An efficient and commercial proof of storage scheme supporting dynamic data updates

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2025-08-05 DOI:10.1016/j.cose.2025.104609

Zhenwu Xu , Xingshu Chen , Liangguo Chen , Xiao Lan , Hao Ren , Changxiang Shen

{"title":"An efficient and commercial proof of storage scheme supporting dynamic data updates","authors":"Zhenwu Xu , Xingshu Chen , Liangguo Chen , Xiao Lan , Hao Ren , Changxiang Shen","doi":"10.1016/j.cose.2025.104609","DOIUrl":null,"url":null,"abstract":"<div><div>With the advancement of distributed computing technology, cloud services have achieved significant breakthroughs in both computing and storage. To fully leverage the achievements in these two areas, a multitude of intelligent endpoints (clients) are being connected to the cloud. Although this arrangement minimizes the expenses associated with constructing and maintaining cloud infrastructure, the integrity of remote data is at considerable risk in this scenario. Current data integrity verification schemes can be categorized into two types: one that does not take storage duration into account (i.e., pay-as-you-go model) and another that does. Unfortunately, these current schemes have gained notoriety for their complex computing requirements. Furthermore, existing research has not made significant progress in optimizing the efficiency of data integrity audit, particularly when it comes to audit large-batches of data. In light of these challenges, we propose an efficient and commercial proof of storage scheme supporting dynamic data updates (ECPOS-SDDU). As per our knowledge, our proposal is the first that not only aligns with the pay-as-you-go model but also enables low-computation and low-storage terminals(client)/third-party auditors(TPA) to perform large-batches audit. The ECPOS-SDDU not only ensures the lightweight client and TPA can conduct efficient audits on data integrity but also maintains the privacy of the data owner (i.e., the client data) amidst third-party audit processes. Besides this, we have designed the large-batches auditing based on the knowledge of vector inner products and polynomials. Whether the verifier is a client or a TPA, they can configure parameters suitable for their needs to audit more data blocks with an appropriate number of communications. Equally important, we have designed an efficient data structure to support the dynamic operation of data, which further highlights the superiority of the solution and enhances its comprehensiveness. Through both theoretical and experimental analysis, we provide evidence of the protocol’s security, practicality and superiority, in this discourse.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"157 ","pages":"Article 104609"},"PeriodicalIF":5.4000,"publicationDate":"2025-08-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404825002986","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

With the advancement of distributed computing technology, cloud services have achieved significant breakthroughs in both computing and storage. To fully leverage the achievements in these two areas, a multitude of intelligent endpoints (clients) are being connected to the cloud. Although this arrangement minimizes the expenses associated with constructing and maintaining cloud infrastructure, the integrity of remote data is at considerable risk in this scenario. Current data integrity verification schemes can be categorized into two types: one that does not take storage duration into account (i.e., pay-as-you-go model) and another that does. Unfortunately, these current schemes have gained notoriety for their complex computing requirements. Furthermore, existing research has not made significant progress in optimizing the efficiency of data integrity audit, particularly when it comes to audit large-batches of data. In light of these challenges, we propose an efficient and commercial proof of storage scheme supporting dynamic data updates (ECPOS-SDDU). As per our knowledge, our proposal is the first that not only aligns with the pay-as-you-go model but also enables low-computation and low-storage terminals(client)/third-party auditors(TPA) to perform large-batches audit. The ECPOS-SDDU not only ensures the lightweight client and TPA can conduct efficient audits on data integrity but also maintains the privacy of the data owner (i.e., the client data) amidst third-party audit processes. Besides this, we have designed the large-batches auditing based on the knowledge of vector inner products and polynomials. Whether the verifier is a client or a TPA, they can configure parameters suitable for their needs to audit more data blocks with an appropriate number of communications. Equally important, we have designed an efficient data structure to support the dynamic operation of data, which further highlights the superiority of the solution and enhances its comprehensiveness. Through both theoretical and experimental analysis, we provide evidence of the protocol’s security, practicality and superiority, in this discourse.

查看原文本刊更多论文

一种支持动态数据更新的高效且商业化的存储证明方案

随着分布式计算技术的进步，云服务在计算和存储方面都取得了重大突破。为了充分利用这两个领域的成就，大量智能端点（客户端）被连接到云。尽管这种安排最大限度地减少了与构建和维护云基础设施相关的费用，但在这种情况下，远程数据的完整性面临相当大的风险。当前的数据完整性验证方案可以分为两种类型：一种不考虑存储持续时间（即，即用即付模式），另一种考虑。不幸的是，这些当前的方案因其复杂的计算需求而臭名昭著。此外，现有的研究在优化数据完整性审计的效率方面并没有取得重大进展，特别是在审计大量数据时。鉴于这些挑战，我们提出了一种高效且商业化的支持动态数据更新的存储证明方案（ECPOS-SDDU）。据我们所知，我们的提案是第一个不仅符合现收现付模式，而且允许低计算和低存储终端（客户端）/第三方审计员（TPA）进行大批量审计的提案。ECPOS-SDDU不仅可以确保轻量级客户端和TPA对数据完整性进行有效的审计，还可以在第三方审计过程中维护数据所有者（即客户端数据）的隐私。此外，我们还设计了基于向量内积和多项式知识的大批量审计。无论验证者是客户端还是TPA，他们都可以配置适合自己需要的参数，以适当数量的通信来审计更多的数据块。同样重要的是，我们设计了一个高效的数据结构来支持数据的动态操作，这进一步凸显了方案的优越性，增强了方案的全面性。本文通过理论分析和实验分析，论证了该协议的安全性、实用性和优越性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.