Skip to main content
placeholder image

On the security of auditing mechanisms for secure cloud storage

Journal Article


Download full-text (Open Access)

Abstract


  • Cloud computing is a novel computing model that enables convenient and on-demand access to a shared pool of configurable computing resources. Auditing services are highly essential to make sure that the data is correctly hosted in the cloud. In this paper, we investigate the active adversary attacks in three auditing mechanisms for shared data in the cloud, including two identity privacy-preserving auditing mechanisms called Oruta and Knox, and a distributed storage integrity auditing mechanism. We show that these schemes become insecure when active adversaries are involved in the cloud storage. Specifically, an active adversary can arbitrarily alter the cloud data without being detected by the auditor in the verification phase. We also propose a solution to remedy the weakness without sacrificing any desirable features of these mechanisms.

Authors


  •   Yu, Yong (external author)
  •   Niu, Lei (external author)
  •   Yang, Guomin
  •   Mu, Yi (external author)
  •   Susilo, Willy

Publication Date


  • 2014

Citation


  • Yu, Y., Niu, L., Yang, G., Mu, Y. & Susilo, W. (2014). On the security of auditing mechanisms for secure cloud storage. Future Generation Computer Systems: the international journal of grid computing: theory, methods and applications, 30 (1), 127-132.

Scopus Eid


  • 2-s2.0-84888362150

Ro Full-text Url


  • http://ro.uow.edu.au/cgi/viewcontent.cgi?article=2758&context=eispapers

Ro Metadata Url


  • http://ro.uow.edu.au/eispapers/1749

Has Global Citation Frequency


Number Of Pages


  • 5

Start Page


  • 127

End Page


  • 132

Volume


  • 30

Issue


  • 1

Place Of Publication


  • Netherlands

Abstract


  • Cloud computing is a novel computing model that enables convenient and on-demand access to a shared pool of configurable computing resources. Auditing services are highly essential to make sure that the data is correctly hosted in the cloud. In this paper, we investigate the active adversary attacks in three auditing mechanisms for shared data in the cloud, including two identity privacy-preserving auditing mechanisms called Oruta and Knox, and a distributed storage integrity auditing mechanism. We show that these schemes become insecure when active adversaries are involved in the cloud storage. Specifically, an active adversary can arbitrarily alter the cloud data without being detected by the auditor in the verification phase. We also propose a solution to remedy the weakness without sacrificing any desirable features of these mechanisms.

Authors


  •   Yu, Yong (external author)
  •   Niu, Lei (external author)
  •   Yang, Guomin
  •   Mu, Yi (external author)
  •   Susilo, Willy

Publication Date


  • 2014

Citation


  • Yu, Y., Niu, L., Yang, G., Mu, Y. & Susilo, W. (2014). On the security of auditing mechanisms for secure cloud storage. Future Generation Computer Systems: the international journal of grid computing: theory, methods and applications, 30 (1), 127-132.

Scopus Eid


  • 2-s2.0-84888362150

Ro Full-text Url


  • http://ro.uow.edu.au/cgi/viewcontent.cgi?article=2758&context=eispapers

Ro Metadata Url


  • http://ro.uow.edu.au/eispapers/1749

Has Global Citation Frequency


Number Of Pages


  • 5

Start Page


  • 127

End Page


  • 132

Volume


  • 30

Issue


  • 1

Place Of Publication


  • Netherlands