Biblio

We introduce POROS that is a new solution for proof of data reliability. In addition to the integrity of the data outsourced to a cloud storage system, proof of data reliability assures the customers that the cloud storage provider (CSP) has provisioned sufficient amounts of redundant information along with original data segments to be able to guarantee the maintenance of the data in the face of corruption. In spite of meeting a basic service requirement, the placement of the data repair capability at the CSP raises a challenging issue with respect to the design of a proof of data reliability scheme. Existing schemes like Proof of Data Possession (PDP) and Proof of Retrievability (PoR) fall short of providing proof of data reliability to customers, since those schemes are not designed to audit the redundancy mechanisms of the CSP. Thus, in addition to verifying the possession of the original data segments, a proof of data reliability scheme must also assure that sufficient redundancy information is kept at storage. Thanks to some combination of PDP with time constrained operations, POROS guarantees that a rationale CSP would not compute redundancy information on demand upon proof of data reliability requests but instead would store it at rest. As a result of bestowing the CSP with the repair function, POROS allows for the automatic maintenance of data by the storage provider without any interaction with the customers.

Cloud storage can provide outsourcing data services for both organizations and individuals. However, cloud storage still faces many challenges, e.g., public integrity auditing, the support of dynamic data, and low computational audit cost. To solve the problems, a number of techniques have been proposed. Recently, Tian et al. proposed a novel public auditing scheme for secure cloud storage based on a new data structure DHT. The authors claimed that their scheme was proven to be secure. Unfortunately, through our security analysis, we find that the scheme suffers from one attack and one security shortage. The attack is that an adversary can forge the data to destroy the correctness of files without being detected. The shortage of the scheme is that the updating operations for data blocks is vulnerable and easy to be modified. Finally, we give our countermeasures to remedy the security problems.

Internet-based online cloud services provide enormous volumes of storage space, tailor made computing resources and eradicates the obligation of native machines for data maintenance as well. Cloud storage service providers claim to offer the ability of secure and elastic data-storage services that can adapt to various storage necessities. Most of the security tools have a finite rate of failure, and intrusion comes with more complex and sophisticated techniques; the security failure rates are skyrocketing. Once we upload our data into the cloud, we lose control of our data, which certainly brings new security risks toward integrity and confidentiality of our data. In this paper, we discuss a secure file sharing mechanism for the cloud with the disintegration protocol (DIP). The paper also introduces new contribution of seamless file sharing technique among different clouds without sharing an encryption key.

Proxy Re-Encryption (PRE) is a favorable primitive to realize a cryptographic cloud with secure and flexible data sharing mechanism. A number of PRE schemes with versatile capabilities have been proposed for different applications. The secure data sharing can be internally achieved in each PRE scheme. But no previous work can guarantee the secure data sharing among different PRE schemes in a general manner. Moreover, it is challenging to solve this problem due to huge differences among the existing PRE schemes in their algebraic systems and public-key types. To solve this problem more generally, this paper uniforms the definitions of the existing PRE and Public Key Encryption (PKE) schemes, and further uniforms their security definitions. Then taking any uniformly defined PRE scheme and any uniformly defined PKE scheme as two building blocks, this paper constructs a Generally Hybrid Proxy Re-Encryption (GHPRE) scheme with the idea of temporary public and private keys to achieve secure data sharing between these two underlying schemes. Since PKE is a more general definition than PRE, the proposed GHPRE scheme also is workable between any two PRE schemes. Moreover, the proposed GHPRE scheme can be transparently deployed even if the underlying PRE schemes are implementing.