Privacy-Preserving Cloud Auditing for Multiple Users Scheme With Authorization and Traceability
TLDR
This work uses certificateless signature technology to construct a privacy-preserving cloud auditing scheme for multiple users with authorization and traceability and introduces an identity authentication process between the third-party auditor (TPA) and the CSP to prevent the denial of service attack.Abstract:
With the widespread application of cloud storage, users could obtain many conveniences such as low-price data remote storage and flexible data sharing. Considering cloud service provider (CSP) is not full-trusted, lots of cloud auditing schemes are proposed to ensure the shared data security and integrity. However, existing cloud auditing schemes have some security risks, such as user identity disclosure, denial of service attack and single-manager abuse of power. To solve the above issues, we use certificateless signature technology to construct a privacy-preserving cloud auditing scheme for multiple users with authorization and traceability in this paper. Unlike the traditional schemes, our scheme realizes user identity anonymity without group signature and ring signature techniques, which guarantees the tag is compact. Meanwhile, our scheme supports that at least d managers could trace the identity of malicious user collaboratively, which avoids the abuse of single-manager power and provides non-frameability. Furthermore, we introduce an identity authentication process between the third-party auditor (TPA) and the CSP to prevent the denial of service attack. That is, our scheme could solve the problem that anyone can challenge the CSP for the proofs, which averts network congestion and waste of cloud resources. In terms of function, the proposed scheme also supports efficient user revocation from a group. Certificateless cryptography ensures that our scheme does not involve certificate management burden and the key escrow problem. The security analysis shows that our scheme is provably secure against two types of adversaries in the environment of certificateless cryptography. The performance analysis demonstrates that our scheme is efficientread more
Citations
More filters
Journal ArticleDOI
Identity-Based Privacy Preserving Remote Data Integrity Checking With a Designated Verifier
TL;DR: An identity-based remote data possession checking scheme that satisfies the data owner’s requirement to specify a unique verifier that can guarantee that only the designated verifier can check data integrity, whereas others cannot do it is proposed.
Journal ArticleDOI
Advanced Authentication Mechanisms for Identity and Access Management in Cloud Computing
TL;DR: In this article , the authors proposed a comprehensive review of security services and threats, advanced frameworks for IAM that provide authentication mechanisms in public and private cloud platforms, which proved high efficiency in protecting cloud platforms from insider attacks, single signon failure, brute force attacks, denial of service, user privacy threats, and data privacy threats.
Journal ArticleDOI
Certificateless Reliable and Privacy-Preserving Auditing of Group Shared Data for FOG-CPSs
Manohar S. Burra,Soumya Maity +1 more
TL;DR: A novel CLPKC-based group shared data auditing protocol tailored to the specific security requirements of a FOG-CPS is proposed and establishes metadata and data integrity proof unforgeability and claimed zero-knowledge privacy and reliability properties through rigorous proofs in the random oracle model setting.
Journal ArticleDOI
Towards Lightweight Provable Data Possession for Cloud Storage Using Indistinguishability Obfuscation
TL;DR: In this paper , the authors explore the issues and lists future research directions in this field and propose lightweight public auditing scheme using these Indistinguishability Obfuscation (IO) techniques.
Journal ArticleDOI
Privacy-Preserving Public Auditing for Shared Cloud Data With Secure Group Management
TL;DR: Wang et al. as discussed by the authors proposed a public auditing scheme for shared data that supports data privacy, identity traceability, and group dynamics, but their scheme is insecure against tag forgery or proof forgery attacks, which means that the cloud server can still generate valid proof that the server had accurately stored the data.
References
More filters
Book ChapterDOI
Identity-based cryptosystems and signature schemes
TL;DR: In this article, the authors introduce a novel type of cryptographic scheme, which enables any pair of users to communicate securely and to verify each other's signatures without exchanging private or public keys, without keeping key directories, and without using the services of a third party.
Proceedings ArticleDOI
Provable data possession at untrusted stores
Giuseppe Ateniese,Randal Burns,Reza Curtmola,Joseph Herring,Lea Kissner,Zachary N. J. Peterson,Dawn Song +6 more
TL;DR: The provable data possession (PDP) model as discussed by the authors allows a client that has stored data at an untrusted server to verify that the server possesses the original data without retrieving it.
Book ChapterDOI
Efficient identity-based encryption without random oracles
TL;DR: This work first presents their IBE construction and reduces the security of the scheme to the decisional Bilinear Diffie-Hellman (BDH) problem, and shows that their techniques can be used to build a new signature scheme that is secure under the computational Diffie -Hellman assumption without random oracles.
Posted Content
Provable Data Possession at Untrusted Stores.
Giuseppe Ateniese,Randal Burns,Reza Curtmola,Joseph Herring,Lea Kissner,Zachary N. J. Peterson,Dawn Song +6 more
TL;DR: Ateniese et al. as discussed by the authors introduced the provable data possession (PDP) model, which allows a client that has stored data at an untrusted server to verify that the server possesses the original data without retrieving it.
Journal Article
Certificateless public key cryptography
TL;DR: In this article, the concept of certificateless public key cryptography (CL-PKC) was introduced and made concrete, which does not require certificates to guarantee the authenticity of public keys.