R&D: Secure Auditing and De-Dupe with Efficient Ownership Management for Cloud Storage

Journal of Systems Architecture has published an article written by Min Wang, Lujun Xu, Rong Hao, College of Computer Science and Technology, Qingdao University, Qingdao 266071, China, and Ming Yang, School of Cyber Security, Qilu University of Technology (Shandong Academy of Sciences), Shandong Computer Science Center, Shandong Provincial Key Laboratory of Computer Networks, Jinan, 250014, China.

Abstract: “More and more users opt to outsource their data to the cloud due to its popularity, which also brings some problems. One is that users cannot know whether the data stored in the cloud is intact since they no longer have physical control over it. The other is that the data stored in the cloud are often duplicated, which clearly wastes cloud storage resources. To solve the above problems, cloud auditing technology and secure deduplication technology have been widely studied. Furthermore, cloud auditing schemes supporting secure deduplication have also been proposed. However, data ownership management is rarely considered in these schemes. Once the data ownership changes, the revoked user should not be able to obtain the original ciphertext stored in the cloud to recover the original data. To solve this problem, we propose a cloud auditing scheme that supports cross-user secure deduplication with efficient data ownership management. We design a lazy update strategy to reduce update frequency and delegate the update task to the cloud, which greatly reduces the computing cost of ownership management. When the data ownership changes, the cloud does not need to update the original ciphertext immediately. It will decide whether to update the original ciphertext based on the value of a preset flag. Experimental results and the security analysis demonstrate the effectiveness and security of the proposed scheme.“