StateConsisIV: A Privacy-preserving Integrity Verification Method for Cloud Components Based on a Novel State Consistency Feature

Abstract

Plain proofs (e.g., raw logs, report, etc.) are significant and effective for integrity verification. In our analysis and comparison of existing work, we found most of them did not employ any protection mechanisms on the proofs. However, these proofs contain sensitive information, which may cause privacy leakage risks when the third party verifier (TPV) is compromised. The situation is even worse when the verification objects are cloud components. Motivated by this, we present StateConsisIV, a privacy-preserving integrity verification method based on a novel state consistency feature to address the privacy leakage problem. The core idea of our work is to enable the integrity judgment through encrypted proofs, withholding plain proofs inside the cloud only to reduce attack surface and enhance privacy. In specific, we employ random transformation algorithm on cloud nodes to encrypt proofs on their birth places. Besides, we design a novel state consistency feature based on the deployment and operation pattern of structural cloud components and perform feature analysis on TPV to guarantee an accurate integrity judgment result. We evaluate our approach on one typical dataset. The experimental results show that our method is considered more worthy with a little bit of extra computation overhead.