Certificate-based multi-copy cloud storage auditing supporting data dynamics

IF 4.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2024-09-03 DOI:10.1016/j.cose.2024.104096

Hao Zhou , Wenting Shen , Jinlu Liu

{"title":"Certificate-based multi-copy cloud storage auditing supporting data dynamics","authors":"Hao Zhou , Wenting Shen , Jinlu Liu","doi":"10.1016/j.cose.2024.104096","DOIUrl":null,"url":null,"abstract":"<div><div>With the advent of cloud computing, users are increasingly choosing to store their data on cloud. As a result, data integrity and availability have emerged as key concerns for data owners. Users expect to store multiple copies of their data to cloud and ensure the integrity of these data copies. Currently, numerous multi-copy cloud storage auditing schemes have been proposed. However, most of them depend on public key infrastructure, identity-based cryptography, or certificateless cryptography. These schemes encounter challenges such as complicated certificate management, key escrow, or the necessity for a secure channel for distributing keys, respectively. Furthermore, most of them are not resilient to copy-summation attack. To address the above problems, we propose a certificate-based multi-copy cloud storage auditing scheme supporting data dynamics. We design a novel dynamic structure named Leaves Merkle hash tree (LMHT) to achieve multi-copy dynamic updates. Different from traditional Merkle hash trees, LMHT has significant advantages in data deletion. In addition, the proposed scheme can resist copy-summation attack, in which cloud cannot pass the verification if it only stores summation of all copies without storing data blocks’ all copies. Security analysis and performance evaluation demonstrate that the proposed scheme is secure and efficient.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"148 ","pages":"Article 104096"},"PeriodicalIF":4.8000,"publicationDate":"2024-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824004012","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

With the advent of cloud computing, users are increasingly choosing to store their data on cloud. As a result, data integrity and availability have emerged as key concerns for data owners. Users expect to store multiple copies of their data to cloud and ensure the integrity of these data copies. Currently, numerous multi-copy cloud storage auditing schemes have been proposed. However, most of them depend on public key infrastructure, identity-based cryptography, or certificateless cryptography. These schemes encounter challenges such as complicated certificate management, key escrow, or the necessity for a secure channel for distributing keys, respectively. Furthermore, most of them are not resilient to copy-summation attack. To address the above problems, we propose a certificate-based multi-copy cloud storage auditing scheme supporting data dynamics. We design a novel dynamic structure named Leaves Merkle hash tree (LMHT) to achieve multi-copy dynamic updates. Different from traditional Merkle hash trees, LMHT has significant advantages in data deletion. In addition, the proposed scheme can resist copy-summation attack, in which cloud cannot pass the verification if it only stores summation of all copies without storing data blocks’ all copies. Security analysis and performance evaluation demonstrate that the proposed scheme is secure and efficient.

查看原文本刊更多论文

支持数据动态的基于证书的多副本云存储审计

随着云计算的出现，越来越多的用户选择在云上存储数据。因此，数据完整性和可用性成为数据所有者关注的重点。用户希望将数据的多个副本存储到云上，并确保这些数据副本的完整性。目前，已经提出了许多多副本云存储审计方案。不过，它们大多依赖于公钥基础设施、基于身份的加密技术或无证书加密技术。这些方案分别遇到了复杂的证书管理、密钥托管或分发密钥的安全通道的必要性等挑战。此外，它们大多无法抵御复制求和攻击。针对上述问题，我们提出了一种支持数据动态的基于证书的多副本云存储审计方案。我们设计了一种名为 "Leaves Merkle hash tree（LMHT）"的新型动态结构来实现多副本动态更新。与传统的 Merkle 哈希树不同，LMHT 在数据删除方面具有显著优势。此外，提出的方案还能抵御副本求和攻击，在这种攻击中，如果云只存储所有副本的求和，而不存储数据块的所有副本，就无法通过验证。安全分析和性能评估表明，所提出的方案既安全又高效。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.