Blind and bidirectional ownership verification for deduplicated cloud computing systems

IF 6.2 2区计算机科学 Q1 COMPUTER SCIENCE, THEORY & METHODS

Future Generation Computer Systems-The International Journal of Escience Pub Date : 2025-08-14 DOI:10.1016/j.future.2025.108082

Jay Dave, Kamalesh Ram R, Pratik Patil, Himanshu Patil, Sarvesh Borole, Chinni Vamshi Krushna, Suyash Patil

{"title":"Blind and bidirectional ownership verification for deduplicated cloud computing systems","authors":"Jay Dave, Kamalesh Ram R, Pratik Patil, Himanshu Patil, Sarvesh Borole, Chinni Vamshi Krushna, Suyash Patil","doi":"10.1016/j.future.2025.108082","DOIUrl":null,"url":null,"abstract":"<div><div>Cloud storage systems provide several benefits, such as scalable storage capacity, cost efficiency with pay-as-you-go pricing models, easy access from any location with an internet connection, and robust data backup options. These advantages drive the growing popularity of cloud storage, resulting in a rapid increase in the volume of data stored on the cloud. Deduplication is an effective data management technique used in these systems to reduce storage costs and enhance efficiency through the elimination of redundant data. However, in a deduplication system, a hash digest, i.e., a small piece of information, is used as ownership proof of the entire file. Therefore, a malicious user can gain access to a sensitive file already stored on the cloud by obtaining and presenting the hash digest of that file. On the other hand, data stored in the cloud may be susceptible to loss or damage due to various accidental or intentional reasons. Hence, there is a need for an ownership verification protocol where both the user and server can verify each other’s file ownership without revealing details about the file. Some existing state-of-the-art schemes consider the server as a trusted entity and focus solely on verifying the ownership of the user, while others emphasize bidirectional ownership verification but do not incorporate obliviousness in their solutions. In this paper, we propose a novel bidirectional and oblivious ownership verification scheme for deduplication systems. We cryptographically prove that adversaries lacking complete ownership of the file, cannot successfully pass ownership verification with non-negligible probability. Additionally, we show that adversaries cannot gain any knowledge about the file through the ownership verification process. We implement our scheme in two real cloud scenarios and analyze performance compared to the recent state-of-the-art schemes. The experimental results demonstrate that our approach incurs moderate computational, communication, storage, and energy overheads while achieving ownership authentication and maintaining obliviousness in deduplicated cloud storage systems.</div></div>","PeriodicalId":55132,"journal":{"name":"Future Generation Computer Systems-The International Journal of Escience","volume":"175 ","pages":"Article 108082"},"PeriodicalIF":6.2000,"publicationDate":"2025-08-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Future Generation Computer Systems-The International Journal of Escience","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167739X25003760","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}

引用次数: 0

Abstract

Cloud storage systems provide several benefits, such as scalable storage capacity, cost efficiency with pay-as-you-go pricing models, easy access from any location with an internet connection, and robust data backup options. These advantages drive the growing popularity of cloud storage, resulting in a rapid increase in the volume of data stored on the cloud. Deduplication is an effective data management technique used in these systems to reduce storage costs and enhance efficiency through the elimination of redundant data. However, in a deduplication system, a hash digest, i.e., a small piece of information, is used as ownership proof of the entire file. Therefore, a malicious user can gain access to a sensitive file already stored on the cloud by obtaining and presenting the hash digest of that file. On the other hand, data stored in the cloud may be susceptible to loss or damage due to various accidental or intentional reasons. Hence, there is a need for an ownership verification protocol where both the user and server can verify each other’s file ownership without revealing details about the file. Some existing state-of-the-art schemes consider the server as a trusted entity and focus solely on verifying the ownership of the user, while others emphasize bidirectional ownership verification but do not incorporate obliviousness in their solutions. In this paper, we propose a novel bidirectional and oblivious ownership verification scheme for deduplication systems. We cryptographically prove that adversaries lacking complete ownership of the file, cannot successfully pass ownership verification with non-negligible probability. Additionally, we show that adversaries cannot gain any knowledge about the file through the ownership verification process. We implement our scheme in two real cloud scenarios and analyze performance compared to the recent state-of-the-art schemes. The experimental results demonstrate that our approach incurs moderate computational, communication, storage, and energy overheads while achieving ownership authentication and maintaining obliviousness in deduplicated cloud storage systems.

查看原文本刊更多论文

重复数据删除云计算系统的盲双向所有权验证

云存储系统提供了几个好处，例如可扩展的存储容量、随用随付的价格模式的成本效益、从任何位置通过互联网连接轻松访问以及强大的数据备份选项。这些优势推动了云存储的日益普及，导致存储在云上的数据量迅速增加。重复数据删除是一种有效的数据管理技术，用于这些系统中，通过消除冗余数据来降低存储成本和提高效率。但是，在重复数据删除系统中，散列摘要（即一小段信息）用作整个文件的所有权证明。因此，恶意用户可以通过获取并呈现该文件的哈希摘要来访问已经存储在云上的敏感文件。另一方面，存储在云中的数据可能由于各种意外或故意的原因而容易丢失或损坏。因此，需要一种所有权验证协议，用户和服务器可以在不泄露文件详细信息的情况下验证彼此的文件所有权。一些现有的最先进的方案将服务器视为受信任的实体，只关注验证用户的所有权，而其他方案则强调双向所有权验证，但不将遗忘性纳入其解决方案中。在本文中，我们提出了一种新的双向遗忘的重复数据删除系统所有权验证方案。我们用密码学方法证明了缺乏文件完全所有权的攻击者无法以不可忽略的概率成功通过所有权验证。此外，我们表明攻击者无法通过所有权验证过程获得关于文件的任何知识。我们在两个真实的云场景中实现了我们的方案，并与最新的最先进的方案进行了性能分析。实验结果表明，我们的方法在实现所有权认证和保持重复数据删除云存储系统的遗忘性时，会产生适度的计算、通信、存储和能源开销。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Future Generation Computer Systems-The International Journal of Escience 工程技术-计算机：理论方法

CiteScore

19.90

自引率

2.70%

发文量

376

审稿时长

10.6 months

期刊介绍： Computing infrastructures and systems are constantly evolving, resulting in increasingly complex and collaborative scientific applications. To cope with these advancements, there is a growing need for collaborative tools that can effectively map, control, and execute these applications. Furthermore, with the explosion of Big Data, there is a requirement for innovative methods and infrastructures to collect, analyze, and derive meaningful insights from the vast amount of data generated. This necessitates the integration of computational and storage capabilities, databases, sensors, and human collaboration. Future Generation Computer Systems aims to pioneer advancements in distributed systems, collaborative environments, high-performance computing, and Big Data analytics. It strives to stay at the forefront of developments in grids, clouds, and the Internet of Things (IoT) to effectively address the challenges posed by these wide-area, fully distributed sensing and computing systems.