) applications, the data ownership may need to be transferred. In practice, not only the data but also the auditing ability should be transferred securely and efciently. However, we investigate and fnd that most of the existing data ownership transfer protocols only work well between two indi-viduals,and they become inefcient when dealing between two communities. The proposals for transferring tags between communities are problematic as well since, they require all members get involved or a fully trusted aggrega-torfacilitates ownership transfer, which are unrealistic in certain scenarios. To alleviate these problems, in this paper we develop a secure auditing protocol with decentralized (t, n)-threshold ownership transfer for cloud EMRs. This protocol is designed to operate efciently without requiring the mandatory participation of every user or the involve-mentof any trusted third-party. It is achieved by employing the threshold signature. Rigorous security analyses and comprehensive performance evaluations illustrate the security and practicality of our protocol. Specifcally, according to the evaluations and comparisons, the communication and computational consumption is independent of the fle size, i.e., it is constant in our protocol for both communities.展开更多
基金This work was supported in part by the National Natural Science Foundation of China under Grant 62072351in part by the Academy of Finland under Grant 308087,Grant 335262,Grant 345072,and Grant 350464+1 种基金in part by the Open Project of Zhejiang Lab under Grant 2021PD0AB01and in part by the 111 Project under Grant B16037.
文摘With the rapid advancement of cloud computing,cloud storage services have developed rapidly.One issue that has attracted particular attention in such remote storage services is that cloud storage servers are not enough to reliably save and maintain data,which greatly affects users’confidence in purchasing and consuming cloud storage services.Traditional data integrity auditing techniques for cloud data storage are centralized,which faces huge security risks due to single-point-of-failure and vulnerabilities of central auditing servers.Blockchain technology offers a new approach to this problem.Many researchers have endeavored to employ the blockchain for data integrity auditing.Based on the search of relevant papers,we found that existing literature lacks a thorough survey of blockchain-based integrity auditing for cloud data.In this paper,we make an in-depth survey on cloud data integrity auditing based on blockchain.Firstly,we cover essential basic knowledge of integrity auditing for cloud data and blockchain techniques.Then,we propose a series of requirements for evaluating existing Blockchain-based Data Integrity Auditing(BDIA)schemes.Furthermore,we provide a comprehensive review of existing BDIA schemes and evaluate them based on our proposed criteria.Finally,according to our completed review and analysis,we explore some open issues and suggest research directions worthy of further efforts in the future.
基金Supported by the National Natural Science Foundation of China(61373040,61173137)the Ph.D.Programs Foundation of Ministry of Education of China(20120141110002)the Key Project of Natural Science Foundation of Hubei Province(2010CDA004)
文摘Storage auditing and client-side deduplication techniques have been proposed to assure data integrity and improve storage efficiency, respectively. Recently, a few schemes start to consider these two different aspects together. However, these schemes either only support plaintext data file or have been proved insecure. In this paper, we propose a public auditing scheme for cloud storage systems, in which deduplication of encrypted data and data integrity checking can be achieved within the same framework. The cloud server can correctly check the ownership for new owners and the auditor can correctly check the integrity of deduplicated data. Our scheme supports deduplication of encrypted data by using the method of proxy re-encryption and also achieves deduplication of data tags by aggregating the tags from different owners. The analysis and experiment results show that our scheme is provably secure and efficient.
基金supported by the National Natural Science Foundation of China(No.61902289,No.62202102,No.61972096)the University-Industry Coop-eration Project of Fujian Provincial Department of Science and Technology(2022H60250)+2 种基金the National Technology Development Project in Fujian prov-ince(No.2023L3007)Key Projects of Scientifc and Technological Innovation in Fujian Province(No.2022G02003)the Natural Science Foundation of Fujian Province(No.2023J01534).
文摘In certain cloud Electronic Medical Records (EMRs) applications, the data ownership may need to be transferred. In practice, not only the data but also the auditing ability should be transferred securely and efciently. However, we investigate and fnd that most of the existing data ownership transfer protocols only work well between two indi-viduals,and they become inefcient when dealing between two communities. The proposals for transferring tags between communities are problematic as well since, they require all members get involved or a fully trusted aggrega-torfacilitates ownership transfer, which are unrealistic in certain scenarios. To alleviate these problems, in this paper we develop a secure auditing protocol with decentralized (t, n)-threshold ownership transfer for cloud EMRs. This protocol is designed to operate efciently without requiring the mandatory participation of every user or the involve-mentof any trusted third-party. It is achieved by employing the threshold signature. Rigorous security analyses and comprehensive performance evaluations illustrate the security and practicality of our protocol. Specifcally, according to the evaluations and comparisons, the communication and computational consumption is independent of the fle size, i.e., it is constant in our protocol for both communities.
