File Download
There are no files associated with this item.
Links for fulltext
(May Require Subscription)
- Publisher Website: 10.1016/j.eswa.2014.06.027
- Scopus: eid_2-s2.0-84905266159
- WOS: WOS:000341462600011
- Find via
Supplementary
- Citations:
- Appears in Collections:
Article: Improved security of a dynamic remote data possession checking protocol for cloud storage
| Title | Improved security of a dynamic remote data possession checking protocol for cloud storage |
|---|---|
| Authors | |
| Keywords | Homomorphic hashing Cloud storage Data possession checking Dynamic auditing |
| Issue Date | 2014 |
| Citation | Expert Systems with Applications, 2014, v. 41, n. 17, p. 7789-7796 How to Cite? |
| Abstract | Cloud storage offers the users with high quality and on-demand data storage services and frees them from the burden of maintenance. However, the cloud servers are not fully trusted. Whether the data stored on cloud are intact or not becomes a major concern of the users. Recently, Chen et al. proposed a remote data possession checking protocol to address this issue. One distinctive feature of their protocol support data dynamics, meaning that users are allowed to modify, insert and delete their outsourced data without the need to re-run the whole protocol. Unfortunately, in this paper, we find that this protocol fails to achieve its purpose since it is vulnerable to forgery attack and replace attack launched by a malicious server. Specifically, we show how a malicious cloud server can deceive the user to believe that the entire file is well-maintained by using the meta-data related to the file alone, or with only part of the file and its meta-data. Then, we propose an improved protocol to fix the security flaws and formally proved that our proposal is secure under a well-known security model. In addition, our improvement keeps all the desirable features of the original protocol. © 2014 Elsevier Ltd. All rights reserved. |
| Persistent Identifier | http://hdl.handle.net/10722/280483 |
| ISSN | 2023 Impact Factor: 7.5 2023 SCImago Journal Rankings: 1.875 |
| ISI Accession Number ID |
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Yu, Yong | - |
| dc.contributor.author | Ni, Jianbing | - |
| dc.contributor.author | Au, Man Ho | - |
| dc.contributor.author | Liu, Hongyu | - |
| dc.contributor.author | Wang, Hua | - |
| dc.contributor.author | Xu, Chunxiang | - |
| dc.date.accessioned | 2020-02-17T14:34:09Z | - |
| dc.date.available | 2020-02-17T14:34:09Z | - |
| dc.date.issued | 2014 | - |
| dc.identifier.citation | Expert Systems with Applications, 2014, v. 41, n. 17, p. 7789-7796 | - |
| dc.identifier.issn | 0957-4174 | - |
| dc.identifier.uri | http://hdl.handle.net/10722/280483 | - |
| dc.description.abstract | Cloud storage offers the users with high quality and on-demand data storage services and frees them from the burden of maintenance. However, the cloud servers are not fully trusted. Whether the data stored on cloud are intact or not becomes a major concern of the users. Recently, Chen et al. proposed a remote data possession checking protocol to address this issue. One distinctive feature of their protocol support data dynamics, meaning that users are allowed to modify, insert and delete their outsourced data without the need to re-run the whole protocol. Unfortunately, in this paper, we find that this protocol fails to achieve its purpose since it is vulnerable to forgery attack and replace attack launched by a malicious server. Specifically, we show how a malicious cloud server can deceive the user to believe that the entire file is well-maintained by using the meta-data related to the file alone, or with only part of the file and its meta-data. Then, we propose an improved protocol to fix the security flaws and formally proved that our proposal is secure under a well-known security model. In addition, our improvement keeps all the desirable features of the original protocol. © 2014 Elsevier Ltd. All rights reserved. | - |
| dc.language | eng | - |
| dc.relation.ispartof | Expert Systems with Applications | - |
| dc.subject | Homomorphic hashing | - |
| dc.subject | Cloud storage | - |
| dc.subject | Data possession checking | - |
| dc.subject | Dynamic auditing | - |
| dc.title | Improved security of a dynamic remote data possession checking protocol for cloud storage | - |
| dc.type | Article | - |
| dc.description.nature | link_to_subscribed_fulltext | - |
| dc.identifier.doi | 10.1016/j.eswa.2014.06.027 | - |
| dc.identifier.scopus | eid_2-s2.0-84905266159 | - |
| dc.identifier.volume | 41 | - |
| dc.identifier.issue | 17 | - |
| dc.identifier.spage | 7789 | - |
| dc.identifier.epage | 7796 | - |
| dc.identifier.isi | WOS:000341462600011 | - |
| dc.identifier.issnl | 0957-4174 | - |