Currently,there is a growing trend among users to store their data in the cloud.However,the cloud is vulnerable to persistent data corruption risks arising from equipment failures and hacker attacks.Additionally,when ...Currently,there is a growing trend among users to store their data in the cloud.However,the cloud is vulnerable to persistent data corruption risks arising from equipment failures and hacker attacks.Additionally,when users perform file operations,the semantic integrity of the data can be compromised.Ensuring both data integrity and semantic correctness has become a critical issue that requires attention.We introduce a pioneering solution called Sec-Auditor,the first of its kind with the ability to verify data integrity and semantic correctness simultaneously,while maintaining a constant communication cost independent of the audited data volume.Sec-Auditor also supports public auditing,enabling anyone with access to public information to conduct data audits.This feature makes Sec-Auditor highly adaptable to open data environments,such as the cloud.In Sec-Auditor,users are assigned specific rules that are utilized to verify the accuracy of data semantic.Furthermore,users are given the flexibility to update their own rules as needed.We conduct in-depth analyses of the correctness and security of Sec-Auditor.We also compare several important security attributes with existing schemes,demonstrating the superior properties of Sec-Auditor.Evaluation results demonstrate that even for time-consuming file upload operations,our solution is more efficient than the comparison one.展开更多
Public verification of data integrity is crucial for promoting the serviceability of cloud storage systems. Recently, Tan and Jia (2014) proposed an identity-based public verification (NaEPASC) protocol for cloud ...Public verification of data integrity is crucial for promoting the serviceability of cloud storage systems. Recently, Tan and Jia (2014) proposed an identity-based public verification (NaEPASC) protocol for cloud data to simplify key management and alleviate the burden of check tasks. They claimed that NaEPASC enables a third- party auditor (TPA) to verify the integrity of outsourced data with high efficiency and security in a cloud computing environment. However, in this paper, we pinpoint that NaEPASC is vulnerable to the signature forgery attack in the setup phase; i.e., a malicious cloud server can forge a valid signature for an arbitrary data block by using two correct signatures. Moreover, we demonstrate that NaEPASC is subject to data privacy threats in the challenge phase; i.e., an external attacker acting as a TPA can reveal the content of outsourced data. The analysis shows that NaEPASC is not secure in the data verification process. Therefore, our work is helpful for cryptographers and engineers to design and implement more secure and efficient identitv-based nublic alldit^n~ .~cheme~ far clnne] ~tnr^q~展开更多
Storage auditing and client-side deduplication techniques have been proposed to assure data integrity and improve storage efficiency, respectively. Recently, a few schemes start to consider these two different aspects...Storage auditing and client-side deduplication techniques have been proposed to assure data integrity and improve storage efficiency, respectively. Recently, a few schemes start to consider these two different aspects together. However, these schemes either only support plaintext data file or have been proved insecure. In this paper, we propose a public auditing scheme for cloud storage systems, in which deduplication of encrypted data and data integrity checking can be achieved within the same framework. The cloud server can correctly check the ownership for new owners and the auditor can correctly check the integrity of deduplicated data. Our scheme supports deduplication of encrypted data by using the method of proxy re-encryption and also achieves deduplication of data tags by aggregating the tags from different owners. The analysis and experiment results show that our scheme is provably secure and efficient.展开更多
With the advancement of industrial internet of things(IIoT),wireless medical sensor networks(WMSNs)have been widely introduced in modern healthcare systems to collect real-time medical data from patients,which is know...With the advancement of industrial internet of things(IIoT),wireless medical sensor networks(WMSNs)have been widely introduced in modern healthcare systems to collect real-time medical data from patients,which is known as HealthIIoT.Considering the limited computing and storage capabilities of lightweight HealthIIoT devices,it is necessary to upload these data to remote cloud servers for storage and maintenance.However,there are still some serious security issues within outsourcing medical sensor data to the cloud.One of the most signifcant challenges is how to ensure the integrity of these data,which is a prerequisite for providing precise medical diagnosis and treatment.To meet this challenge,we propose a novel and efcient public auditing scheme,which is suitable for cloud-assisted HealthIIoT system.Specifcally,to address the contradiction between the high real-time requirement of medical sensor data and the limited computing power of HealthIIoT devices,a new online/ofine tag generation algorithm is designed to improve preprocessing efciency;to protect medical data privacy,a secure hash function is employed to blind the data proof.We formally prove the security of the presented scheme,and evaluate the performance through detailed experimental comparisons with the state-of-the-art ones.The results show that the presented scheme can greatly improve the efciency of tag generation,while achieving better auditing performance than previous schemes.展开更多
Cloud computing and storage services allow clients to move their data center and applications to centralized large data centers and thus avoid the burden of local data storage and maintenance.However,this poses new ch...Cloud computing and storage services allow clients to move their data center and applications to centralized large data centers and thus avoid the burden of local data storage and maintenance.However,this poses new challenges related to creating secure and reliable data storage over unreliable service providers.In this study,we address the problem of ensuring the integrity of data storage in cloud computing.In particular,we consider methods for reducing the burden of generating a constant amount of metadata at the client side.By exploiting some good attributes of the bilinear group,we can devise a simple and efficient audit service for public verification of untrusted and outsourced storage,which can be important for achieving widespread deployment of cloud computing.Whereas many prior studies on ensuring remote data integrity did not consider the burden of generating verification metadata at the client side,the objective of this study is to resolve this issue.Moreover,our scheme also supports data dynamics and public verifiability.Extensive security and performance analysis shows that the proposed scheme is highly efficient and provably secure.展开更多
A number of proposals have been suggested to tackle data integrity and privacy concerns in cloud storage in which some existing schemes suffer from vulnerabilities in data dynamics. In this paper, we propose an improv...A number of proposals have been suggested to tackle data integrity and privacy concerns in cloud storage in which some existing schemes suffer from vulnerabilities in data dynamics. In this paper, we propose an improved fairness and dynamic provable data possession scheme that supports public verification and batch auditing while preserves data privacy. The rb23Tree is utilized to facilitate data dynamics. Moreover, the fairness is considered to prevent a dishonest user from accusing the cloud service provider of manipulating the data. The scheme allows a third party auditor (TPA) to verify the data integrity without learning any information about the data content during the auditing process. Furthermore, our scheme also allows batch auditing, which greatly accelerates the auditing process when there are multiple auditing requests. Security analysis and extensive experimental evaluations show that our scheme is secure and efficient.展开更多
基金This research was supported by the Qinghai Provincial High-End Innovative and Entrepreneurial Talents Project.
文摘Currently,there is a growing trend among users to store their data in the cloud.However,the cloud is vulnerable to persistent data corruption risks arising from equipment failures and hacker attacks.Additionally,when users perform file operations,the semantic integrity of the data can be compromised.Ensuring both data integrity and semantic correctness has become a critical issue that requires attention.We introduce a pioneering solution called Sec-Auditor,the first of its kind with the ability to verify data integrity and semantic correctness simultaneously,while maintaining a constant communication cost independent of the audited data volume.Sec-Auditor also supports public auditing,enabling anyone with access to public information to conduct data audits.This feature makes Sec-Auditor highly adaptable to open data environments,such as the cloud.In Sec-Auditor,users are assigned specific rules that are utilized to verify the accuracy of data semantic.Furthermore,users are given the flexibility to update their own rules as needed.We conduct in-depth analyses of the correctness and security of Sec-Auditor.We also compare several important security attributes with existing schemes,demonstrating the superior properties of Sec-Auditor.Evaluation results demonstrate that even for time-consuming file upload operations,our solution is more efficient than the comparison one.
基金Project supported by the National Natural Science Foundation of China (Nos. 61472287, 61501333, 61572379, and 61772377), the Natural Science Foundation of Hubei Province, China (Nos. 2015CFA068 and 2017CFA007), the Wuhan Science and Tech- nology Plan Project (No. 2016060101010047), and the Deanship of Scientific Research at King Saud University, Saudi Arabia (No. PRG-1436-16)
文摘Public verification of data integrity is crucial for promoting the serviceability of cloud storage systems. Recently, Tan and Jia (2014) proposed an identity-based public verification (NaEPASC) protocol for cloud data to simplify key management and alleviate the burden of check tasks. They claimed that NaEPASC enables a third- party auditor (TPA) to verify the integrity of outsourced data with high efficiency and security in a cloud computing environment. However, in this paper, we pinpoint that NaEPASC is vulnerable to the signature forgery attack in the setup phase; i.e., a malicious cloud server can forge a valid signature for an arbitrary data block by using two correct signatures. Moreover, we demonstrate that NaEPASC is subject to data privacy threats in the challenge phase; i.e., an external attacker acting as a TPA can reveal the content of outsourced data. The analysis shows that NaEPASC is not secure in the data verification process. Therefore, our work is helpful for cryptographers and engineers to design and implement more secure and efficient identitv-based nublic alldit^n~ .~cheme~ far clnne] ~tnr^q~
基金Supported by the National Natural Science Foundation of China(61373040,61173137)the Ph.D.Programs Foundation of Ministry of Education of China(20120141110002)the Key Project of Natural Science Foundation of Hubei Province(2010CDA004)
文摘Storage auditing and client-side deduplication techniques have been proposed to assure data integrity and improve storage efficiency, respectively. Recently, a few schemes start to consider these two different aspects together. However, these schemes either only support plaintext data file or have been proved insecure. In this paper, we propose a public auditing scheme for cloud storage systems, in which deduplication of encrypted data and data integrity checking can be achieved within the same framework. The cloud server can correctly check the ownership for new owners and the auditor can correctly check the integrity of deduplicated data. Our scheme supports deduplication of encrypted data by using the method of proxy re-encryption and also achieves deduplication of data tags by aggregating the tags from different owners. The analysis and experiment results show that our scheme is provably secure and efficient.
基金supported in part by the National Natural Science Foundation of China(Grant No.U1405254)the Natural Science Foundation of Fujian Province of China(No.2018J01093)+1 种基金the Open Project Program of Wuhan National Laboratory for Optoelectronics(No.2018 WNLOKF009)the Scientifc Research Funds of Huaqiao University(No.605-50Y19028).
文摘With the advancement of industrial internet of things(IIoT),wireless medical sensor networks(WMSNs)have been widely introduced in modern healthcare systems to collect real-time medical data from patients,which is known as HealthIIoT.Considering the limited computing and storage capabilities of lightweight HealthIIoT devices,it is necessary to upload these data to remote cloud servers for storage and maintenance.However,there are still some serious security issues within outsourcing medical sensor data to the cloud.One of the most signifcant challenges is how to ensure the integrity of these data,which is a prerequisite for providing precise medical diagnosis and treatment.To meet this challenge,we propose a novel and efcient public auditing scheme,which is suitable for cloud-assisted HealthIIoT system.Specifcally,to address the contradiction between the high real-time requirement of medical sensor data and the limited computing power of HealthIIoT devices,a new online/ofine tag generation algorithm is designed to improve preprocessing efciency;to protect medical data privacy,a secure hash function is employed to blind the data proof.We formally prove the security of the presented scheme,and evaluate the performance through detailed experimental comparisons with the state-of-the-art ones.The results show that the presented scheme can greatly improve the efciency of tag generation,while achieving better auditing performance than previous schemes.
基金the National Natural Science Foundation of China,the National Basic Research Program of China ("973" Program) the National High Technology Research and Development Program of China ("863" Program)
文摘Cloud computing and storage services allow clients to move their data center and applications to centralized large data centers and thus avoid the burden of local data storage and maintenance.However,this poses new challenges related to creating secure and reliable data storage over unreliable service providers.In this study,we address the problem of ensuring the integrity of data storage in cloud computing.In particular,we consider methods for reducing the burden of generating a constant amount of metadata at the client side.By exploiting some good attributes of the bilinear group,we can devise a simple and efficient audit service for public verification of untrusted and outsourced storage,which can be important for achieving widespread deployment of cloud computing.Whereas many prior studies on ensuring remote data integrity did not consider the burden of generating verification metadata at the client side,the objective of this study is to resolve this issue.Moreover,our scheme also supports data dynamics and public verifiability.Extensive security and performance analysis shows that the proposed scheme is highly efficient and provably secure.
基金Supported by the Doctoral Fund of the Ministry of Education priority Areas of Development Projects(20110141130006)the Natural Science Foundation of Hubei Province(ZRZ0041)
文摘A number of proposals have been suggested to tackle data integrity and privacy concerns in cloud storage in which some existing schemes suffer from vulnerabilities in data dynamics. In this paper, we propose an improved fairness and dynamic provable data possession scheme that supports public verification and batch auditing while preserves data privacy. The rb23Tree is utilized to facilitate data dynamics. Moreover, the fairness is considered to prevent a dishonest user from accusing the cloud service provider of manipulating the data. The scheme allows a third party auditor (TPA) to verify the data integrity without learning any information about the data content during the auditing process. Furthermore, our scheme also allows batch auditing, which greatly accelerates the auditing process when there are multiple auditing requests. Security analysis and extensive experimental evaluations show that our scheme is secure and efficient.