Study On Secure Verification Of Outsourced Data In Cloud Computing

As a new computing paradigm,cloud computing promotes the utilization,availability and reliability of physical devices by employing virtualization and other related technologies.Cloud users can customize and use the virtualized computing,networking and storing resources via the network at their own convenience.However,cloud computing results in the separation between data ownership and data management,that is,cloud users have to outsource their data to the not fully trusted clouds.Consequently,many cryptographic schemes have been introduced to provide outsourced data with protection of confidentiality,integration,consistency and availability.In particular,to realize the new security requirements(e.g.,verifiability,accountability and traceability),the secure verification techniques have been well studied over the last few years,and many data verification schemes in cloud environments have been proposed based on various cryptographic primitives and protocols.However,with the explosions of data volume,speed,type and application,the existing verifiable storage schemes are suffering from the following problems.Firstly,the existing location verification protocols cannot prevent the lengthening-distance attacks,and few of the cloud-based data storage schemes have taken the verifiability of data user's location into account for their access control mechanisms.Therefore,we study how to improve the accuracy of the verification of the data user's location and take the location as one of the authentication factors in data access control.Secondly,many verifiable database schemes are proposed to support the outsourced databases' efficient verifiability and update,but the complexity of their Setup algorithms makes them infeasible in practice.Therefore,we manage to reduce the verifiable database's time and space costs of Setup algorithm.Finally,the secure schemes designed for databases cannot be directly used in data streaming environments,and the available streaming authenticated data structures and verifiable data streaming schemes lack efficiency and accountability.Therefore,how to present a new definition and the concrete schemes of efficient verifiable data streaming with accountability is the last issue in this dissertation.To overcome these problems,in this dissertation,we focus on the secure verification of outsourced data in cloud computing,and our main contributions are as summarized follows:1.Secure Data Sharing Scheme with Verifiability of User Location.We present a new location verification protocol called Ears,which can prevent both shortening-distance and lengthening-distance frauds in wireless communication environments,and in particular,it is compatible with the existing distance-bounding protocols.Moreover,we propose a secure location-sensitive data sharing scheme based on the Ears protocol,in which data access is controlled by user identity as well as user location and the shared data is re-encrypted after each retrieval.(Chapter 3,the work has been accepted by Future Generation Computer Systems)2.Verifiable Database Scheme Supporting Localization of Tampered Record.We propose a new primitive Vector Commitment Tree(VCT),each of whose non-leaf nodes is the vector commitment of its children.This VCT is used to solve the unacceptance of vector commitment in practice when the growth of vectors leads to the fast increase of public parameters.Then,taking VCT as a building block,we propose a new definition of Hierarchical Verifiable Database with scalable updates(HVDB),which extends the original verifiable database by redefining the requirement of efficiency and introducing two new features(the hierarchical verification and the tampered record localization).Furthermore,we construct a concrete HVDB scheme according to the preceding definition based on CDH assumption in bilinear pairings.Our analyses and evaluations demonstrate that it is feasible in the real world because of its efficient initialization and enhanced verification.(Chapter 4,the work has been published at Journal of Ambient Intelligence and Humanized Computing,10(8),3045-3057,2019)3.Constant Verifiable Data Streaming Schemes with Accountability.We propose a new primitive Dimension Increasing Vector Commitment(DIVC).It provides an efficient way to commit to streaming elements.We also present the definition of Constant Verifiable Data Streaming with updates(CVDS)by introducing two new requirements of efficiency and accountability into the original verifiable data streaming.Moreover,with a concrete DIVC scheme based on CDH assumption in bilinear pairings,we construct two concrete CVDS schemes,the Probabilistic Verifiability CVDS(P-CVDS)and the Deterministic Verifiability CVDS(D-CVDS),by employing the counting Bloom filter and dynamic accumulator respectively.The client's and verifier's complexity in both schemes is constant,which has not been achieved by other existing schemes.(Chapter 5,the work has been published at Annals of Telecommunications,74(7-8),483-499,2019)...