| As widely deployment of IEEE802.11wireless LAN and3G cellularinfrastructure, along with substantial increase of hardware performance of mobile phone,tablet and other mobile devices. Traditional Grid-based cloud computing is moving tomobile devices. The application scenario of mobile cloud computing can be generalizedinto processing-oriented and data-oriented. For data-oriented scenario, data integrityverification is the vital part of its secure architecture. Generally speaking, cloud serviceproviders are considered to be untrusted, they may arbitrarily delete user data in order toerase storage burden. Even if cloud service providers could be trusted, data stored incloud can be easily erased or deleted by intruders. Usercannot debunk the conspiracyimmediately without a good data integrity verification scheme. However, manyverification schemes which have been proposed are not suitable for mobile environmentdue to high computation and storage need.Besides, for applications like cloud filesharing, file integrity verification processes may not only be conducted by file owners,but also by other users which have file access permission, thus integrity verificationframework should have the “open verification” property. The paper aims to improve thecurrent methods, in order to build a verification scheme suitable for mobile cloudcomputing.The paper is organized as follows: first we introduce the concept of mobile cloudcomputing, plus the current data integrity verification scheme, and analyze their prosand cons. We’ve found out that the method used in [1] which is based on Merkle hashtree and BLS signature scheme, supports public verification, stateless verification anddynamic data properties. However it leverages the complex hash tree constructionmethod and bilinear pairing which turn out to be heavy computational burden formobile devices. To make this scheme deployable for mobile devices, we introduce keyexchange method to it, constructing a secure communication channel between mobileclient and trusted third party, thus it can outsource the complex algorithm to a third trusted party. Then the paper evaluates the accuracy and efficiency of our scheme,which turns out to accomplish the verification process with high accuracy (more than95%) and low data transmission(3%of number file blocks).Then the paper uses software engineering method, to demonstrate the design andcompletion process of our scheme. Our system is based on client-server architecture,and developed using rapid-prototype model, in order to implement the keyfunctionalities as fast as we could. System client is deployed on Android system, writtenin JAVA, and server is deployed on Windows system, written in C++, leveraging theI/O completion ports functionality of Windows system to achieve efficient multi-useraccess without creating too many threads. Our system has the following functionalities:1) user access control;2) file upload;3) file integrity verification;4) dynamic data;5)file download. We use traditional username and password method as user access controlmethod; files have to be preprocessed before they are uploaded to cloud, which involvesbilinear pairing method that can be outsourced to a third trusted party; file integrityverification will involve no file block, hiding details of data from the third party inwhich runs the verification algorithm; dynamic data lets user (batch) update,(batch)insert and (batch) delete their file blocks at will; user is allowed to download files onwhich they have permission. The design and development of our system meet therequirements of standard software project rigidly, it has integral specification, specificmodules division, and clear interface definition with efficient code. We believe theframework we propose combining with its implementation will be a good example ofcombining theory and practice, and will make more concern about the rapid developingyet perilous area. |
PDF Full Text Request