Studies On Searchable Encrypted Audit Log For Cloud Storage

With the arrival of big data era,cloud storage has become popular among enterprises and individuals.However,its remote features make it difficult to prevent cloud service providers and other unauthorized users from accessing data.Furthermore,we fail to effectively monitor users' actions and assure all of users are honest in reality because cloud storage supports multi-user data sharing.Audit logs play a key role in recording and tracing every user's operations.In order to reduce the local storage burden and protect data and users' privacy,the researches on searchable encrypted audit logs in cloud storage system is of great signicance.Towards the needs for noting down users' behaviors in cloud storage system,this paper proposes two privacy-preserving and unforgeable searchable encrypted audit log schemes for independent and multi-cloud service providers respectively to generate,encrypt,search and verify audit logs.It bases on the bilinear pairing,and simultaneously assures user privacy when the servers verify the permissions of users contained in searchable encrypted audit logs.Only when both are consistent with each other,the servers release users' operations.In addition,the users and servers are not able to create valid audit logs of any user so that the scheme provides guarantees of audit log reliability.The latter scheme adopts identity-based encryption to achieve fine-grained user verification.Then the discussion on security properties and provable security theory proof show that the proposed two schemes can satisfy the security requirements for cloud storage system to audit users' actions.And simulation test results indicate that the proposed scheme is of reasonable performance to be applied on cloud storage.Based on and besides above work,this paper gives a solution to the third party audit in the multi-providers cloud storage system.A proxy reencryption based searchable encrypted audit log scheme is proposed so that the data admin allows a third party agency to audit those logs.With proxy reencryption,the third party agency can audit a part of searchable encrypted audit logs after being authorized by the data admin.According to the security analysis and computational efficiency testing,it can be derived that the proposed proxy reencryption searchable encrypted audit log scheme effectively supports third party audit with privacy-preserving protection and audit log unforgery.