Along with the development of cloud computing more and more applications are moved to the cloud. With cloud storage services, users can remotely store their data to the cloud and realize the data sharing with others on the condition that the sensitive information is hidden in order to guarantee the integrity and confidentiality of the data stored in the cloud. Remote data integrity auditing is proposed to guarantee the integrity of the data stored in the cloud. In some common cloud storage systems such as the electronic health records system, the cloud file might contain some sensitive information. The sensitive information should not be exposed to others when the cloud file is shared. Encrypting the whole shared file can realize the sensitive information hiding but will make this shared file unable to be used by others. How to realize data sharing with sensitive information hiding in remote data integrity auditing scheme with time seal management still has not been explored In order to address this problem, we propose a remote data integrity auditing scheme with appropriate time management thereby providing limited access that realizes data sharing with sensitive information hiding in this paper. In this scheme, a sanitizer is used to sanitize the data blocks corresponding to the sensitive information of the file and transforms these data blocks’ signatures into valid ones for the sanitized file. These signatures are used to verify the integrity of the sanitized file in the phase of integrity auditing. As a result, our scheme makes the file stored in the cloud able to be shared and used by others on the condition that the sensitive information is hidden, while the remote data integrity auditing is still able to be execute efficiently. Meanwhile, the proposed scheme is based on Identity-based cryptography, which simplifies the complicated certificate management and also solves key exposure problem. The security analysis and the performance evaluation show that the proposed scheme is secure and efficient.

Cloud storage, key management, Remote data Integrity, Confidentiality, Sensitive Information Hiding

[1] J. Yu, R. Hao, H. Xia, H. Zhang, X. Cheng, and F. Kong, “Intrusionresilient identity-based signatures: Concrete scheme in the standard model and generic construction,” Inf. Sci., vols. 442–443, pp. 158–172, May 2018.
[2] W. Shen, G. Yang, J. Yu, H. Zhang, F. Kong, and R. Hao, “Remote data possession checking with privacy-preserving authenticators for cloud storage,” Future Gener. Comput. Syst., vol. 76, pp. 136–145, Nov. 2017.
[3] Y. Yu et al., “Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage,” IEEE Trans. Inf. Forensics Security, vol. 12, no. 4, pp. 767–778, Apr. 2017.
[4] J. Yu and H. Wang, “Strong key-exposure resilient auditing for secure cloud storage,” IEEE Trans. Inf. Forensics Security, vol. 12, no. 8, pp. 1931–1940, Aug. 2017.
[5] W. Shen, J. Yu, H. Xia, H. Zhang, X. Lu, and R. Hao, “Light-weight and privacy-preserving secure cloud auditing scheme for group users via the third party medium,” J. Netw. Comput. Appl., vol. 82, pp. 56–64, Mar. 2017.
[6] J. Hur, D. Koo, Y. Shin, and K. Kang, “Secure data deduplication with dynamic ownership management in cloud storage,” IEEE Trans. Knowl. Data Eng., vol. 28, no. 11, pp. 3113–3125, Nov. 2016.
[7] J. Li, J. Li, D. Xie, and Z. Cai, “Secure auditing and deduplicating data in cloud,” IEEE Trans. Comput., vol. 65, no. 8, pp. 2386–2396, Aug. 2016.
[8] H. Wang, D. He, and S. Tang, “Identity-based proxy-oriented data uploading and remote data integrity checking in public cloud,” IEEE Trans. Inf. Forensics Security, vol. 11, no. 6, pp. 1165–1176, Jun. 2016.
[9] G. Yang, J. Yu, W. Shen, Q. Su, Z. Fu, and R. Hao, “Enabling public auditing for shared data in cloud storage supporting identity privacy and traceability,” J. Syst. Softw., vol. 113, pp. 130–139, Mar. 2016.
[10] J. Yu, K. Ren, and C. Wang, “Enabling cloud storage auditing with verifiable outsourcing of key updates,” IEEE Trans. Inf. Forensics Security, vol. 11, no. 6, pp. 1362–1375, Jun. 2016.
[11] Z. Fu, X. Wu, C. Guan, X. Sun, and K. Ren, “Toward efficient multikeyword fuzzy search over encrypted outsourced data with accuracy improvement,” IEEE Trans. Inf. Forensics Security, vol. 11, no. 12, pp. 2706–2716, Dec. 2016.
[12] Q. Jiang, M. K. Khan, X. Lu, J. Ma, and D. He, “A privacy preserving three-factor authentication protocol for e-health clouds,” J. Supercomput., vol. 72, no. 10, pp. 3826–3849, 2016.
[13] Z. Xia, X. Wang, X. Sun, and Q. Wang, “A secure and dynamic multikeyword ranked search scheme over encrypted cloud data,” IEEE Trans. Parallel Distrib. Syst., vol. 27, no. 2, pp. 340–352, Feb. 2016.
[14] Z. Fu, X. Sun, Q. Liu, L. Zhou, and J. Shu, “Achieving efficient cloud search services: Multi-keyword ranked search over encrypted cloud data supporting parallel computing,” IEICE Trans. Commun., vol. 98, no. 1, pp. 190–200, 2015.
[15] J. Shen, H. Tan, S. Moh, I. Chung, Q. Liu, and X. Sun, “Enhanced secure sensor association and key management in wireless body area networks,” J. Commun. Netw., vol. 17, no. 5, pp. 453–462, 2015.
[16] C. Guan, K. Ren, F. Zhang, F. Kerschbaum, and J. Yu, “Symmetrickey based proofs of retrievability supporting public verification,” in Computer Security—ESORICS. Cham, Switzerland: Springer, 2015, pp. 203–223.
[17] J. Yu, K. Ren, C. Wang, and V. Varadharajan, “Enabling cloud storage auditing with key-exposure resistance,” IEEE Trans. Inf. Forensics Security, vol. 10, no. 6, pp. 1167–1179, Jun. 2015.
[18] B. Wang, B. Li, and H. Li, “Panda: Public auditing for shared data with efficient user revocation in the cloud,” IEEE Trans. Serv. Comput., vol. 8, no. 1, pp. 92–106, Jan./Feb. 2015.
[19] Y. Luo, M. Xu, S. Fu, D. Wang, and J. Deng, “Efficient integrity auditing for shared data in the cloud with secure user revocation,” in Proc. IEEE Trustcom/BigDataSE/ISPA, Aug. 2015, pp. 434–442.
[20] H. Wang, “Identity-based distributed provable data possession in multicloud storage,” IEEE Trans. Serv. Comput., vol. 8, no. 2, pp. 328–340, Mar./Apr. 2015.
[21] S. G. Worku, C. Xu, J. Zhao, and X. He, “Secure and efficient privacypreserving public auditing scheme for cloud storage,” Comput. Electr. Eng., vol. 40, no. 5, pp. 1703–1713, 2014.
[22] D. A. B. Fernandes, L. F. B. Soares, J. V. Gomes, M. M. Freire, and P. R. M. Inácio, “Security issues in cloud environments: A survey,” Int. J. Inf. Secur., vol. 13, no. 2, pp. 113–170, Apr. 2014.
[23] L. F. B. Soares, D. A. B. Fernandes, J. V. Gomes, M. M. Freire, and P. R. M. Inácio, Cloud Security: State of the Art. Berlin, Germany: Springer, 2014.
[24] H. Shacham and B. Waters, “Compact proofs of retrievability,” J. Cryptol., vol. 26, no. 3, pp. 442–483, Jul. 2013.
[25] C. Wang, S. S. M. Chow, Q. Wang, K. Ren, and W. Lou, “Privacypreserving public auditing for secure cloud storage,” IEEE Trans. Comput., vol. 62, no. 2, pp. 362–375, Feb. 2013
[26] M. Green, “The threat in the cloud,” IEEE Security Privacy, vol. 11, no. 1, pp. 86–89, Jan./Feb. 2013.
[27] K. Yang and X. Jia, “Data storage auditing service in cloud computing: Challenges, methods and opportunities,” World Wide Web, vol. 15, no. 4, pp. 409–428, 2012.
[28] B. Wang, B. Li, and H. Li, “Oruta: Privacy-preserving public auditing for shared data in the cloud,” in Proc. IEEE 5th Int. Conf. Cloud Comput. (CLOUD), Jun. 2012, pp. 295–302.
[29] P. Mell and T. Grance, “The NIST definition of cloud computing,” Nat. Inst. Standards Technol., vol. 53, no. 6, p. 50, 2011.
[30] Q. Wang, C. Wang, K. Ren, W. Lou, and J. Li, “Enabling public auditability and data dynamics for storage security in cloud computing,” IEEE Trans. Parallel Distrib. Syst., vol. 22, no. 5, pp. 847–859, May 2011.
[31] R. Buyya, C. S. Yeo, S. Venugopal, J. Broberg, and I. Brandic, “Cloud computing and emerging IT platforms: Vision, hype,and reality for delivering computing as the 5th utility,” Future Generat. Comput. Syst., vol. 25, no. 6, pp. 599–616, 2009.
[32] C. Erway, A. Küpçü, C. Papamanthou, and R. Tamassia, “Dynamic provable data possession,” in Proc. 16th ACM Conf. Comput. Commun. Secur., 2009, pp. 213–222
[33] G. Ateniese, R. D. Pietro, L. V. Mancini, and G. Tsudik, “Scalable and efficient provable data possession,” in Proc. 4th Int. Conf. Secur. Privacy Commun. Netw., 2008, Art. no.9.
[34] G. Ateniese et al., “Provable data possession at untrusted stores,” in Proc. 14th ACM Conf. Comput. Commun. Secur., 2007, pp. 598–609.
[35] A. Juels and B. S. Kaliski, Jr., “Pors: Proofs of retrievability for large files,” in Proc. 14th ACM Conf. Comput. Commun. Secur., 2007, pp. 584–597.
[36] G. Ateniese, D. H. Chou, B. de Medeiros, and G. Tsudik, “Sanitizable signatures,” in Proc. 10th Eur. Symp. Res. Comput. Secur. Berlin, Germany: Springer-Verlag, 2005, pp. 159–177.
[37] G. Ateniese and B. de Medeiros, “On the key exposure problem in chameleon hashes,” in Security in Communication Networks. Berlin, Germany: Springer, 2005, pp. 165–179.
[38] Q. Jiang, J. Ma, and F. Wei, “On the security of a privacy-aware authentication scheme for distributed mobile cloud computing services,” IEEE Syst. J., to be published.
[39] A. Fu, S. Yu, Y. Zhang, H. Wang, and C. Huang, “NPP: A new privacy-aware public auditing scheme for cloud data sharing with group users,” IEEE Trans. Big Data, to be published, doi: 10.1109/TBDATA.2017.2701347.
[40] H. Wang, D. He, J. Yu, and Z. Wang, “Incentive and unconditionally anonymous identity-based public provable data possession,” IEEE Trans. Serv. Comput., to be published, doi: 10.1109/TSC.2016.2633260.
[41] Y. Zhang, J. Yu, R. Hao, C. Wang, and K. Ren, “Enabling efficient user revocation in identity-based cloud storage auditing for shared big data,” IEEE Trans. Depend. Sec. Comput., to be published, doi: 10.1109/TDSC.2018.2829880.