The Method Of Integrity Auditing For Shared Data In Cloud Environment

Cloud storage provides users with a large amount of storage space,which reduces users' investment in local storage management and satisfies users' storage requirement.However,when owners outsource data to cloud servers for storage management,they lose the direct control of the data.Due to the existence of software/hardware failure,human destruction and others factors,data are at risk of being tampered or lost.Cloud storage providers are likely to hide the fact in order to protect their own reputation,or even deliberately delete infrequently accessed data in order to save storage space and enhance economic performance.Therefore,it's necessary for users to audit the integrity of data which are stored in the cloud.The traditional auditing method of data integrity is to obtain all data locally and verify their signatures or conduct Hash operation.As for the massive data stored in the cloud,the auditing approach that obtaining all the data locally for verification is clearly inappropriate.Most existing researches focus on how to audit the integrity of individual data which are stored in the cloud.In the practical application of cloud storage,the storage of group-shared data is an important application.Compared with the integrity auditing of individual data in the cloud,the integrity auditing of group-shared data will bring new challenges,such as the protection of identity privacy,dynamic groups and so on.This paper proposes the following two schemes about the integrity auditing of shared data in the cloud environment:(1)An integrity auditing scheme based on group signature algorithm for shared cloud data is proposed.This scheme is based on the group signature algorithm.When it is necessary to track the identity of the signer of a data block,the group manager can track it by using his/her private key and others cannot know the identity of this signer.In addition,the private key updating mechanism in this scheme can well support user revocation,and greatly reduce the computation and communication overhead during the user revocation process.Safety analysis and experimental results show that the scheme is safe and efficient.(2)A public integrity auditing scheme based on blind signature for shared data in the cloud is proposed.Traditionally,group users need to generate an authenticator for each data block,and then upload those data blocks and corresponding authenticators to the cloud server for storage.Based on the blind signature algorithm,this scheme introduces Authenticator Generation Center to assist users in generating authenticators,saving users' computing resources and improving the generating efficiency of authenticators.This scheme authorizes the TPA to audit,which can effectively avoid the DDoS attack on the cloud server.