FUZZY IDENTITY-BASED DATA INTEGRITY AUDITING FOR RELIABLE CLOUD STORAGE SYSTEMS1croreprojects@gmail.com
Data integrity, a core security issue in reliable cloud storage, has received much attention. Data auditing protocols enable a verifier to efficiently check the integrity of the outsourced data without downloading the data. A key research challenge associated with existing designs of data auditing protocols is the complexity in key management. In this paper, we seek to address the complex key management challenge in cloud data integrity checking by introducing fuzzy identity-based auditing, the first in such an approach, to the best of our knowledge. More specifically, we present the primitive of fuzzy identity-based data auditing, where a user’s identity can be viewed as a set of descriptive attributes. We formalize the system model and the security model for this new primitive. We then present a concrete construction of fuzzy identity-based auditing protocol by utilizing biometrics as the fuzzy identity. The new protocol offers the property of error-tolerance, namely, it binds with private key to one identity which can be used to verify the correctness of a response generated with another identity, if and only if both identities are sufficiently close. We prove the security of our protocol based on the computational Diffie-Hellman assumption and the discrete logarithm assumption in the selective-ID security model. Finally, we develop a prototype implementation of the protocol which demonstrates the practicality of the proposal.
For More:- IEEE 2018-2019 Cloud Computing projects
Despite the benefits offered by cloud storage, there are many inherent security risks since when data owners out-source their data to the cloud, they generally lose physical possession of their data and even have no idea where their data are actually stored or who has the permission to getting access to their data.
That is to say, it is the cloud servers who control the fate of the data after the data owners uploading their files to the cloud. The cloud servers assure they will try their best to protect the security of the cloud data, but the data loss accidents are inevitable.
This is not surprising. Firstly, a short-time crash of the cloud server or the breakdown of the storage medium (e.g RAM) will cause the data easily corrupted. Moreover, users’ data may be lost due to deliberate deletion by cloud servers in order to make the available storage space for other files to get more profit. Data loss incident happens frequently in reality and has been regarded as one of the key security concerns in cloud storage.
- Data auditing protocols is the complexity in key management.
- Security issue in reliable cloud storage
- Crash of the cloud server or the breakdown of the storage medium will cause the data easily corrupted
We propose the notion of fuzzy identity-based data integrity auditing designed to simplify key management. We then formalize the system model and security model to ensure the security called soundness of this new primitive (i.e. if a cloud server can convince a verifier that the server is storing a file, if and only if it is actually storing that file). We describe a concrete construction of fuzzy identity-based data integrity auditing protocol, by borrowing the idea of fuzzy identity-based encryption due to Shacham and Waters.
- Reduces the burden of maintenance and management of the data
- Best to protect the security of the cloud data, but the data loss accidents are inevitable
- The proposed protocol revolutionizes key management in traditional remote data integrity checking protocols
 M. Hogan, F. Liu, A. Sokol and J. Tong, “NIST Cloud Computing Standards Roadmap,” NIST Cloud Computing Standards Roadmap Working Group, SP 500-291-v1.0, NIST, Jul, 2011.
 M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H. Katz, A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia, “Above the clouds: A berkeley view of cloud computing, University of California, Berkeley, Tech. Rep.
 Y. Deswarte, J. J. Quisquater and A. Saidane. “Remote integrity checking”. Integrity and Internal Control in Information Systems VI. Springer US, pp.1-11, 2004.
 G. Ateniese, R. C. Burns, R. Curtmola, J. Herring, L. Kissner, Z. N. J. Peterson and D. X. Song, “Provable data possession at untrusted stores,” in Proc. of ACM Conference on Computer and Communications Security, pp.598-609, 2007.
 G. Ateniese, S. Kamara and J. Katz. “Proofs of storage from homomorphic identification protocols”. Proc. of ASIACRYPT, pp.319-333, 2009.
 R. L. Rivest, A. Shamir and L. Adleman. “A method for obtaining digital signatures and public-key cryptosystems”. Communications of the ACM, 21(2), pp.120-126, 1978.
 H. Shacham and B.Waters, “Compact proofs of retrievability,” Proc. of Cryptology-ASIACRYPT, 5350, pp.90-107, 2008.
 D. Boneh , B. Lynn, and H. Shacham “Short signatures from the weil pairing”, In Proc. of Asiacrypt 2001, pp.514-532, 2001.
 C. C. Erway, A. Kupcu and C. Papamanthou. “Dynamic provable data possession”. ACM Transactions on Information and System Security (TISSEC), 17(4), 15, 2015.
 Q. Wang, C. Wang, J. Li, K. Ren and W. Lou, “Enabling public verifiability and data dynamics for storage security in cloud computing”. Proc. of ESORICS2009, LNCS 5789, pp.355-370, 2009.