Privacy-Preserving Public Auditing Scheme for Data Confidentiality and Accountability in Cloud Storage  

作　　者：YANG Zhen WANG Wenyu HUANG Yongfeng LI Xing 

机构地区：[1]Department of Electronic Engineering,Tsinghua University [2]Tsinghua National Laboratory for Information Science and Technology [3]Information Networking Institute,Carnegie Mellon University

出　　处：《Chinese Journal of Electronics》2019年第1期179-187,共9页电子学报（英文版）

基　　金：supported by the National Key Research and Development Program of China(No.2016YFB0800402);the National Natural Science Foundation of China(No.U1405254,No.U1536207)

摘　　要：Cloud data confidentiality need to be audited for the data owner's concern. Confidentiality auditing is usually based on logging schemes, whereas cloud data dynamics and sharing group dynamics result in massive logs, which makes confidentiality auditing a formidable task for user with limited resources. So we propose a public auditing scheme for data confidentiality,in which user resorts to a Third-party auditor(TPA)for auditing. Our scheme design a special log called attestation in which hash user pseudonym is used to preserve user privacy. Attestation-based data access identifying is presented in our scheme which brings no new vulnerabilities toward data confidentiality and no extra online burden for user. We further support accountability of responsible user for data leakage based on user pseudonym. Extensive security and performance analysis compare our scheme with existing auditing schemes.Results indicate that the proposed scheme is provably secure and highly efficient.Cloud data confidentiality need to be audited for the data owner's concern. Confidentiality auditing is usually based on logging schemes, whereas cloud data dynamics and sharing group dynamics result in massive logs, which makes confidentiality auditing a formidable task for user with limited resources. So we propose a public auditing scheme for data confidentiality,in which user resorts to a Third-party auditor(TPA)for auditing. Our scheme design a special log called attestation in which hash user pseudonym is used to preserve user privacy. Attestation-based data access identifying is presented in our scheme which brings no new vulnerabilities toward data confidentiality and no extra online burden for user. We further support accountability of responsible user for data leakage based on user pseudonym. Extensive security and performance analysis compare our scheme with existing auditing schemes.Results indicate that the proposed scheme is provably secure and highly efficient.

关 键 词：Data CONFIDENTIALITY PUBLIC auditability Privacy PRESERVING Cloud storage User ACCOUNTABILITY 

分 类 号：TN[电子电信]