64 Citations (Scopus)

Abstract

Cloud-based outsourced storage relieves the client's burden for storage management and maintenance by providing a comparably low-cost, scalable, location-independent platform. However, the fact that clients no longer have physical possession of data indicates that they are facing a potentially formidable risk for missing or corrupted data. To avoid the security risks, audit services are critical to ensure the integrity and availability of outsourced data and to achieve digital forensics and credibility on cloud computing. Provable data possession (PDP), which is a cryptographic technique for verifying the integrity of data without retrieving it at an untrusted server, can be used to realize audit services. In this paper, profiting from the interactive zero-knowledge proof system, we address the construction of an interactive PDP protocol to prevent the fraudulence of prover (soundness property) and the leakage of verified data (zero-knowledge property). We prove that our construction holds these properties based on the computation Diffie-Hellman assumption and the rewindable black-box knowledge extractor. We also propose an efficient mechanism with respect to probabilistic queries and periodic verification to reduce the audit costs per verification and implement abnormal detection timely. In addition, we present an efficient method for selecting an optimal parameter value to minimize computational overheads of cloud audit services. Our experimental results demonstrate the effectiveness of our approach.

Original languageEnglish (US)
Pages (from-to)1083-1095
Number of pages13
JournalJournal of Systems and Software
Volume85
Issue number5
DOIs
StatePublished - May 2012

Fingerprint

Outsourcing
Storage management
Cloud computing
Costs
Servers
Availability
Network protocols
Digital forensics

Keywords

  • Audit service
  • Cloud storage
  • Interactive proof system
  • Provable data possession
  • Security

ASJC Scopus subject areas

  • Hardware and Architecture
  • Software
  • Information Systems

Cite this

Efficient audit service outsourcing for data integrity in clouds. / Zhu, Yan; Hu, Hongxin; Ahn, Gail-Joon; Yau, Sik-Sang.

In: Journal of Systems and Software, Vol. 85, No. 5, 05.2012, p. 1083-1095.

Research output: Contribution to journalArticle

@article{3c4e309091194443bbba295098cc8623,
title = "Efficient audit service outsourcing for data integrity in clouds",
abstract = "Cloud-based outsourced storage relieves the client's burden for storage management and maintenance by providing a comparably low-cost, scalable, location-independent platform. However, the fact that clients no longer have physical possession of data indicates that they are facing a potentially formidable risk for missing or corrupted data. To avoid the security risks, audit services are critical to ensure the integrity and availability of outsourced data and to achieve digital forensics and credibility on cloud computing. Provable data possession (PDP), which is a cryptographic technique for verifying the integrity of data without retrieving it at an untrusted server, can be used to realize audit services. In this paper, profiting from the interactive zero-knowledge proof system, we address the construction of an interactive PDP protocol to prevent the fraudulence of prover (soundness property) and the leakage of verified data (zero-knowledge property). We prove that our construction holds these properties based on the computation Diffie-Hellman assumption and the rewindable black-box knowledge extractor. We also propose an efficient mechanism with respect to probabilistic queries and periodic verification to reduce the audit costs per verification and implement abnormal detection timely. In addition, we present an efficient method for selecting an optimal parameter value to minimize computational overheads of cloud audit services. Our experimental results demonstrate the effectiveness of our approach.",
keywords = "Audit service, Cloud storage, Interactive proof system, Provable data possession, Security",
author = "Yan Zhu and Hongxin Hu and Gail-Joon Ahn and Sik-Sang Yau",
year = "2012",
month = "5",
doi = "10.1016/j.jss.2011.12.024",
language = "English (US)",
volume = "85",
pages = "1083--1095",
journal = "Journal of Systems and Software",
issn = "0164-1212",
publisher = "Elsevier Inc.",
number = "5",

}

TY - JOUR

T1 - Efficient audit service outsourcing for data integrity in clouds

AU - Zhu, Yan

AU - Hu, Hongxin

AU - Ahn, Gail-Joon

AU - Yau, Sik-Sang

PY - 2012/5

Y1 - 2012/5

N2 - Cloud-based outsourced storage relieves the client's burden for storage management and maintenance by providing a comparably low-cost, scalable, location-independent platform. However, the fact that clients no longer have physical possession of data indicates that they are facing a potentially formidable risk for missing or corrupted data. To avoid the security risks, audit services are critical to ensure the integrity and availability of outsourced data and to achieve digital forensics and credibility on cloud computing. Provable data possession (PDP), which is a cryptographic technique for verifying the integrity of data without retrieving it at an untrusted server, can be used to realize audit services. In this paper, profiting from the interactive zero-knowledge proof system, we address the construction of an interactive PDP protocol to prevent the fraudulence of prover (soundness property) and the leakage of verified data (zero-knowledge property). We prove that our construction holds these properties based on the computation Diffie-Hellman assumption and the rewindable black-box knowledge extractor. We also propose an efficient mechanism with respect to probabilistic queries and periodic verification to reduce the audit costs per verification and implement abnormal detection timely. In addition, we present an efficient method for selecting an optimal parameter value to minimize computational overheads of cloud audit services. Our experimental results demonstrate the effectiveness of our approach.

AB - Cloud-based outsourced storage relieves the client's burden for storage management and maintenance by providing a comparably low-cost, scalable, location-independent platform. However, the fact that clients no longer have physical possession of data indicates that they are facing a potentially formidable risk for missing or corrupted data. To avoid the security risks, audit services are critical to ensure the integrity and availability of outsourced data and to achieve digital forensics and credibility on cloud computing. Provable data possession (PDP), which is a cryptographic technique for verifying the integrity of data without retrieving it at an untrusted server, can be used to realize audit services. In this paper, profiting from the interactive zero-knowledge proof system, we address the construction of an interactive PDP protocol to prevent the fraudulence of prover (soundness property) and the leakage of verified data (zero-knowledge property). We prove that our construction holds these properties based on the computation Diffie-Hellman assumption and the rewindable black-box knowledge extractor. We also propose an efficient mechanism with respect to probabilistic queries and periodic verification to reduce the audit costs per verification and implement abnormal detection timely. In addition, we present an efficient method for selecting an optimal parameter value to minimize computational overheads of cloud audit services. Our experimental results demonstrate the effectiveness of our approach.

KW - Audit service

KW - Cloud storage

KW - Interactive proof system

KW - Provable data possession

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=84863498079&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84863498079&partnerID=8YFLogxK

U2 - 10.1016/j.jss.2011.12.024

DO - 10.1016/j.jss.2011.12.024

M3 - Article

VL - 85

SP - 1083

EP - 1095

JO - Journal of Systems and Software

JF - Journal of Systems and Software

SN - 0164-1212

IS - 5

ER -