Research On Identity-based Cloud Storage Data Integrity Audit

With cloud storage services,users store their data in the cloud,enjoying high-quality services and reducing the burden of local data storage and maintenance.However,once users store their data in the cloud,they will lose direct control over the data.Any failure in the cloud might cause leakage or damage to their data.In order to check the integrity of data stored in the cloud,different kinds of cloud storage data integrity auditing schemes are proposed.Identity-based cloud storage data integrity auditing is one of the most important categories.It can not only help users to check the integrity of their data stored in the cloud,but also reduce the complex certificate management in the traditional public key infrastructure(PKI)system.This paper investigates the identity-based cloud storage data integrity auditing and proposes three different schemes:1.A lightweight identity-based data integrity auditing scheme for cloud storage is proposed.In the scheme,the user can authorize a TPA(Third Party Auditor)to complete all time-consuming operations(including data uploading,generating data authenticator and data integrity checking),which minimizes the burden on the user side.2.An identity-based public cloud storage auditing scheme with hierarchical structure for large-scale users is proposed.In the scheme,we design a hierarchical Private Key Generator(PKG)structure which can be well applied to large-scale users,and the lowest level PKG plays the role of the TPA.It greatly eases the pressure on a single TPA or a single PKG when serving large-scale users group.3.A shared big data cloud storage integrity auditing scheme with efficient user revocation is proposed.In the scheme,we design a novel strategy for key generation and a new private key update technique.Using this strategy and the technique,we realize user revocation by just updating the non-revoked group users' private keys rather than authenticators of the revoked user.The integrity auditing of the revoked user's data can still be correctly performed when the authenticators are not updated.The design makes the overhead of user revocation is fully independent of the number of the revoked user's blocks,which greatly improves the efficiency of user revocation.Finally,we summarize the achievements in this paper,and also point out the next research direction.