Call for Paper - March 2023 Edition
IJCA solicits original research papers for the March 2023 Edition. Last date of manuscript submission is February 20, 2023. Read More

Verifying Outsourced Replicated Data in Cloud Computing Storage Systems

Print
PDF
International Journal of Computer Applications
© 2014 by IJCA Journal
Volume 99 - Number 7
Year of Publication: 2014
Authors:
Ayad F. Barsoum
M. Anwar Hasan
10.5120/17382-7921

Ayad F Barsoum and Anwar M Hasan. Article: Verifying Outsourced Replicated Data in Cloud Computing Storage Systems. International Journal of Computer Applications 99(7):1-13, August 2014. Full text available. BibTeX

@article{key:article,
	author = {Ayad F. Barsoum and M. Anwar Hasan},
	title = {Article: Verifying Outsourced Replicated Data in Cloud Computing Storage Systems},
	journal = {International Journal of Computer Applications},
	year = {2014},
	volume = {99},
	number = {7},
	pages = {1-13},
	month = {August},
	note = {Full text available}
}

Abstract

Storage-as-a-Service offered by cloud service providers (CSPs) enables customers to store and retrieve almost unlimited amount of data by paying fees metered in GB/month. For an increased level of scalability, availability and durability, some customers may want their data to be replicated on multiple servers across multiple data centers. In this paper, we propose a pairing-based provable multicopy data possession (PB-PMDP) scheme, which provides an evidence that all outsourced copies are actually stored and remain intact. Moreover, it allows authorized users (i. e. , those who have the right to access the owner's file) to seamlessly access the file copies stored by the CSP, and supports public verifiability. The proposed scheme is proved to be secure against colluding servers. We illustrate the performance of the PB-PMDP scheme through theoretical analysis, which is then validated by experimental results on a commercial cloud platform. The verification time of the proposed scheme is practically independent of the number of file copies. Additionally, we discuss how to identify corrupted copies by slightly modifying the proposed PB-PMDP scheme.

References

  • Marcos K. Aguilera, Ramaprabhu Janakiraman, and Lihao Xu. Using erasure codes efficiently for storage in a distributed system. In Proceedings of the 2005 International Conference on Dependable Systems and Networks, DSN '05, pages 336– 345, Washington, DC, USA, 2005. IEEE Computer Society.
  • Amazon EC2 Instance Types. http://aws. amazon. com/ ec2/.
  • Amazon elastic compute cloud (Amazon EC2). http:// aws. amazon. com/ec2/.
  • Amazon simple storage service (Amazon S3). http://aws. amazon. com/s3/.
  • Giuseppe Ateniese, Randal Burns, Reza Curtmola, Joseph Herring, Lea Kissner, Zachary Peterson, and Dawn Song. Provable data possession at untrusted stores. In CCS '07: Proceedings of the 14th ACM Conference on Computer and Communications Security, pages 598–609, New York, NY, USA, 2007.
  • Giuseppe Ateniese, Seny Kamara, and Jonathan Katz. Proofs of storage from homomorphic identification protocols. In ASIACRYPT '09: Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security, pages 319–333, Berlin, Heidelberg, 2009.
  • Giuseppe Ateniese, Roberto Di Pietro, Luigi V. Mancini, and Gene Tsudik. Scalable and efficient provable data possession. In SecureComm '08: Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks, pages 1–10, New York, NY, USA, 2008.
  • Paulo S. L. M. Barreto and Michael Naehrig. IEEE P1363. 3 submission: Pairing-friendly elliptic curves of prime order with embedding degree 12. New Jersey: IEEE Standards Association, 2006.
  • Ayad Fekry Barsoum and M. Anwar Hasan. Provable possession and replication of data over cloud servers. Centre For Applied Cryptographic Research (CACR), University of Waterloo, Report 2010/32, 2010. http://www. cacr. math. uwaterloo. ca/techreports/2010/cacr2010-32. pdf.
  • Kevin D. Bowers, Ari Juels, and Alina Oprea. Hail: a highavailability and integrity layer for cloud storage. In CCS '09: Proceedings of the 16th ACM Conference on Computer and Communications Security, pages 187–198, New York, NY, USA, 2009.
  • Kevin D. Bowers, Ari Juels, and Alina Oprea. Proofs of retrievability: theory and implementation. In CCSW '09: Proceedings of the 2009 ACM workshop on Cloud computing security, pages 43–54, New York, NY, USA, 2009. ACM.
  • Reza Curtmola, Osama Khan, and Randal Burns. Robust remote data checking. In StorageSS '08: Proceedings of the 4th ACM international workshop on Storage security and survivability, pages 63–68, New York, NY, USA, 2008. ACM.
  • Reza Curtmola, Osama Khan, Randal Burns, and Giuseppe Ateniese. MR-PDP: multiple-replica provable data possession. In 28th IEEE ICDCS, pages 411–420, 2008.
  • Yves Deswarte, Jean-Jacques Quisquater, and Ayda Sa¨ýdane. Remote integrity checking. In Sushil Jajodia; Leon Strous, editor, 6th Working Conference on Integrity and Internal Control in Information Systems (IICIS), pages 1–11, 2003.
  • Yevgeniy Dodis, Salil Vadhan, and Daniel Wichs. Proofs of retrievability via hardness amplification. In TCC '09: Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography, pages 109–127, Berlin, Heidelberg, 2009. Springer-Verlag.
  • Anna Lisa Ferrara, Matthew Green, Susan Hohenberger, and Michael Pedersen. Practical short signature batch verification. In The Cryptographer's Track at RSA Conference, pages 309– 324, 2009.
  • D´ecio Luiz Gazzoni Filho and Paulo S´ergio Licciardi Messeder Barreto. Demonstrating data possession and uncheatable data transfer. Cryptology ePrint Archive, Report 2006/150, 2006.
  • Nancy Gohring. Amazon's S3 down for several hours. Online at http://www. pcworld. com/ businesscenter/article/142549/amazons_s3_down_ for_severalhours. html, 2008.
  • Philippe Golle, Stanislaw Jarecki, and Ilya Mironov. Cryptographic primitives enforcing communication and storagecomplexity. In FC'02: Proceedings of the 6th International Conference on Financial Cryptography, pages 120–135, Berlin, Heidelberg, 2003.
  • Ari Juels and Burton S. Kaliski. PORs: Proofs of Retrievability for large files. In CCS'07: Proceedings of the 14th ACM conference on Computer and communications security, pages 584–597. ACM, 2007.
  • Brian Krebs. Payment processor breach may be largest ever. Online at http://voices. washingtonpost. com/ securityfix/2009/01/payment_processor_breach_ may_b. html, Jan. 2009.
  • Alfred Menezes. An introduction to pairing-based cryptography. Lecture Notes 2005, Online at http://www. math. uwaterloo. ca/~ajmeneze/ publications/pairings. pdf.
  • Atsuko Miyaji, Masaki Nakabayashi, and Shunzou TAKANO. New explicit conditions of elliptic curve traces for FR-reduction. IEICE Transactions on fundamental, pages 1234–1243, 2001.
  • Einar Mykletun, Maithili Narasimha, and Gene Tsudik. Authentication and integrity in outsourced databases. Trans. Storage, 2(2), 2006.
  • S. Porubsk et al. Fermat-Euler theorem in algebraic number fields. Journal of Number Theory, 60(2):254–290, 1996.
  • Francesc Seb´e, Josep Domingo-Ferrer, Antoni Martinez- Balleste, Yves Deswarte, and Jean-Jacques Quisquater. Efficient remote data possession checking in critical information infrastructures. IEEE Trans. on Knowl. and Data Eng. , 20(8), 2008.
  • Hovav Shacham and BrentWaters. Compact proofs of retrievability. In Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology, ASIACRYPT '08, pages 90–107. Springer-Verlag, 2008.
  • Mehul A. Shah, Mary Baker, Jeffrey C. Mogul, and Ram Swaminathan. Auditing to keep online storage services honest. In HOTOS'07: Proceedings of the 11th USENIX workshop on Hot topics in operating systems, pages 1–6, Berkeley, CA, USA, 2007.
  • Mehul A. Shah, Ram Swaminathan, and Mary Baker. Privacypreserving audit and extraction of digital contents. Cryptology ePrint Archive, Report 2008/186, 2008.
  • Claude Elwood Shannon. Communication theory of secrecy systems. Bell Syst. Tech. J. , 28(4), 1949.
  • Weichao Wang, Zhiwei Li, Rodney Owens, and Bharat Bhargava. Secure and efficient access to outsourced data. In CCSW '09: Proceedings of the 2009 ACM Workshop on Cloud Computing Security, pages 55–66, New York,NY, USA, 2009.
  • Min Xie, Haixun Wang, Jian Yin, and Xiaofeng Meng. Integrity auditing of outsourced data. In VLDB '07: Proceedings of the 33rd International Conference on Very Large Databases, pages 782–793, 2007.
  • Ke Zeng. Publicly verifiable remote data integrity. In Proceedings of the 10th International Conference on Information and Communications Security, ICICS '08, pages 419– 434, Berlin, Heidelberg, 2008. Springer-Verlag.