A Novel Efficient Remote Data Possession Checking Protocol in Cloud StorageAbstract As an important application in cloud computing, cloud storage offers user scalable, flexible and high quality data storage and computation services. A growing number of data owners choose to outsource data files to the cloud. Because cloud storage servers are not fully trustworthy, data owners need dependable means to check the possession for their files outsourced to remote cloud servers. To address this crucial problem, some remote data possession checking (RDPC) protocols have been presented. But many existing schemes have vulnerabilities in efficiency or data dynamics. In this paper, we provide a new efficient RDPC protocol based on holomorphic hash function. The new scheme is provably secure against forgery attack, replace attack and replay attack based on a typical security model. To support data dynamics, an operation record table (ORT) is introduced to track operations on file blocks. We further give a new optimized implementation for the ORT which makes the cost of accessing ORT nearly constant. Moreover, we make the comprehensive performance analysis which shows that our scheme has advantages in computation and communication costs. Information security, sometimes shortened to InfoSec, is the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information. It is a general term that can be used regardless of the form the data may take (e.g. electronic, physical). Network security consists of the policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: It secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.
Cloud service provider tries to provide a promising service for data storage, which saves the users costs of investment and resource. Nonetheless, cloud storage also brings various s security issues for the outsourced data. Although some security problems have been solved the important challenges of data tampering and data lost still exist in cloud storage. On the one hand, the accident disk error or hardware failure of the cloud storage server (CSS) may cause the unexpected corruption of outsourced files. On the other hand, the CSS is not fully trustworthy from the perspective of the data owner; it may actively delete or modify files for tremendous economic benefits. At the same time, CSS may hide the misbehaviors and data loss accidents from data owner to maintain a good reputation.
DISADVANTAGES • It is crucial for the data owner to utilize an efficient way to check the integrity for outsourced data. • In addition, they supplied two concrete schemes (S-PDP, E-PDP) based on RSA. Although these two protocols had good performance, it's a pity they didn't support dynamic operations. • Does not provide efficiency in remote data integrity checking. • More expensive. • The existing system provides less flexibility.
It is essential for data owners to verify the integrity for the data stored on CSS before using it. For example, a big international trading company stores all the imports and exports record files on CSS. According to these files, the company can get the key information such as the logistics quantity, the trade volume etc. If any record file is discarded or tampered, the company will suffer from a big loss which may cause bad influence on its business and development. To avoid this kind of circumstances, it is mandatory to check the integrity for outsourced data files. Furthermore, since these files may refer to business secret, any information exposure is unacceptable. If the company competitor can execute the file integrity checking, by frequently checking the files they may obtain some useful information such as when the file changes, the growth rate of the file etc, by which they can guess the development of the company. Thus, to avoid this situation, we consider the private verification type in our scheme, that is, the data owner is the unique verifier. In fact, the current research direction of RDPC focuses on the public verification, in which anyone can perform the task of file integrity checking with the system public key. Although RDPC with public verification seems better than that with private verification, but it is unsuitable to the scenario mentioned above. Motivated by the above application scenarios, we present a novel efficient RDPC scheme by using homomorphic hash function , which has been used to construct RDPC schemes . Unfortunately, these schemes are either insecure or not efficient enough. To overcome these drawbacks, we refer to the idea of and introduce a private key for each tag generation in our RDPC scheme. Simultaneously, a new construction of ORT is presented for data dynamic which can improve the efficiency of the protocol greatly. Compared with the previous ones, our scheme has better performance in term of computation and communication. Our contributions are summarized as follows: We present a novel efficient dynamics. The basic scheme utilizes homomorphic hash function technique, in which the hash value of the sum for two blocks is equal to the product for two hash values of the corresponding blocks. We introduce a linear table called ORT to record data operations for supporting data dynamics such as block modification, block insertion and block deletion. To improve the efficiency for accessing ORT, we make use of doubly linked list and array to present an optimized implementation of ORT which reduces the cost to nearly constant level. We prove the presented scheme is secure against forgery attack, replay attack and replace attack based on a typical security model. At last we implement our scheme and make thorough comparison with previous schemes. Experiment results show that the new scheme has better performance and is practical for real applications.