Enabling public auditability for operation behaviors in cloud storage

被引：15

作者：

Tian, Hui ^{[1
]}

Chen, Zhaoyi ^{[1
]}

Chang, Chin-Chen ^{[2
]}

Kuribayashi, Minoru ^{[3
]}

Huang, Yongfeng ^{[4
]}

Cai, Yiqiao ^{[1
]}

Chen, Yonghong ^{[1
]}

Wang, Tian ^{[1
]}

机构：

[1] Natl Huaqiao Univ, Coll Comp Sci & Technol, Xiamen 361021, Peoples R China

[2] Feng Chia Univ, Dept Informat Engn & Comp Sci, Taichung 40724, Taiwan

[3] Okayama Univ, Grad Sch Nat Sci & Technol, Okayama 7008530, Japan

[4] Tsinghua Univ, Dept Elect Engn, Beijing 100084, Peoples R China

来源：

SOFT COMPUTING | 2017年 / 21卷 / 08期

关键词：

Cloud storage; Public auditing; Operation behaviors; Merkle hash tree; Secure logging; SECURITY; CHALLENGES;

D O I：

10.1007/s00500-016-2311-y

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

In this paper, we focus on auditing for users' operation behaviors, which is significant for the avoidance of potential crimes in the cloud and equitable accountability determination in the forensic. We first present a public model for operation behaviors in cloud storage, in which a trusted third party is introduced to verify the integrity of operation behavior logs to enhance the credibility of forensic results as well as alleviate the burden of the forensic investigator. Further, we design a block-based logging approach to support selective verification and a hash-chain-based structure for each log block to ensure the forward security and append-only properties for log entries. Moreover, to achieve the tamper resistance of log blocks and non-repudiation of auditing proofs, we employ Merkle hash tree (MHT) to record the hash values of the aggregation authentication block tags sequentially and publish the root of MHT to the public once a block has been appended. Meanwhile, using the authentication property of MHT, our scheme can provide log-less verification with privacy preservation. We formally prove the security of the proposed scheme and evaluate its performance on entry appending and verification by concrete experiments and comparisons with the state-of-the-art schemes. The results demonstrate that the proposed scheme can effectively achieve secure auditing for log files of operation behaviors in cloud storage and outperforms the previous ones in computation complexity and communication overhead.

引用

页码：2175 / 2187

页数：13

共 56 条

[11] Using algebraic signatures to check data possession in cloud storage[J]. Chen, Lanxiang. FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2013(07)
[12] The Growing Pains of Cloud Storage[J]. Chen, Yih-Farn Robin. IEEE INTERNET COMPUTING, 2015(01)
[13] Network forensics analysis[J]. Corey, V;Peterman, C;Shearin, S;Greenberg, MS;Van Bokkelen, J. IEEE INTERNET COMPUTING, 2002(06)
[14] Crosby S. A., 2009, USENIX SECURITY S, P317
[15] Dewan H., 2011, Proceedings of the 2011 IEEE World Congress on Services (SERVICES 2011), P224, DOI 10.1109/SERVICES.2011.43
[16] Dixon PD, 2005, IEEE POTENTIALS, V24, P7, DOI 10.1109/MP.2005.1594001
[17] Erway CC, 2009, CCS'09: PROCEEDINGS OF THE 16TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, P213
[18] Proofs of Ownership in Remote Storage Systems[J]. Halevi, Shai;Harnik, Danny;Pinkas, Benny;shulman-peleg, Alexandra. PROCEEDINGS OF THE 18TH ACM CONFERENCE ON COMPUTER & COMMUNICATIONS SECURITY (CCS 11), 2011
[19] HOLT J.E., 2006, 2006 AUSTRALASIAN WO, V54, P203
[20] Juels A, 2007, CCS'07: PROCEEDINGS OF THE 14TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, P584

← 1 2 3 4 5 6 →