A Publicly Verifiable Dynamic Secret Sharing Protocol for Secure and Dependable Data Storage in Cloud Computing

A Publicly Verifiable Dynamic Secret Sharing Protocol for Secure and Dependable Data Storage in Cloud Computing

P. Syam Kumar (Pondicherry University, India), Marie Stanislas Ashok (Pondicherry University, India) and R. Subramanian (Pondicherry University, India)
Copyright: © 2012 |Pages: 25
DOI: 10.4018/ijcac.2012070101


Data storage is an important application of cloud computing, where the users can remotely store their data into the cloud. This new paradigm of data storage service also introduces security challenges, such as Confidentiality, Integrity and Availability of data. The protection of these issues in cloud is a very challenging and potentially formidable task, especially for the users with constrained resources. Therefore, an independent auditing service is required to address these issues of data stored in the cloud. The existing schemes may not scale well for this purpose. This paper proposes a publicly verifiable dynamic secret sharing scheme for the Availability, Integrity and Confidentiality of data. Their scheme takes advantages of both Secret Sharing and Tornado code which can achieve the computational security and maintain low communication overhead in terms of shortened data dispersing size. The authors’ model gives probabilistic proofs of Integrity of data by challenging random blocks from the server to reduce the computation and communication overhead, and also supports dynamic data operations to data shares in cloud using index table. Through extensive security analysis, their scheme can provide secure, dependable, and publicly verifiable cloud data storage in the Cloud against threats. Through the performance and experimental results, the authors prove that their scheme is efficient than existing schemes.
Article Preview

1. Introduction

Cloud Computing is a promising computing model that enables convenient and on-demand network access to a shared pool of computing resources. Cloud computing offers a group of services including Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) (Buyya, 2009). Cloud data Storage is a one of the important service of cloud computing which allows the users to move their data from local computing systems to the cloud. More and more the users start choosing to host their data in the cloud. Because of cost effectiveness which is particularly true for small and medium-sized businesses. By moving their data to the Cloud, they can avoid the initial investment of expensive infrastructure setup, large equipments, and daily maintenance cost. They only need to pay the space they actually use, e.g., cost-per-gigabyte-stored model. Another reason is that the users can rely on the cloud to provide more reliable services, so that they can access the data from anywhere and at any time. Individuals or small-sized companies (Kan et al., 2011) usually do not have the resources to keep their servers as reliable as the Cloud does. Amazon Elastic Compute Cloud (EC2) (Amazon, 2008) and Apple Icloud (Apple Icloud, 2010) are well known examples for cloud storage. This new paradigm of data storage service also introduces security challenges related to the Confidentiality, Integrity and Availability of the data (Mather et al., 2009).

The security of data stored in the cloud is a paramount importance for their functionality. The security issues to cloud storage service are due to the following reasons (Takabi, 2010): 1) the cloud servers are exposed to untrusted environment, data may be lost due to failures of the servers. 2) The data may be stolen or modified by the unauthorized users or malicious insiders. 3) Sometimes, the cloud service provider intentionally hide data loss incidents or reclaim the storage by discarding data that has not been accessed or rarely accessed for his own benefits. 4) Although cloud infrastructures are more powerful and reliable than local devices they are subjected to the wide range of internal and external attacks. Some of the recent data loss incidents are the sidekick cloud disaster in 2009 and the breakdown of Amazon’s Elastic Computing Cloud (EC2) in 2010 are given in Cellan (2009) and Miller (2010) respectively. Hence, the efficient and effective methods are needed to ensure the Confidentiality, Integrity, and Availability of outsourced data in the cloud.

To achieve the Availability of remote data, the replication mechanisms are frequently used (Matossian, 2003). But this kind of solution has the obvious drawback of requiring a large amount of space and communication. Rabin (1989) has addressed this problem by using Information Dispersal Algorithm (IDA) but its encoding time is slow for the large files. Next, to protect the Confidentiality of data, the user encrypts the data before outsourcing. However, it is increases the responsibility of protecting the data to protect the encryption keys and brings non-trivial key management problems (Barsoum et al., 2010; Hao et al., 2010; Syam et al., 2011b). In order to protect encryption keys, the user needs to encrypt the keys again, which change the problem rather than solve it.

Complete Article List

Search this Journal:
Open Access Articles: Forthcoming
Volume 9: 4 Issues (2019): Forthcoming, Available for Pre-Order
Volume 8: 4 Issues (2018): 2 Released, 2 Forthcoming
Volume 7: 4 Issues (2017)
Volume 6: 4 Issues (2016)
Volume 5: 4 Issues (2015)
Volume 4: 4 Issues (2014)
Volume 3: 4 Issues (2013)
Volume 2: 4 Issues (2012)
Volume 1: 4 Issues (2011)
View Complete Journal Contents Listing