TY - GEN
T1 - A Secure and Decentralized Auditing Scheme for Cloud Ensuring Data Integrity and Fairness in Auditing
AU - Islam, Tariqul
AU - Hasan, Kamrul
AU - Singh, Saheb
AU - Park, Joon S.
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - With the advent of cloud storage services many users tend to store their data in the cloud to save storage cost. However, this has lead to many security concerns, and one of the most important ones is ensuring data integrity. Public verification schemes are able to employ a third party auditor to perform data auditing on behalf of the user. But most public verification schemes are vulnerable to procrastinating auditors who may not perform auditing on time. These schemes do not have fair arbitration also, i.e. they lack a way to punish the malicious Cloud Service Provider (CSP) and compensate user whose data has been corrupted. On the other hand, CSP might be storing redundant data that could increase the storage cost for the CSP and computational cost of data auditing for the user. In this paper, we propose a Blockchain-based public auditing and deduplication scheme with a fair arbitration system against procrastinating auditors. The key idea requires auditors to record each verification using smart contract and store the result into a Blockchain as a transaction. Our scheme can detect and punish the procrastinating auditors and compensate users in the case of any data loss. Additionally, our scheme can detect and delete duplicate data that improve storage utilization and reduce the computational cost of data verification. Experimental evaluation demonstrates that our scheme is provably secure and does not incur overhead compared to the existing public auditing techniques while offering an additional feature of verifying the auditor's performance.
AB - With the advent of cloud storage services many users tend to store their data in the cloud to save storage cost. However, this has lead to many security concerns, and one of the most important ones is ensuring data integrity. Public verification schemes are able to employ a third party auditor to perform data auditing on behalf of the user. But most public verification schemes are vulnerable to procrastinating auditors who may not perform auditing on time. These schemes do not have fair arbitration also, i.e. they lack a way to punish the malicious Cloud Service Provider (CSP) and compensate user whose data has been corrupted. On the other hand, CSP might be storing redundant data that could increase the storage cost for the CSP and computational cost of data auditing for the user. In this paper, we propose a Blockchain-based public auditing and deduplication scheme with a fair arbitration system against procrastinating auditors. The key idea requires auditors to record each verification using smart contract and store the result into a Blockchain as a transaction. Our scheme can detect and punish the procrastinating auditors and compensate users in the case of any data loss. Additionally, our scheme can detect and delete duplicate data that improve storage utilization and reduce the computational cost of data verification. Experimental evaluation demonstrates that our scheme is provably secure and does not incur overhead compared to the existing public auditing techniques while offering an additional feature of verifying the auditor's performance.
KW - Blockchain
KW - Confidentiality
KW - Convergent Encryption
KW - Deduplication
KW - Procrastinating Auditor
KW - Public Data Auditing
UR - http://www.scopus.com/inward/record.url?scp=85137037926&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85137037926&partnerID=8YFLogxK
U2 - 10.1109/CSCloud-EdgeCom54986.2022.00022
DO - 10.1109/CSCloud-EdgeCom54986.2022.00022
M3 - Conference contribution
AN - SCOPUS:85137037926
T3 - Proceedings - 2022 IEEE 9th International Conference on Cyber Security and Cloud Computing and 2022 IEEE 8th International Conference on Edge Computing and Scalable Cloud, CSCloud-EdgeCom 2022
SP - 74
EP - 79
BT - Proceedings - 2022 IEEE 9th International Conference on Cyber Security and Cloud Computing and 2022 IEEE 8th International Conference on Edge Computing and Scalable Cloud, CSCloud-EdgeCom 2022
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 9th IEEE International Conference on Cyber Security and Cloud Computing and 8th IEEE International Conference on Edge Computing and Scalable Cloud, CSCloud-EdgeCom 2022
Y2 - 25 June 2022 through 27 June 2022
ER -