Cloud services provide great conveniences for the users to enjoy the on-demand cloud applications without considering the local infrastructure limitations. During the data accessing, different users may be in a collaborative relationship, and thus data sharing becomes significant to achieve productive benefits. The existing security solutions mainly focus on the authentication to realize that a user’s privative data cannot be unauthorized accessed, but neglect a subtle privacy issue during a user challenging the cloud server to request other users for data sharing. The challenged access request itself may reveal the user’s privacy no matter whether or not it can obtain the data access permissions. Several schemes employing attribute-based encryption (ABE) have been proposed for access control of outsourced data in cloud computing. Thus, enabling public auditability for cloud data storage security is of critical importance so that users can resort to an external audit party to check the integrity of outsourced data when needed. To securely introduce an effective third party auditor (TPA), the following two fundamental requirements have to be met: 1) TPA should be able to efficiently audit the cloud data storage without demanding the local copy of data, and introduce no additional on-line burden to the cloud user; 2) The third party auditing process should bring in no new vulnerabilities towards user data privacy. In this paper, we utilize the public key based homomorphic authenticator and uniquely integrate it with random mask technique to achieve a privacy-preserving public auditing system for cloud data storage security while keeping all above requirements in mind. To support efficient handling of multiple auditing tasks, we further explore the technique of bilinear aggregate signature to extend our main result into a multi-user setting, where TPA can perform multiple auditing tasks simultaneously. Extensive security and performance analysis shows the proposed schemes are provably secure and highly efficient.

Cloud Computing, Authentication Protocol, Privacy Preservation, Shared Authority, Universal Composability

[1]. Mishra, R. Jain, and A. Durresi, “Cloud Computing: Networking and Communication Challenges,” IEEE Communications Magazine, vol. 50, no. 9, pp, 24-25, 2012.
[2]. R. Moreno-Vozmediano, R. S. Montero, and I. M. Llorente,“Key Challenges in Cloud Computing to Enable the FutureInternet of Services,” IEEE Internet Computing,[online] ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6203493, 2012.
[3]. K. Hwang and D. Li, “Trusted Cloud Computing with Secure Resources and Data Coloring,” IEEE Internet Computing, vol. 14,no. 5, pp. 14-22, 2010.
[4]. J. Chen, Y. Wang, and X. Wang, “On-Demand Security Architecture for Cloud Computing,” Computer, vol. 45, no. 7, pp. 73-78,2012.
[5]. Y. Zhu, H. Hu, G. Ahn, and M. Yu, “Cooperative Provable Data Possession for Integrity Verification in Multi-cloud Storage,” IEEE Transactions on Parallel and Distributed Systems, vol. 23, no, 12, pp.2231-2244, 2012.
[6]. H. Wang, “Proxy Provable Data Possession in Public Clouds,”IEEE Transactions on Services Computing, [online] ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6357181, 2012.
[7]. K. Yang and X. Jia, “An Efficient and Secure Dynamic AuditingProtocol for Data Storage in Cloud Computing,” IEEE Transactions on Parallel and Distributed Systems, [online] ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6311398, 2012.
[8]. Q. Wang, C. Wang, K. Ren, W. Lou, and J. Li, “Enabling Public Auditability and Data Dynamics for Storage Security in CloudComputing,” IEEE Transactions on Parallel and Distributed Systems,vol. 22, no. 5, pp. 847-859, 2011.
[9]. C. Wang, K. Ren, W. Lou, J, Lou,“Toward Publicly Auditable Secure Cloud Data Storage Services,” IEEE Network, vol. 24, no.4, pp. 19-24, 2010.
[10]. L. A. Dunning and R. Kresman, “Privacy Preserving Data Sharing With Anonymous ID Assignment,” IEEE Transactions on Information Forensics and Security, vol. 8, no. 2, pp. 402-413, 2013.
[11]. X. Liu, Y. Zhang, B. Wang, and J. Yan, “Mona: Secure MultiOwner Data Sharing for Dynamic Groups in the Cloud,” IEEE Transactions on Parallel and Distributed Systems, [online] ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6374615, 2012.
[12]. S. Grzonkowski and P. M. Corcoran, “Sharing Cloud Services:User Authentication for Social Enhancement of Home Networking,”IEEE Transactions on Consumer Electronics, vol. 57, no. 3, pp.1424-1432, 2011.
[13]. Y. Xiao, C. Lin, Y. Jiang, X. Chu, and F. Liu, “An Efficient Privacy-Preserving Publish-Subscribe Service Scheme for Cloud Computing,” in Proceedings of Global Telecommunications Conference (GLOBECOM 2010), December 6-10, 2010.
[14]. H. Y. Lin and W. G. Tzeng, “A Secure Erasure Code-Based Cloud Storage System with Secure Data Forwarding,” IEEE Transactions on Parallel and Distributed Systems, vol. 23, no. 6, pp. 995-1003,2012.
[15]. J. Yu, P. Lu, G. Xue, and M. Li, “Towards Secure Multi-Keyword Top-k Retrieval over Encrypted Cloud Data,” IEEETransactions on Dependable and Secure Computing, [online] ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6425381, 2013.
[16]. K. W. Park, J. Han, J. W. Chung, and K. H. Park, “THEMIS: AMutually Verifiable Billing System for the Cloud Computing Environment,”IEEE Transactions on Services Computing, [online] ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6133267, 2012.
[17]. R. Canetti, “Universally Composable Security: A New Paradigmfor Cryptographic Protocols,” in Proceedings of the 42nd AnnualSymposium on Foundations of Computer Science (FOCS 2001), pp.136-145, October 14-17, 2001.