Public verification of data integrity is crucial for promoting the serviceability of cloud storage systems. Recently, Tan and Jia (2014) proposed an identity-based public verification (NaEPASC) protocol for cloud ...Public verification of data integrity is crucial for promoting the serviceability of cloud storage systems. Recently, Tan and Jia (2014) proposed an identity-based public verification (NaEPASC) protocol for cloud data to simplify key management and alleviate the burden of check tasks. They claimed that NaEPASC enables a third- party auditor (TPA) to verify the integrity of outsourced data with high efficiency and security in a cloud computing environment. However, in this paper, we pinpoint that NaEPASC is vulnerable to the signature forgery attack in the setup phase; i.e., a malicious cloud server can forge a valid signature for an arbitrary data block by using two correct signatures. Moreover, we demonstrate that NaEPASC is subject to data privacy threats in the challenge phase; i.e., an external attacker acting as a TPA can reveal the content of outsourced data. The analysis shows that NaEPASC is not secure in the data verification process. Therefore, our work is helpful for cryptographers and engineers to design and implement more secure and efficient identitv-based nublic alldit^n~ .~cheme~ far clnne] ~tnr^q~展开更多
Storage auditing and client-side deduplication techniques have been proposed to assure data integrity and improve storage efficiency, respectively. Recently, a few schemes start to consider these two different aspects...Storage auditing and client-side deduplication techniques have been proposed to assure data integrity and improve storage efficiency, respectively. Recently, a few schemes start to consider these two different aspects together. However, these schemes either only support plaintext data file or have been proved insecure. In this paper, we propose a public auditing scheme for cloud storage systems, in which deduplication of encrypted data and data integrity checking can be achieved within the same framework. The cloud server can correctly check the ownership for new owners and the auditor can correctly check the integrity of deduplicated data. Our scheme supports deduplication of encrypted data by using the method of proxy re-encryption and also achieves deduplication of data tags by aggregating the tags from different owners. The analysis and experiment results show that our scheme is provably secure and efficient.展开更多
With the advancement of industrial internet of things(IIoT),wireless medical sensor networks(WMSNs)have been widely introduced in modern healthcare systems to collect real-time medical data from patients,which is know...With the advancement of industrial internet of things(IIoT),wireless medical sensor networks(WMSNs)have been widely introduced in modern healthcare systems to collect real-time medical data from patients,which is known as HealthIIoT.Considering the limited computing and storage capabilities of lightweight HealthIIoT devices,it is necessary to upload these data to remote cloud servers for storage and maintenance.However,there are still some serious security issues within outsourcing medical sensor data to the cloud.One of the most signifcant challenges is how to ensure the integrity of these data,which is a prerequisite for providing precise medical diagnosis and treatment.To meet this challenge,we propose a novel and efcient public auditing scheme,which is suitable for cloud-assisted HealthIIoT system.Specifcally,to address the contradiction between the high real-time requirement of medical sensor data and the limited computing power of HealthIIoT devices,a new online/ofine tag generation algorithm is designed to improve preprocessing efciency;to protect medical data privacy,a secure hash function is employed to blind the data proof.We formally prove the security of the presented scheme,and evaluate the performance through detailed experimental comparisons with the state-of-the-art ones.The results show that the presented scheme can greatly improve the efciency of tag generation,while achieving better auditing performance than previous schemes.展开更多
Currently,there is a growing trend among users to store their data in the cloud.However,the cloud is vulnerable to persistent data corruption risks arising from equipment failures and hacker attacks.Additionally,when ...Currently,there is a growing trend among users to store their data in the cloud.However,the cloud is vulnerable to persistent data corruption risks arising from equipment failures and hacker attacks.Additionally,when users perform file operations,the semantic integrity of the data can be compromised.Ensuring both data integrity and semantic correctness has become a critical issue that requires attention.We introduce a pioneering solution called Sec-Auditor,the first of its kind with the ability to verify data integrity and semantic correctness simultaneously,while maintaining a constant communication cost independent of the audited data volume.Sec-Auditor also supports public auditing,enabling anyone with access to public information to conduct data audits.This feature makes Sec-Auditor highly adaptable to open data environments,such as the cloud.In Sec-Auditor,users are assigned specific rules that are utilized to verify the accuracy of data semantic.Furthermore,users are given the flexibility to update their own rules as needed.We conduct in-depth analyses of the correctness and security of Sec-Auditor.We also compare several important security attributes with existing schemes,demonstrating the superior properties of Sec-Auditor.Evaluation results demonstrate that even for time-consuming file upload operations,our solution is more efficient than the comparison one.展开更多
Performance audit has become a mainstream-trend in the development of modern government audit currently.However,the launch of performance audit in China is unbalanced,which the performance audit with Chinese character...Performance audit has become a mainstream-trend in the development of modern government audit currently.However,the launch of performance audit in China is unbalanced,which the performance audit with Chinese characteristics develops quite fast,while the full sense of performance audit develops quite slowly.Except factors such as different recognition of performance audit,the main reason of this development imbalance is that development of performance audit is limited by the current audit system.Nevertheless,it is not hard to find some positive aspects existing in the development of performance audit in China,concluding developments and changes of the environment of performance audit in China over the recent years.展开更多
The user control over the life cycle of data is of an extreme importance in clouds in order to determine whether the service provider adheres to the client’s pre-specified needs in the contract between them or n...The user control over the life cycle of data is of an extreme importance in clouds in order to determine whether the service provider adheres to the client’s pre-specified needs in the contract between them or not, significant clients concerns raise on some aspects like social, location and the laws to which the data are subject to. The problem is even magnified more with the lack of transparency by Cloud Service Providers (CSPs). Auditing and compliance enforcement introduce different set of challenges in cloud computing that are not yet resolved. In this paper, a conducted questionnaire showed that the data owners have real concerns about not just the secrecy and integrity of their data in cloud environment, but also for spatial, temporal, and legal issues related to their data especially for sensitive or personal data. The questionnaire results show the importance for the data owners to address mainly three major issues: Their ability to continue the work, the secrecy and integrity of their data, and the spatial, legal, temporal constraints related to their data. Although a good volume of work was dedicated for auditing in the literature, only little work was dedicated to the fulfillment of the contractual obligations of the CSPs. The paper contributes to knowledge by proposing an extension to the auditing models to include the fulfillment of contractual obligations aspects beside the important aspects of secrecy and integrity of client’s data.展开更多
基金Project supported by the National Natural Science Foundation of China (Nos. 61472287, 61501333, 61572379, and 61772377), the Natural Science Foundation of Hubei Province, China (Nos. 2015CFA068 and 2017CFA007), the Wuhan Science and Tech- nology Plan Project (No. 2016060101010047), and the Deanship of Scientific Research at King Saud University, Saudi Arabia (No. PRG-1436-16)
文摘Public verification of data integrity is crucial for promoting the serviceability of cloud storage systems. Recently, Tan and Jia (2014) proposed an identity-based public verification (NaEPASC) protocol for cloud data to simplify key management and alleviate the burden of check tasks. They claimed that NaEPASC enables a third- party auditor (TPA) to verify the integrity of outsourced data with high efficiency and security in a cloud computing environment. However, in this paper, we pinpoint that NaEPASC is vulnerable to the signature forgery attack in the setup phase; i.e., a malicious cloud server can forge a valid signature for an arbitrary data block by using two correct signatures. Moreover, we demonstrate that NaEPASC is subject to data privacy threats in the challenge phase; i.e., an external attacker acting as a TPA can reveal the content of outsourced data. The analysis shows that NaEPASC is not secure in the data verification process. Therefore, our work is helpful for cryptographers and engineers to design and implement more secure and efficient identitv-based nublic alldit^n~ .~cheme~ far clnne] ~tnr^q~
基金Supported by the National Natural Science Foundation of China(61373040,61173137)the Ph.D.Programs Foundation of Ministry of Education of China(20120141110002)the Key Project of Natural Science Foundation of Hubei Province(2010CDA004)
文摘Storage auditing and client-side deduplication techniques have been proposed to assure data integrity and improve storage efficiency, respectively. Recently, a few schemes start to consider these two different aspects together. However, these schemes either only support plaintext data file or have been proved insecure. In this paper, we propose a public auditing scheme for cloud storage systems, in which deduplication of encrypted data and data integrity checking can be achieved within the same framework. The cloud server can correctly check the ownership for new owners and the auditor can correctly check the integrity of deduplicated data. Our scheme supports deduplication of encrypted data by using the method of proxy re-encryption and also achieves deduplication of data tags by aggregating the tags from different owners. The analysis and experiment results show that our scheme is provably secure and efficient.
基金supported in part by the National Natural Science Foundation of China(Grant No.U1405254)the Natural Science Foundation of Fujian Province of China(No.2018J01093)+1 种基金the Open Project Program of Wuhan National Laboratory for Optoelectronics(No.2018 WNLOKF009)the Scientifc Research Funds of Huaqiao University(No.605-50Y19028).
文摘With the advancement of industrial internet of things(IIoT),wireless medical sensor networks(WMSNs)have been widely introduced in modern healthcare systems to collect real-time medical data from patients,which is known as HealthIIoT.Considering the limited computing and storage capabilities of lightweight HealthIIoT devices,it is necessary to upload these data to remote cloud servers for storage and maintenance.However,there are still some serious security issues within outsourcing medical sensor data to the cloud.One of the most signifcant challenges is how to ensure the integrity of these data,which is a prerequisite for providing precise medical diagnosis and treatment.To meet this challenge,we propose a novel and efcient public auditing scheme,which is suitable for cloud-assisted HealthIIoT system.Specifcally,to address the contradiction between the high real-time requirement of medical sensor data and the limited computing power of HealthIIoT devices,a new online/ofine tag generation algorithm is designed to improve preprocessing efciency;to protect medical data privacy,a secure hash function is employed to blind the data proof.We formally prove the security of the presented scheme,and evaluate the performance through detailed experimental comparisons with the state-of-the-art ones.The results show that the presented scheme can greatly improve the efciency of tag generation,while achieving better auditing performance than previous schemes.
基金This research was supported by the Qinghai Provincial High-End Innovative and Entrepreneurial Talents Project.
文摘Currently,there is a growing trend among users to store their data in the cloud.However,the cloud is vulnerable to persistent data corruption risks arising from equipment failures and hacker attacks.Additionally,when users perform file operations,the semantic integrity of the data can be compromised.Ensuring both data integrity and semantic correctness has become a critical issue that requires attention.We introduce a pioneering solution called Sec-Auditor,the first of its kind with the ability to verify data integrity and semantic correctness simultaneously,while maintaining a constant communication cost independent of the audited data volume.Sec-Auditor also supports public auditing,enabling anyone with access to public information to conduct data audits.This feature makes Sec-Auditor highly adaptable to open data environments,such as the cloud.In Sec-Auditor,users are assigned specific rules that are utilized to verify the accuracy of data semantic.Furthermore,users are given the flexibility to update their own rules as needed.We conduct in-depth analyses of the correctness and security of Sec-Auditor.We also compare several important security attributes with existing schemes,demonstrating the superior properties of Sec-Auditor.Evaluation results demonstrate that even for time-consuming file upload operations,our solution is more efficient than the comparison one.
文摘Performance audit has become a mainstream-trend in the development of modern government audit currently.However,the launch of performance audit in China is unbalanced,which the performance audit with Chinese characteristics develops quite fast,while the full sense of performance audit develops quite slowly.Except factors such as different recognition of performance audit,the main reason of this development imbalance is that development of performance audit is limited by the current audit system.Nevertheless,it is not hard to find some positive aspects existing in the development of performance audit in China,concluding developments and changes of the environment of performance audit in China over the recent years.
文摘The user control over the life cycle of data is of an extreme importance in clouds in order to determine whether the service provider adheres to the client’s pre-specified needs in the contract between them or not, significant clients concerns raise on some aspects like social, location and the laws to which the data are subject to. The problem is even magnified more with the lack of transparency by Cloud Service Providers (CSPs). Auditing and compliance enforcement introduce different set of challenges in cloud computing that are not yet resolved. In this paper, a conducted questionnaire showed that the data owners have real concerns about not just the secrecy and integrity of their data in cloud environment, but also for spatial, temporal, and legal issues related to their data especially for sensitive or personal data. The questionnaire results show the importance for the data owners to address mainly three major issues: Their ability to continue the work, the secrecy and integrity of their data, and the spatial, legal, temporal constraints related to their data. Although a good volume of work was dedicated for auditing in the literature, only little work was dedicated to the fulfillment of the contractual obligations of the CSPs. The paper contributes to knowledge by proposing an extension to the auditing models to include the fulfillment of contractual obligations aspects beside the important aspects of secrecy and integrity of client’s data.
