Call for Paper - August 2019 Edition
IJCA solicits original research papers for the August 2019 Edition. Last date of manuscript submission is July 20, 2019. Read More

Efficient and Privacy Preserving Protocol against Insider Attack for Data Storage in Cloud Computing

Print
PDF
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Year of Publication: 2018
Authors:
Jennifer Batamuliza
10.5120/ijca2018916731

Jennifer Batamuliza. Efficient and Privacy Preserving Protocol against Insider Attack for Data Storage in Cloud Computing. International Journal of Computer Applications 179(34):27-36, April 2018. BibTeX

@article{10.5120/ijca2018916731,
	author = {Jennifer Batamuliza},
	title = {Efficient and Privacy Preserving Protocol against Insider Attack for Data Storage in Cloud Computing},
	journal = {International Journal of Computer Applications},
	issue_date = {April 2018},
	volume = {179},
	number = {34},
	month = {Apr},
	year = {2018},
	issn = {0975-8887},
	pages = {27-36},
	numpages = {10},
	url = {http://www.ijcaonline.org/archives/volume179/number34/29220-2018916731},
	doi = {10.5120/ijca2018916731},
	publisher = {Foundation of Computer Science (FCS), NY, USA},
	address = {New York, USA}
}

Abstract

Cloud computing provides remote users a flexible and convenient way to obtain cloud services on demand such as cloud storage service, which has been facing great security and privacy challenges, especially insider attacks. However, most of the previous work on the cloud security focusing on the storage security can’t be effective against insider threats. Wei’s scheme on the cloud storage, which is based on an ID-based strong designated verifier signature (IBSDVS) protocol, takes privacy and confidentiality into consideration. But it also can’t be against insider attacks and its confidentiality exists security flaws. Hence, in this paper, we propose an efficient data storage protocol in the cloud computing, which can be against insider attacks as well as providing privacy preserving and confidentiality. Similar to Wei’s scheme, our protocol adopts an IBSDVS scheme that has the secure property of non-delegatability. Then the analysis of security and performance are described in detail.

References

  1. P. Mell and T. Grance, “The nist definition of cloud computing,” 2011.
  2. M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson, A. Rabkin, I. Stoica et al., “A view of cloud computing,” Communications of the ACM, vol. 53, no. 4, pp. 50–58, 2010.
  3. R. Buyya, C. S. Yeo, and S. Venugopal, “Market-oriented cloud com-puting: Vision, hype, and reality for delivering it services as computing utilities,” in High Performance Computing and Communications, 2008. HPCC’08. 10th IEEE International Conference on. Ieee, 2008, pp. 5–13.
  4. K. Popovic and Z. Hocenski, “Cloud computing security issues and challenges,” in MIPRO, 2010 proceedings of the 33rd international convention. IEEE, 2010, pp. 344–349.
  5. D.-G. Feng, M. Zhang, Y. Zhang, and Z. Xu, “Study on cloud computing security,” Journal of Software, vol. 22, no. 1, pp. 71–83, 2011.
  6. Y. Chen, V. Paxson, and R. H. Katz, “Whats new about cloud computing security,” University of California, Berkeley Report No. UCB/EECS-2010-5 January, vol. 20, no. 2010, pp. 2010–5, 2010.
  7. A. Juels and B. S. Kaliski Jr, “Pors: Proofs of retrievability for large files,” in Proceedings of the 14th ACM conference on Computer and communications security. ACM, 2007, pp. 584–597.
  8. A. Giuseppe, B. Randal, C. Reza et al., “Provable data possession at untrusted stores,” Proceedings of CCS, vol. 10, pp. 598–609, 2007.
  9. C. Erway, A. Kupc¨¸u,¨ C. Papamanthou, and R. Tamassia, “Dynamic provable data possession,” in Proceedings of the 16th ACM conference on Computer and communications security. ACM, 2009, pp. 213–222.
  10. Q. Wang, C. Wang, J. Li, K. Ren, and W. Lou, “Enabling public verifiability and data dynamics for storage security in cloud computing,” in Computer Security–ESORICS 2009. Springer, 2009, pp. 355–370.
  11. K. Yang and X. Jia, “An efficient and secure dynamic auditing protocol for data storage in cloud computing,” Parallel and Distributed Systems, IEEE Transactions on, vol. 24, no. 9, pp. 1717–1726, 2013.
  12. M. Mowbray and S. Pearson, “A client-based privacy manager for cloud computing,” in Proceedings of the fourth international ICST conference on COMmunication system softWAre and middlewaRE. ACM, 2009, p. 5.
  13. E. Bertino, F. Paci, R. Ferrini, and N. Shang, “Privacy-preserving digital identity management for cloud computing.” IEEE Data Eng. Bull., vol. 32, no. 1, pp. 21–27, 2009.
  14. S. Pearson, Y. Shen, and M. Mowbray, “A privacy manager for cloud computing,” in Cloud Computing. Springer, 2009, pp. 90–106.
  15. Y. Deswarte, J.-J. Quisquater, and A. Sa¨ıdane, “Remote integrity check-ing,” in Integrity and Internal Control in Information Systems VI. Springer, 2004, pp. 1–11.
  16. H. Shacham and B. Waters, “Compact proofs of retrievability,” in Advances in Cryptology-ASIACRYPT 2008. Springer, 2008, pp. 90– 107.
  17. G. Ateniese, R. Di Pietro, L. V. Mancini, and G. Tsudik, “Scalable and efficient provable data possession,” in Proceedings of the 4th international conference on Security and privacy in communication netowrks. ACM, 2008, p. 9.
  18. R. C. Merkle, “Protocols for public key cryptosystems,” in 2012 IEEE Symposium on Security and Privacy. IEEE Computer Society, 1980, pp. 122–122.
  19. D. Boneh, B. Lynn, and H. Shacham, “Short signatures from the weil pairing,” in Advances in CryptologyłASIACRYPT 2001. Springer, 2001, pp. 514–532.
  20. C. Wang, Q. Wang, K. Ren, and W. Lou, “Privacy-preserving public auditing for data storage security in cloud computing,” in INFOCOM, 2010 Proceedings IEEE. Ieee, 2010, pp. 1–9.
  21. Q. Wang, C. Wang, K. Ren, W. Lou, and J. Li, “Enabling public auditability and data dynamics for storage security in cloud computing,” Parallel and Distributed Systems, IEEE Transactions on, vol. 22, no. 5, pp. 847–859, 2011.
  22. Y. Zhu, H. Hu, G.-J. Ahn, and M. Yu, “Cooperative provable data possession for integrity verification in multicloud storage,” Parallel and Distributed Systems, IEEE Transactions on, vol. 23, no. 12, pp. 2231– 2244, 2012.
  23. Y. Zhu, H. Wang, Z. Hu, G.-J. Ahn, H. Hu, and S. S. Yau, “Dynamic audit services for integrity verification of outsourced storages in clouds,” in Proceedings of the 2011 ACM Symposium on Applied Computing. ACM, 2011, pp. 1550–1557.
  24. P. Golle and I. Mironov, “Uncheatable distributed computations,” in Topics in CryptologyłCT-RSA 2001. Springer, 2001, pp. 425–440.
  25. F. Monrose, P. Wyckoff, and A. D. Rubin, “Distributed execution with remote audit,” in NDSS, vol. 99, 1999, pp. 3–5.
  26. R. Gennaro, C. Gentry, and B. Parno, “Non-interactive verifiable com-puting: Outsourcing computation to untrusted workers,” in Advances in Cryptology–CRYPTO 2010. Springer, 2010, pp. 465–482.
  27. L. Wei, H. Zhu, Z. Cao, W. Jia, and A. V. Vasilakos, “Seccloud: Bridging secure storage and computation in cloud,” in Distributed Computing Sys-tems Workshops (ICDCSW), 2010 IEEE 30th International Conference on. IEEE, 2010, pp. 52–61.
  28. L. Wei, H. Zhu, Z. Cao, X. Dong, W. Jia, Y. Chen, and A. V. Vasilakos, “Security and privacy for storage and computation in cloud computing,” Information Sciences, vol. 258, pp. 371–386, 2014.
  29. R. Canetti, B. Riva, and G. Rothblum, “Verifiable computation with two or more clouds,” in Workshop on Cryptography and Security in Clouds, 2011.
  30. S. Saeednia, S. Kremer, and O. Markowitch, “An efficient strong designated verifier signature scheme,” in Information Security and Cryptology-ICISC 2003. Springer, 2004, pp. 40–54.
  31. W. Susilo, F. Zhang, and Y. Mu, “Identity-based strong designated veri-fier signature schemes,” in Information Security and Privacy. Springer, 2004, pp. 313–324.
  32. B. Kang, C. Boyd, and E. Dawson, “A novel identity-based strong designated verifier signature scheme,” Journal of Systems and Software, vol. 82, no. 2, pp. 270–273, 2009.
  33. H. Tian, X. Chen, F. Zhang, B. Wei, Z. Jiang, and Y. Liu, “A non-delegatable strong designated verifier signature in id-based setting for mobile environment,” Mathematical and Computer Modelling, vol. 58, no. 5, pp. 1289–1300, 2013.

Keywords

Cloud computing, storage security, designate verifier signature, privacy preserving, and insider attack.