Data Integrity Auditing and Access Control for Cloud Storage Systems

Description

Cloud storage is an important service of cloud computing, which allows data owners to host their data in the cloud. This new type of data hosting service introduces two major security concerns: 1) Protection of data integrity. Data owners may not fully trust the cloud servers and worry that data stored in the cloud could be corrupted or even removed. 2) Data access control. Data owners may worry that some cloud servers may be dishonest and give data access to the users that do not have access permission for profit gain. The objectives of the project are two-fold.Firstly, to design an efficient and privacy-preserving third party auditing protocol. The auditing protocol shall meet the following requirements: 1) Confidentiality. It should keep the data confidential against the auditor. 2) Dynamic auditing. It should support the dynamic updates of the data without incurring too much computation or communication cost. 3) Batch auditing. It should be able to support the batch auditing, which combines together multiple auditing requests from multiple owners for batch processing.Secondly, to design a secure data access control scheme based on CP-ABE (Ciphertext- Policy Attribute-based Encryption) technology. This scheme shall meet the following requirements: 1) Attribute revocation. Whenever there is an attribute revocation, the revoked user should be declined immediately for further data access. 2) Multiple authorities. The scheme should be able to support multiple authorities in the system and prevent users from different authorities from colluding to gain illegal data access. 3) Policy hiding. The data access policies should be kept confidential to cloud servers and data users.