A Cloud-User Watermarking Protocol Protecting the Right to Be Forgotten for the Outsourced Plain Images

A Cloud-User Watermarking Protocol Protecting the Right to Be Forgotten for the Outsourced Plain Images

Xiaojuan Dong, Weiming Zhang, Xianjun Hu, Keyang Liu
Copyright: © 2018 |Pages: 22
DOI: 10.4018/IJDCF.2018100109
(Individual Articles)
No Current Special Offers


This article describes how cloud storage dramatically benefits people in freeing up their local storage space, while bringing the separation of the data ownership and private manipulation. Hence, it is difficult for the cloud user to make sure that the cloud storage provider (CSP) has obeyed the request of deletion to remove all corresponding data. To solve the issue technically, this article proposes an interactive cloud-user watermarking protocol (CUW) based on the homomorphic encryption. To meet security requirements, the encrypted watermark is embedded into encrypted data. Moreover, to enjoy the convenient cloud services, the uploaded data is eventually stored in the cloud server in the form of plain text. The performance of the CUW protocol is evaluated through a prototype implementation.
Article Preview

1. Introduction

With the rapid growth of data scale, the demand for storage space is likewise increasingly growing. In this trend, cloud storage service has been recently presented as a service. This kind of service provides people with a lot of cheap and unlimited storage space. For example, Amazon Web Services and Google Cloud Storage offer cloud storage solutions to customers around the world, reducing the need of local devices’ storage space. Despite the tremendous benefits, the cloud user’s data, held in remote cloud storage, are absolutely beyond the user’s control. It is necessary to guarantee the assured deletion (Ramokapane, Rashid, & Such, 2016) for cloud users. The undeleted data may unexpectedly appear later, and thus exposes the user’s private information. The challenge of realizing assured deletion is that we have to trust in the CSP, who will completely delete data according to contract. It is a typical and practical trend among CSPs to store multiple backups of data over different online or offline servers for fault tolerance. One specific case is a fact that after receiving the request of deletion, CSPs may not actually remove all backup copies even though they have deleted the data in the current cloud server. Therefore, it is difficult to confirm that data have been forgotten by CSPs. How to completely remove data and maintain cloud users’ right to be forgotten has become an urgent problem.

Great importance has been attached to the right to be forgotten by many organizations. They introduced a series of security policies and laws. As early as 1995, the EU passed the 1995 Data Protection Directive, under which the data controller is required to remove the personal data of an individual upon request (Europea, 1995). This is the genesis of the right to be forgotten, which means that any organization is obligated to remove a customer’s personal data upon request. On May 13, 2014, the European Court of Justice compelled Google to remove links to a 1998 newspaper article about a Spanish man’s bankruptcy (Kropf, 2014), upholding the right to be forgotten on the Internet. Cybersecurity Law of the People’s Republic of China has come into effect since June 1, 2017, which states that: Network operators collecting and using personal information shall abide by the principles of legality, propriety and necessity and obtain the consent of the person whose data is gathered. In reality, these rules are included in the service contracts, cloud users still have to trust heavily in CSPs without any technical guarantee.

For assured deletion, a typical prior work in this area focuses on encryption technology (Perlman, 2005; Tang, Lee, Lui, & Perlman, 2012; Priebe, Muthukumaran, O’Keeffe, Eyers, Shand, Kapitza, & Pietzuch, 2014). According to (Tang, Lee, Lui, & Perlman, 2012), assured deletion makes the outsourced data permanently inaccessible to anyone upon the request of data deletion. In (Tang, Lee, Lui, & Perlman, 2012), a data owner first encrypts data and then sends the encrypted data to cloud servers managed by a CSP. Relevant encryption keys are preserved by the owner or managed by a third party. Finally, the deletion operation is artfully achieved by destroying encryption keys. As a result, the data can no longer be decrypted, not to mention being accessible. This kind of data encryption scheme gives cloud users some control over the removal of their data.

However, ciphertext computing services are very complex and impractical. By outsourcing plain data to cloud servers, users can fully enjoy fast cloud computing services, such as using an image to search other similar images, editing images in large-scale image libraries and so on. Therefore, we advocate uploading plain data to cloud servers. Unfortunately, there is no specific assured deletion scheme of plain data stored in cloud.

Complete Article List

Search this Journal:
Volume 16: 1 Issue (2024)
Volume 15: 1 Issue (2023)
Volume 14: 3 Issues (2022)
Volume 13: 6 Issues (2021)
Volume 12: 4 Issues (2020)
Volume 11: 4 Issues (2019)
Volume 10: 4 Issues (2018)
Volume 9: 4 Issues (2017)
Volume 8: 4 Issues (2016)
Volume 7: 4 Issues (2015)
Volume 6: 4 Issues (2014)
Volume 5: 4 Issues (2013)
Volume 4: 4 Issues (2012)
Volume 3: 4 Issues (2011)
Volume 2: 4 Issues (2010)
Volume 1: 4 Issues (2009)
View Complete Journal Contents Listing