Abstract
Cloud computing provides important data storage, processing and management functions for data owners who share their data with data users through cloud servers. Although cloud computing brings significant advantages to data owners, the data stored in the cloud also faces many internal/external security attacks. Existing certificateless data provider schemes have the following two common shortcomings, i.e., most of which use plaintext to store data and use the complex bilinear pairing operation. To address such shortcomings, this scheme proposes secure and efficient certificateless provable data possession for cloud-based data management systems. In our solution, the data owners and cloud servers need to register with the key generation center only once. To ensure the integrity of encrypted data, we use the public key of the cloud server to participate in signature calculation. Moreover, the third-party verifier can audit the integrity of ciphertext without downloading the whole encrypted data. Security analysis shows that our proposed scheme is provably secure under the random oracle model. An evaluation of performance shows that our proposed scheme is efficient in terms of computation and communication overheads.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Armbrust, M., et al.: A view of cloud computing. Commun. ACM 53(4), 50–58 (2010)
Ateniese, G., et al.: Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 598–609 (2007)
Fernandes, D.A.B., Soares, L.F.B., Gomes, J.V., Freire, M.M., Inácio, P.R.M.: Security issues in cloud environments: a survey. Int. J. Inf. Secur. 13(2), 113–170 (2013). https://doi.org/10.1007/s10207-013-0208-7
Gao, G., Fei, H., Qin, Z.: An efficient certificateless public auditing scheme in cloud storage. Concurr. Comput. Pract. Exp. 32(24), e5924 (2020)
He, D., Kumar, N., Zeadally, S., Wang, H.: Certificateless provable data possession scheme for cloud-based smart grid data management systems. IEEE Trans. Ind. Inf. 14(3), 1232–1241 (2018)
He, D., Zeadally, S., Wu, L.: Certificateless public auditing scheme for cloud-assisted wireless body area networks. IEEE Syst. J. 12(1), 64–73 (2015)
Kang, B., Wang, J., Shao, D.: Certificateless public auditing with privacy preserving for cloud-assisted wireless body area networks. Mob. Inf. Syst. 2017 (2017)
Ming, Y., Shi, W.: Efficient privacy-preserving certificateless provable data possession scheme for cloud storage. IEEE Access 7, 122091–122105 (2019)
Nayak, S.K., Tripathy, S.: SEPDP: secure and efficient privacy preserving provable data possession in cloud storage. IEEE Trans. Serv. Comput. (2018)
Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. J. Cryptol. 13(3), 361–396 (2000). https://doi.org/10.1007/s001450010003
Wang, B., Li, B., Li, H., Li, F.: Certificateless public auditing for data integrity in the cloud. In: 2013 IEEE Conference on Communications and Network Security (CNS), pp. 136–144. IEEE (2013)
Wang, C., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for data storage security in cloud computing. In: 2010 proceedings IEEE INFOCOM, pp. 1–9. IEEE (2010)
Wang, F., Xu, L., Gao, W.: Comments on SCLPV: secure certificateless public verification for cloud-based cyber-physical-social systems against malicious auditors. IEEE Trans. Comput. Soc. Syst. 5(3), 854–857 (2018)
Wang, H., He, D., Tang, S.: Identity-based proxy-oriented data uploading and remote data integrity checking in public cloud. IEEE Trans. Inf. Forensics Secur. 11(6), 1165–1176 (2016)
Wang, H., Wu, Q., Qin, B., Domingo-Ferrer, J.: Identity-based remote data possession checking in public clouds. IET Inf. Secur. 8(2), 114–121 (2013)
Wenger, E., Werner, M.: Evaluating 16-bit processors for elliptic curve cryptography. In: Prouff, E. (ed.) CARDIS 2011. LNCS, vol. 7079, pp. 166–181. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-27257-8_11
Yang, K., Jia, X.: An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans. Parallel Distrib. Syst. 24(9), 1717–1726 (2012)
Yu, Y., et al.: Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage. IEEE Trans. Inf. Forensics Secur. 12(4), 767–778 (2016)
Zhang, Y., Xu, C., Yu, S., Li, H., Zhang, X.: SCLPV: secure certificateless public verification for cloud-based cyber-physical-social systems against malicious auditors. IEEE Trans. Comput. Soc. Syst. 2(4), 159–170 (2015)
Zhang, Y., Yu, J., Hao, R., Wang, C., Ren, K.: Enabling efficient user revocation in identity-based cloud storage auditing for shared big data. IEEE Trans. Dependable Secure Comput. 17(3), 608–619 (2020)
Zhou, C.: Security analysis of a certificateless public provable data possession scheme with privacy preserving for cloud-based smart grid data management system. Int. J. Netw. Secur. 22(4), 584–588 (2020)
Zhu, Y., Hu, H., Ahn, G.J., Yu, M.: Cooperative provable data possession for integrity verification in multicloud storage. IEEE Trans. Parallel Distrib. Syst. 23(12), 2231–2244 (2012)
Acknowledgment
The work was supported by the NSFC grant (No. U1936220, No. 61872001, No. 62011530046), and the Special Fund for Key Program of Science and Technology of Anhui Province, China (Grant No. 202003A05020043).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Zhang, J., Cui, J., Zhong, H., Gu, C., Liu, L. (2021). Secure and Efficient Certificateless Provable Data Possession for Cloud-Based Data Management Systems. In: Jensen, C.S., et al. Database Systems for Advanced Applications. DASFAA 2021. Lecture Notes in Computer Science(), vol 12681. Springer, Cham. https://doi.org/10.1007/978-3-030-73194-6_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-73194-6_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-73193-9
Online ISBN: 978-3-030-73194-6
eBook Packages: Computer ScienceComputer Science (R0)