Cloud computing is an effective and emerging technology for storing huge amounts of data. Most of the organizations and people are using cloud for storing various types of data. The critical challenge is to maintain the stored data without any redundancies due to billing nature of cloud. Deduplication is a popular technique used to remove duplicate copies from cloud. Existing deduplication techniques using convergent encryption does not support for authorized duplicate check. Authorized duplicate check is essential to protect the sensitivity and integrity of data that is stored. In this paper, the client-side authorized deduplication is implemented using hybrid cloud where the duplicate check is performed at client-side which improves data security and reduce network bandwidth. In this work, duplicate check for a file is performed by a token generated by private cloud based on privilege of user issued during system initialization and file content. Each file uploaded to the cloud is also bounded by a token to specify which kind of users is allowed to perform the duplicate check and access the files. The user is able to find a duplicate for this file if and only if there is a copy of this file and a matched privilege. To prevent unauthorized access, a secure proof of ownership (PoW) protocol is also implemented to provide the proof that the user indeed owns the same file instead of small information of file when a duplicate is found. It makes overhead to minimal compared to the normal convergent encryption and file upload operations.

Deduplication,AuthorizedDuplicateCheck,Confidentiality,ConvergentProtocol,HybridCloud,PoW

[1] Jin Li, Yan Kit Li, Xiaofeng Chen, Patrick P. C. Lee, Wenjing Lou” A Hybrid Cloud Approach for Secure Authorized De-duplication” in vol: pp no-99, IEEE, 2014.
[2] S. Quinlan and S. Dorward, “Venti: A new approach to archival storage,” in Proc. 1st USENIX Conf. File Storage Technol., Jan. 2002, p. 7.
[3] J. R. Douceur, A. Adya, W. J. Bolosky, D. Simon, and M. Theimer, “Reclaiming space from duplicate files in a serverless distributed file system,” in Proc. Int. Conf. Distrib. Comput. Syst., 2002, pp. 617–624.
[4] S. Halevi, D. Harnik, B. Pinkas, and A. Shulman-Peleg, “Proofs of ownership in remote storage systems,” in Proc. ACM Conf. Comput. Commun. Security, 2011, pp. 491–500
[5] D. Ferraiolo and R. Kuhn, “Role-based access controls,” in Proc. 15th NIST-NCSC Nat. Comput. Security Conf., 1992, pp. 554–563.
[6] R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman, “Role-based access control models,” IEEE Comput., vol. 29, no. 2, pp. 38–47, Feb. 1996.
[7] A. Shamir, How to Share a Secret, Communications of the ACM, vol. 22, no 11, pp. 612-613, 1979.
[8] M.W. Storer, K. Greenan, D.D.E. Long, and E.L. Miller, “Secure Data De-duplication”, Proceedings of the 4th ACM international workshop on Storage security and survivability, pp1-10, 2008
[9] M. Bellare, S. Keelveedhi, and T. Ristenpart, “Message-locked encryption and secure deduplication,” in Proc. 32nd Annu. Int. Conf. Theory Appl. Cryptographic Techn., 2013, pp. 296–312.
[10] W.K. Ng, Y. Wen, and H. Zhu, Private Data De-duplication Protocols in Cloud Storage, Proceedings of the 27th Annual ACM Symposium on Applied Computing,S. Ossowski and P. Lecca, Eds.,pp. 441-446, 2012.
[11] R.D. Pietro and A. Sorniotti, Boosting Efficiency and Security in Proof of Ownership for De-duplication,in Proceedings of ACM Symposium on Information, Computer and Communication Security, H.Y. Youm and Y. Won, Eds., pp. 81-82, 2012.
[12] S. Kamara and K. Lauter, Cryptographic Cloud Storage, in Proceedings of Financial Cryptography: Workshop on Real-Life Cryptograph. Protocols Standardization, pp.136-149, 2010
[13] D.T. Meyer and W.J. Bolosky, A Study of Practical De-duplication, in Proceedings of 9th USENIX Conference on File and Storage Technologies, pp. 1-13, 2011.
[14] M. Bellare, S. Keelveedhi, and T. Ristenpart, “Dupless: Serveraided encryption for deduplicated storage,” in Proc. 22nd USENIX Conf. Sec. Symp., 2013, pp. 179–194.
[15] J. Li, X. Chen, M. Li, J. Li, P. Lee, and W. Lou, “Secure deduplication with efficient and reliable convergent key management,” in Proc. IEEE Trans. Parallel Distrib. Syst., http://doi.ieeecomputersociety.org/10.1109/TPDS.2013.284, 2013.
[16] C. Ng and P. Lee, “Revdedup: A reverse deduplication storage system optimized for reads to latest backups,” in Proc. 4th AsiaPacific Workshop Syst., http://doi.acm.org/10.1145/2500727. 2500731, Apr. 2013.
[17] V.P.Muthukumar and R.Saranya, "A Survey on Security Threats and Attacks in Cloud Computing", International Journal of Computer Sciences and Engineering, Page No : 120-125, Volume-02 , Issue-11, E-ISSN: 2347-2693, Nov - 2014
[18] J. Stanek, A. Sorniotti, E. Androulaki, and L. Kencl, “A secure data deduplication scheme for cloud storage,” Tech. Rep. IBM Research, Zurich, ZUR 1308-022, 2013.
[19] M. Bellare, C. Namprempre, and G. Neven, “Security proofs for identity-based identification and signature schemes,” J. Cryptol., vol. 22, no. 1, pp. 1–61, 2009.