research-article

Enabling Efficient Deduplication and Secure Decentralized Public Auditing for Cloud Storage: A Redactable Blockchain Approach

Authors:
Rahul Mishra

Indian Institute of Technolgy (ISM), India

Indian Institute of Technolgy (ISM), India

0000-0002-7395-306X
View Profile

,
Dharavath Ramesh

Indian Institute of Technolgy (ISM), India

Indian Institute of Technolgy (ISM), India

0000-0003-3338-6520
View Profile

,
Salil S. Kanhere

University of New South Wales, Australia

University of New South Wales, Australia

0000-0002-1835-3475
View Profile

,
Damodar Reddy Edla

National Institute of Technology, India

National Institute of Technology, India

0000-0002-5040-0745
View Profile

ACM Transactions on Management Information Systems Volume 14 Issue 3Article No.: 21pp 1–35https://doi.org/10.1145/3578555

Published:23 June 2023Publication History

ACM Transactions on Management Information Systems

Abstract

Public auditing and data deduplication are integral considerations in providing efficient and secure cloud storage services. Nevertheless, the traditional data deduplication models that support public auditing can endure the enormous waste of storage and computation resources induced through data redundancy and repeated audit work by multiple tenants on trusted third-party auditor (TPA). In this work, we introduce blockchain-based secure decentralized public auditing in a decentralized cloud storage with an efficient deduplication model. We employ blockchain to take on the task of centralized TPA, which also mitigates the implications of malicious blockchain miners by using the concept of a decentralized autonomous organization (DAO). Specifically, we employ the idea of redactability for blockchain to handle often neglected security issues that would adversely affect the integrity of stored auditing records on blockchain in decentralized auditing models. However, the proposed model also employs an efficient deduplication scheme to attain adequate storage savings while preserving the users from data loss due to duplicate faking attacks. Moreover, the detailed concrete security analysis demonstrates the computational infeasibility of the proposed model against proof-of-ownership, duplicate faking attack (DFA), collusion attack, storage free-riding attack, data privacy, and forgery attack with high efficiency. Finally, the comprehensive performance analysis shows the scalability and feasibility of the proposed model.

Supplemental Material

Available for Download

pdf

3578555.supp.pdf (126.6 KB)

Supplementary material

REFERENCES

[1] F. M. Awaysheh, M. N. Aladwan, M. Alazab, S. Alawadi, J. C. Cabaleiro, and T. F. Pena. 2021. Security by design for big data frameworks over cloud computing. IEEE Trans. Eng. Manag.Google Scholar
[2] R. Buyya, S. N. Srirama, G. Casale, R. Calheiros, Y. Simmhan, B. Varghese, and H. Shen. 2018. A manifesto for future generation cloud computing: Research directions for the next decade. ACM Comput. Surv. 51, 5 (2018), 1–38.Google ScholarDigital Library
[3] P. Sun. 2020. Security and privacy protection in cloud computing: Discussions and challenges. J. Netw. Comput. Applic. 160 (2020), 102642.Google ScholarCross Ref
[4] Y. Yang, Y. Chen, and F. Chen. 2021. A compressive integrity auditing protocol for secure cloud storage. IEEE/ACM Trans. Netw. 29, 3 (2021), 1197–1209.Google ScholarDigital Library
[5] X. Li, S. Liu, R. Lu, M. K. Khan, K. Gu, and X. Zhang. 2022. An efficient privacy-preserving public auditing protocol for cloud-based medical storage system. IEEE J. Biomed. Health Inform.Google Scholar
[6] J. Tian, H. Wang, and M. Wang. 2021. Data integrity auditing for secure cloud storage using user behavior prediction. Comput. Secur. 105 (2021), 102245.Google ScholarCross Ref
[7] L. J. Xu, R. Hao, J. Yu, and P. Vijayakumar. 2021. Secure deduplication for big data with efficient dynamic ownership updates. Comput. Electric. Eng. 96 (2021), 107531.Google ScholarDigital Library
[8] D. Zhang, J. Le, N. Mu, J. Wu, and X. Liao. 2021. Secure and efficient data deduplication in jointcloud storage. IEEE Trans. Cloud Comput.Google Scholar
[9] Y. Wang, M. Miao, J. Wang, and X. Zhang. 2021. Secure deduplication with efficient user revocation in cloud storage. Comput. Stand. Interf. 78 (2021), 103523.Google ScholarCross Ref
[10] Z. Pooranian, M. Shojafar, S. Garg, R. Taheri, and R. Tafazolli. 2020. LEVER: Secure deduplicated cloud storage with encrypted two-party interactions in cyber–physical systems. IEEE Trans. Industr. Inform. 17, 8 (2020), 5759–5768.Google ScholarCross Ref
[11] H. Yuan, X. Chen, J. Wang, J. Yuan, H. Yan, and W. Susilo. 2020. Blockchain-based public auditing and secure deduplication with fair arbitration. Inf. Sci. 541 (2020), 409–425.Google ScholarCross Ref
[12] H. Hou, J. Yu, and R. Hao. 2019. Cloud storage auditing with deduplication supporting different security levels according to data popularity. J. Netw. Comput. Applic. 134 (2019), 26–39.Google ScholarDigital Library
[13] A. Juels and B. S. Kaliski Jr. 2007. PORs: Proofs of retrievability for large files. In 14th ACM Conference on Computer and Communications Security. 584–597.Google Scholar
[14] G. Ateniese, R. Di Pietro, L. V. Mancini, and G. Tsudik .2008. Scalable and efficient provable data possession. In 4th International Conference on Security and Privacy in Communication Netowrks. (1–10).Google Scholar
[15] H. Shacham and B. Waters. 2008. Compact proofs of retrievability. In International Conference on the Theory and Application of Cryptology and Information Security. 90–107.Google Scholar
[16] S. K. Nayak and S. Tripathy. 2018. SEPDP: Secure and efficient privacy preserving provable data possession in cloud storage. IEEE Trans. Serv. Comput.Google Scholar
[17] R. Xu and J. Joshi. 2020. Trustworthy and transparent third-party authority. ACM Trans. Internet Technol. 20, 4 (2020), 1–23.Google ScholarDigital Library
[18] C. Yang, Y. Liu, F. Zhao, and S. Zhang. 2022. Provable data deletion from efficient data integrity auditing and insertion in cloud storage. Comput. Stand. Interf. 82 (2022), 103629.Google ScholarDigital Library
[19] H. Tian, F. Nan, H. Jiang, C. C. Chang, J. Ning, and Y. Huang. 2019. Public auditing for shared cloud data with efficient and secure group management. Inf. Sci. 472 (2019), 107–125.Google ScholarCross Ref
[20] X. Zhang, H. Wang, and C. Xu. 2019. Identity-based key-exposure resilient cloud storage public auditing scheme from lattices. Inf. Sci. 472 (2019), 223–234.Google ScholarCross Ref
[21] Y. Xu, S. Sun, J. Cui, and H. Zhong. 2020. Intrusion-resilient public cloud auditing scheme with authenticator update. Inf. Sci. 512 (2020), 616–628.Google ScholarDigital Library
[22] J. Xue, C. Xu, J. Zhao, and J. Ma. 2019. Identity-based public auditing for cloud storage systems against malicious auditors via blockchain. Sci. China Inf. Sci. 62, 3 (2019), 1–16.Google ScholarCross Ref
[23] F. Armknecht, J. M. Bohli, G. O. Karame, Z. Liu, and C. A. Reuter. 2014. Outsourced proofs of retrievability. In ACM SIGSAC Conference on Computer and Communications Security. 831–843.Google Scholar
[24] Y. Zhang, C. Xu, S. Yu, H. Li, and X. Zhang. 2015. SCLPV: Secure certificateless public verification for cloud-based cyber-physical-social systems against malicious auditors. IEEE Trans. Computat. Soc. Syst. 2, 4 (2015), 159–170.Google ScholarCross Ref
[25] Y. Zhang, C. Xu, X. Lin, and X. S. Shen. 2019. Blockchain-based public integrity verification for cloud storage against procrastinating auditors. IEEE Trans. Cloud Comput.Google Scholar
[26] R. Mishra, D. Ramesh, D. R. Edla, and M. C. Trivedi. 2022. Blockchain assisted privacy-preserving public auditable model for cloud environment with efficient user revocation. Cluster Comput. (2022), 1–25.Google Scholar
[27] J. Benet and N. Greco. 2018. Filecoin: A decentralized storage network. Protoc. Labs. 1–36.Google Scholar
[28] Y. Xu, C. Zhang, G. Wang, Z. Qin, and Q. Zeng. 2020. A blockchain-enabled deduplicatable data auditing mechanism for network storage services. IEEE Trans. Emerg. Topics Comput. 9, 3 (2020), 1421–1432.Google ScholarCross Ref
[29] A. Kosba, C. Papamanthou, and E. Shi. 2018. xJsnark: A framework for efficient verifiable computation. In IEEE Symposium on Security and Privacy (SP). IEEE, 944–961.Google Scholar
[30] Y. Du, H. Duan, A. Zhou, C. Wang, M. H. Au, and Q. Wang. 2021. Enabling secure and efficient decentralized storage auditing with blockchain. IEEE Trans. Depend. Sec. Comput.Google Scholar
[31] S. Li, C. Xu, Y. Zhang, Y. Du, and K. Chen. 2022. Blockchain-based transparent integrity auditing and encrypted deduplication for cloud storage. IEEE Trans. Serv. Comput.Google Scholar
[32] M. Goddard. 2017. The EU general data protection regulation (GDPR): European regulation that has a global impact. Int. J. Market Res. 59, 6 (2017), 703–705.Google ScholarCross Ref
[33] H. Duan, Y. Du, L. Zheng, C. Wang, M. H. Au, and Q. Wang. 2022. Towards practical auditing of dynamic data in decentralized storage. IEEE Trans. Depend. Sec. Comput.Google Scholar
[34] M. Xie, Y. Yu, R. Chen, H. Li, J. Wei, and Q. Sun. 2022. Accountable outsourcing data storage atop blockchain. Comput. Stand. Interf. 82 (2022), 103628.Google ScholarDigital Library
[35] J. Benet. 2014. IPFS-content addressed, versioned, P2P file system. arXiv preprint arXiv:1407.3561.Google Scholar
[36] N. Nizamuddin, H. R. Hasan, and K. Salah. 2018. IPFS-blockchain-based authenticity of online publications. In International Conference on Blockchain. 199–212.Google Scholar
[37] M. Bellare, S. Keelveedhi, and T. Ristenpart. 2013. Message-locked encryption and secure deduplication. In Annual International Conference on the Theory and Applications of Cryptographic Techniques. 296–312.Google Scholar
[38] J. Li, J. Wu, L. Chen, and J. Li. 2018. Blockchain-based secure and reliable distributed deduplication scheme. In International Conference on Algorithms and Architectures for Parallel Processing. 393–405.Google Scholar
[39] S. Halevi, D. Harnik, B. Pinkas, and A. Shulman-Peleg. 2011. Proofs of ownership in remote storage systems. In 18th ACM Conference on Computer and Communications Security. 491–500.Google Scholar
[40] K. Kim, T. Y. Youn, N. S. Jho, and K. Y. Chang. 2017. Client-side deduplication to enhance security and reduce communication costs. ETRI J. 39, 1 (2017), 116–123.Google ScholarCross Ref
[41] S. Keelveedhi, M. Bellare, and T. Ristenpart. 2013. DupLESS:Server-aided encryption for deduplicated storage. In 22nd USENIX Security Symposium (USENIX Security’13). 179–194.Google Scholar
[42] G. Tian, Y. Hu, J. Wei, Z. Liu, X. Huang, X. Chen, and W. Susilo. 2021. Blockchain-based secure deduplication and shared auditing in decentralized storage. IEEE Trans. Depend. Sec. Comput.Google Scholar
[43] Y. Lin, Y. Mao, Y. Zhang, and S. Zhong. 2022. Secure deduplication schemes for content delivery in mobile edge computing. Comput. Secur. (2022), 102602.Google Scholar
[44] J. Xu, X. Li, L. Yin, B. Guo, H. Feng, and Z. Zhang. 2019. Redactable proof-of-stake blockchain with fast confirmation. Cryptology ePrint Archive.Google Scholar
[45] J. Xu, X. Li, L. Yin, Y. Lu, Q. Tang, and Z. Zhang. 2021. Redactable blockchain protocol with instant redaction. IACR Cryptol. ePrint Arch. (2021), 223.Google Scholar
[46] S. Wang, W. Ding, J. Li, Y. Yuan, L. Ouyang, and F. Y. Wang. 2019. Decentralized autonomous organizations: Concept, model, and applications. IEEE Trans. Computat. Soc. Syst. 6, 5 (2019), 870–878.Google ScholarCross Ref
[47] A. Kate, G. M. Zaverucha, and I. Goldberg. 2010. Constant-size commitments to polynomials and their applications. In International Conference on the Theory and Application of Cryptology and Information Security. 177–194.Google Scholar
[48] H. Chernoff. 1952. A measure of asymptotic efficiency for tests of a hypothesis based on the sum of observations. Ann. Math. Statist. (1952), 493–507.Google Scholar
[49] A. Kiayias and G. Panagiotakos. 2015. Speed-security tradeoffs in blockchain protocols. Cryptology ePrint Archive.Google Scholar
[50] E. Albert, J. Correas, P. Gordillo, G. Román-Díez, and A. Rubio. 2020. GASOL: Gas analysis and optimization for ethereum smart contracts. In International Conference on Tools and Algorithms for the Construction and Analysis of Systems. 118–125.Google Scholar
[51] L. Fairweather. 2020. The problems that Ethereum 2.0 proof-of-stake aims to solve. Better Programming. Retrieved from: https://betterprogramming.pub/the-problems-thatethereum-2-0-proof-of-stake-aims-to-solve-5361c155461a.Google Scholar
[52] P. Maresova, V. Sobeslav, and O. Krejcar. 2017. Cost-benefit analysis-evaluation model of cloud computing deployment for use in companies. Appl. Econ. 49, 6 (2017), 521–533.Google ScholarCross Ref

Index Terms

Enabling Efficient Deduplication and Secure Decentralized Public Auditing for Cloud Storage: A Redactable Blockchain Approach
1. Computer systems organization
  1. Dependable and fault-tolerant systems and networks
    1. Redundancy
  2. Embedded and cyber-physical systems
    1. Embedded systems
    2. Robotics
2. Networks
  1. Network properties
    1. Network reliability

Recommendations

Privacy-Preserving Public Auditing for Secure Cloud Storage

Using cloud storage, users can remotely store their data and enjoy the on-demand high-quality applications and services from a shared pool of configurable computing resources, without the burden of local data storage and maintenance. However, the fact ...
Read More
Read-Performance Optimization for Deduplication-Based Storage Systems in the Cloud

Data deduplication has been demonstrated to be an effective technique in reducing the total data transferred over the network and the storage space in cloud backup, archiving, and primary storage systems, such as VM (virtual machine) platforms. However, ...
Read More
Secure proof of storage with deduplication for cloud storage systems

Explosion of multimedia content brings forth the needs of efficient resource utilization using the state of the arts cloud computing technologies such as data deduplication. In the cloud computing environments, achieving both data privacy and integrity ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Transactions on Management Information Systems Volume 14, Issue 3
September 2023
184 pages
ISSN:2158-656X
EISSN:2158-6578
DOI:10.1145/3605933
Editor:
Daniel Zeng
Chinese Academy of Sciences, China
Issue’s Table of Contents
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 23 June 2023
- Online AM: 30 January 2023
- Accepted: 12 December 2022
- Revised: 12 November 2022
- Received: 13 June 2022
Published in tmis Volume 14, Issue 3

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Public auditability
redactable blockchain
decentralized cloud storage (IPFS)
data deduplication
Qualifiers
- research-article
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 1
  Total Citations
  View Citations
- 403
  Total Downloads
- Downloads (Last 12 months)288
- Downloads (Last 6 weeks)21
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Full Text

View this article in Full Text.

View Full Text

Enabling Efficient Deduplication and Secure Decentralized Public Auditing for Cloud Storage: A Redactable Blockchain Approach

ACM Transactions on Management Information Systems

Abstract

Supplemental Material

Available for Download

REFERENCES

Cited By

Index Terms

Recommendations

Privacy-Preserving Public Auditing for Secure Cloud Storage

Read-Performance Optimization for Deduplication-Based Storage Systems in the Cloud

Secure proof of storage with deduplication for cloud storage systems