Data Auditing and Security in Cloud Computing: Issues, Challenges and Future Directions

Authors

  • Geeta C M Department of Computer Science and Engineering, University Visvesvaraya College of Engineering, Bangalore University
  • Raghavendra S Department of Computer Science and Engineering, University Visvesvaraya College of Engineering, Bangalore University
  • Rajkumar Buyya Cloud Computing and Distributed Systems (CLOUDS) Lab, School of Computing and Information Systems, The University of Melbourne, Australia
  • Venugopal K R Department of Computer Science and Engineering, University Visvesvaraya College of Engineering, Bangalore University
  • S S Iyengar Department of Computer Science and Engineering, Florida International University, USA
  • L M Patnaik INSA, National Institute of Advanced Studies, Indian Institute of Science Campus, Bangalore, India

Keywords:

Cloud Computing, User Revocation, Deduplication, Public Auditing, Consistency, Re-generating Codes, Key-Exposure Resilience.

Abstract

Cloud computing is one of the significant development that utilizes progressive computational power and upgrades data distribution and data storing facilities. With cloud information services, it is essential for information to be saved in the cloud and also distributed across numerous customers. Cloud information repository is involved with issues of information integrity, data security and information access by unapproved users. Hence, an autonomous reviewing and auditing facility is necessary to guarantee that the information is effectively accommodated and used in the cloud. In this paper, a comprehensive survey on the state-of-art techniques in data auditing and security are discussed. Challenging problems in information repository auditing and security are presented. Finally, directions for future research in data auditing and security have been discussed.

References

F. Liu, J. Tong, J. Mao, R. Bohn, J. Messina, L. Badger, and D. Leaf, “Nist Cloud Computing Reference Architecture,” NIST Special Publication, vol. 500, no. 2011, pp. 1–28, 2011.

A. Fox, R. Griffith, A. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson, A. Rabkin, and I. Stoica, “Above the Clouds: A Berkeley View of Cloud Computing,” Department of Electrical Engg. And Computer Sciences, University of California, vol. 28, no. 13, pp. 1–42, 2009.

R. Buyya, C. S. Yeo, S. Venugopal, J. Broberg, and I. Brandic, “Cloud Computing and Emerging IT Platforms: Vision, Hype, and Reality for Delivering Computing as the 5th Utility,” Future Generation Computer Systems, vol. 25, no. 6, pp. 599–616, 2009.

M. Blum, W. Evans, P. Gemmell, S. Kannan, and M. Naor, “Checking the Correctness of Memories,” Algorithmica, vol. 12, no. 2-3, pp. 225–244, 1994.

C. C. Erway, A. K¨upc¸ ¨u, C. Papamanthou, and R. Tamassia, “Dynamic Provable Data Possession,” ACM Transactions on Information and System Security (TISSEC), vol. 17, no. 4, pp. 213–222, 2015.

G. Ateniese, R. Di Pietro, L. V. Mancini, and G. Tsudik, “Scalable and Efficient Provable Data Possession,” in Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, pp. 1–9, ACM, 2008.

A. Juels and B. S. Kaliski Jr, “PORs: Proofs of Retrievability for Large Files,” in Proceedings of the 14th ACM Conference of Computer and Communications Security, pp. 584–597, 2007.

H. Shacham and B. Waters, “Compact Proofs of Retrievability,” Journal of Cryptology, vol. 26, no. 3, pp. 442–483, 2013.

G. Yamamoto, S. Oda, and K. Aoki, “Fast Integrity for Large Data,” in Proceedings of ECRYPT Workshop Software Performance Enhancement for Encryption and Decryption, pp. 21–32, 2007.

G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, “Provable Data Possession at Untrusted Stores,” in Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 598–609, 2007.

Y. Zhu, H. Hu, G.-J. Ahn, and M. Yu, “Cooperative Provable Data Possession for Integrity Verification in Multicloud Storage,” IEEE Transactions on Parallel and Distributed Systems, vol. 23, no. 12, pp. 2231–2244, 2012.

C. Wang, Q. Wang, K. Ren, and W. Lou, “Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing,” in INFOCOM Proceedings, pp. 1–9, IEEE, 2010.

K. Yang and X. Jia, “Data Storage Auditing Service in Cloud Computing: Challenges, Methods and Opportunities,” World Wide Web, vol. 15, no. 4, pp. 409–428, 2012.

T. Jiang, X. Chen, and J. Ma, “Public Integrity Auditing for Shared Dynamic Cloud Data with Group User Revocation,” IEEE Transactions on Computers, vol. 65, no. 8, pp. 2363–2373, 2016.

B. Wang, B. Li, and H. Li, “Panda: Public Auditing for Shared Data with Efficient User Revocation in the Cloud,” IEEE Transactions on Services Computing,, vol. 8, no. 1, pp. 92–106, 2015.

J. Yuan and S. Yu, “Efficient Public Integrity Checking for Cloud Data Sharing with Multi-User Modification,” in INFOCOM Proceedings, pp. 2121–2129, IEEE, 2014.

S. Raghavendra, C. M. Geeta, R. Buyya, K. R. Venugopal, S. S. Iyengar, and L. M. Patnaik, “MSIGT: Most Significant Index Generation Technique for Cloud Environment,” in Proceedings of the Annual IEEE India Conference (INDICON), pp. 1–6, 2015.

S. Benabbas, R. Gennaro, and Y. Vahlis, “Verifiable Delegation of Computation Over Large Datasets,” in Advances in Cryptology–CRYPTO, pp. 111–131, Springer, 2011.

D. Catalano and D. Fiore, “Vector Commitments and their Applications,” in Public-Key Cryptography–PKC, pp. 55–72, Springer, 2013.

M. Backes, D. Fiore, and R. M. Reischuk, “Verifiable Delegation of Computation on Outsourced Data,” in Proceedings of ACM SIGSAC Conference on Computer & Communications Security,, pp. 863–874, 2013.

B. Bruhadeshwar and S. S. Kulkarni, “Balancing Revocation and Storage Trade-offs in Secure Group Communication,” IEEE Transactions on Dependable and Secure Computing, vol. 8, no. 1, pp. 58–73, 2011.

S. Raghavendra, S. Girish, C. M. Geeta, R. Buyya, K. R. Venugopal, S. S. Iyengar, and L. M. Patnaik, “IGSK: Index Generation on Split Keyword for Search over Cloud Data,” in Proceedings of International Conference on Computing and Network Communications (CoCoNet), pp. 374–380, 2015.

J. Li, J. Li, X. Chen, C. Jia, and W. Lou, “Identity-Based Encryption with Outsourced Revocation in Cloud Computing,” IEEE Transactions on Computers, vol. 64, no. 2, pp. 425–437, 2015.

Y. Zhu, H.-X. Hu, G.-J. Ahn, H.-X. Wang, and S.-B. Wang, “Provably Secure Role-Based Encryption with Revocation Mechanism,” Journal of Computer Science and Technology, vol. 26, no. 4, pp. 697–710, 2011.

Z. Hao, S. Zhong, and N. Yu, “A Privacy-Preserving Remote Data Integrity Checking Protocol with Data Dynamics and Public Verifiability,” IEEE Transactions on Knowledge and Data Engineering, vol. 23, no. 9, pp. 1432–1437, 2011.

C. Li, Y. Chen, P. Tan, and G. Yang, “Towards Comprehensive Provable Data Possession in Cloud Computing,” Wuhan University Journal of Natural Sciences, vol. 18, no. 3, pp. 265–271, 2013.

J. Ni, Y. Yu, Y. Mu, and Q. Xia, “On the Security of an Efficient Dynamic Auditing Protocol in Cloud Storage,” IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 10, pp. 2760–2761, 2014.

K. Yang and X. Jia, “An Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud Computing,” IEEE Transactions on Parallel and Distributed Systems, vol. 24, no. 9, pp. 1717–1726, 2013.

B. Wang, H. Li, X. Liu, F. Li, and X. Li, “Efficient Public Verification on the Integrity of Multi-Owner Data in the Cloud,” Journal of Communications and Networks, vol. 16, no. 6, pp. 592–599, 2014.

K. Xue and P. Hong, “A Dynamic Secure Group Sharing Framework In Public Cloud Computing,” IEEE Transactions on Cloud Computing, vol. 2, no. 4, pp. 459–470, 2014.

Y. Luo, M. Xu, S. Fu, D. Wang, and J. Deng, “Efficient Integrity Auditing for Shared Data in the Cloud with Secure User Revocation,” in Trustcom/BigDataSE/ISPA, IEEE, vol. 1, pp. 434–442, 2015.

X. Dong, J. Yu, Y. Zhu, Y. Chen, Y. Luo, and M. Li, “SECO: Secure and Scalable Data Collaboration Services in Cloud Computing,” Computers & Security, vol. 50, pp. 91–105, 2015.

Q. Huang, Z. Ma, Y. Yang, J. Fu, and X. Niu, “EABDS: Attribute- Based Secure Data Sharing with Efficient Revocation in Cloud Computing,” Chinese Journal of Electronics, vol. 24, no. 4, pp. 862–868, 2015.

S. Park, K. Lee, and D. H. Lee, “New Constructions of Revocable Identity-Based Encryption from Multilinear Maps,” IEEE Transactions on Information Forensics and Security, vol. 10, no. 8, pp. 1564–1577, 2015.

J. Zhang and X. Zhao, “Efficient Chameleon Hashing-Based Privacy-Preserving Auditing in Cloud Storage,” Cluster Computing, vol. 19, no. 1, pp. 47–56, 2016.

J. Y. Hwang, L. Chen, H. S. Cho, and D. Nyang, “Short Dynamic Group Signature Scheme Supporting Controllable Linkability,” IEEE Transactions on Information Forensics and Security, vol. 10, no. 6, pp. 1109–1124, 2015.

J. Hong, K. Xue, and W. Li, “Comments on DAC-MACS: Effective Data Access Control for Multiauthority Cloud Storage Systems/ Security Analysis of Attribute Revocation in Multiauthority Data Access Control for Cloud Storage Systems,” IEEE Transactions on Information Forensics and Security, vol. 10, no. 6, pp. 1315–1317, 2015.

J. Yuan and S. Yu, “Public Integrity Auditing for Dynamic Data Sharing with Multiuser Modification,” IEEE Transactions on Information Forensics and Security, vol. 10, no. 8, pp. 1717–1726, 2015.

J. Li, L. Zhang, J. K. Liu, H. Qian, and Z. Dong, “Privacy-Preserving Public Auditing Protocol for Low-Performance End Devices in Cloud,” IEEE Transactions on Information Forensics and Security, vol. 11, no. 11, pp. 2572–2583, 2016.

J. Hur and D. K. Noh, “Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems,” IEEE Transactions on Parallel and Distributed Systems, vol. 22, no. 7, pp. 1214–1221, 2011.

X. Dong, J. Yu, Y. Luo, Y. Chen, G. Xue, and M. Li, “Achieving an Effective, Scalable and Privacy-Preserving Data Sharing Service in Cloud Computing,” Computers & Security, vol. 42, pp. 151–164, 2014.

Q. Wu, “A Generic Construction of Ciphertext-Policy Attribute-Based Encryption Supporting Attribute Revocation,” China Communications, vol. 11, no. 13, pp. 93–100, 2014.

M. Reddy, S. H. Manjula, and K. R. Venugopal, “Secure Data Sharing in Cloud Computing: A Comprehensive Review,” International Journal of Computer (IJC), vol. 25, no. 1, pp. 80–115, 2017.

Y. Lu and J. Li, “A Pairing-Free Certificate-Based Proxy Re-Encryption Scheme for Secure Data Sharing in Public Clouds,” Future Generation Computer Systems, vol. 62, pp. 140–147, 2016.

G. Yang, J. Yu, W. Shen, Q. Su, Z. Fu, and R. Hao, “Enabling Public Auditing for Shared Data in Cloud Storage Supporting Identity Privacy and Traceability,” Journal of Systems and Software, vol. 113, pp. 130–139, 2016.

Z. Zhu and R. Jiang, “A Secure Anti-Collusion Data Sharing Scheme for Dynamic Groups in the Cloud,” IEEE Transactions on Parallel and Distributed Systems, vol. 27, no. 1, pp. 40–50, 2016.

K. Selvamani and S. Jayanthi, “A Review on Cloud Data Security and its Mitigation Techniques,” Procedia Computer Science, vol. 48, pp. 347–352, 2015.

N. Garg and S. Bawa, “Comparative Analysis of Cloud Data Integrity Auditing Protocols,” Journal of Network and Computer Applications, vol. 66, pp. 17–32, 2016.

X. Xu, J. Zhou, X. Wang, and Y. Zhang, “Multi-Authority Proxy Reencryption Based on CPABE for Cloud Storage Systems,” Journal of Systems Engineering and Electronics, vol. 27, no. 1, pp. 211–223, 2016.

S. Raghavendra, P. A. Doddabasappa, C. M. Geeta, R. Buyya, K. R. Venugopal, S. S. Iyengar, and L. M. Patnaik, “Secure Multi-Keyword Search and Multi-User Access Control over an Encrypted Cloud Data,” International Journal of Information Processing, vol. 10, no. 2, pp. 51–61, 2016.

S. More and S. Chaudhari, “Third Party Public Auditing Scheme for Cloud Storage,” Procedia Computer Science, vol. 79, pp. 69–76, 2016.

H. Wang, “Proxy Provable Data Possession in Public Clouds,” IEEE Transactions on Services Computing, vol. 6, no. 4, pp. 551–559, 2013.

N. Cao, S. Yu, Z. Yang, W. Lou, and Y. T. Hou, “Lt Codes-Based Secure and Reliable Cloud Storage Service,” in INFOCOM Proceedings IEEE, pp. 693–701, 2012.

B. Chen, R. Curtmola, G. Ateniese, and R. Burns, “Remote Data Checking for Network Coding-Based Distributed Storage Systems,” in Proceedings of ACM workshop on Cloud Computing Security Workshop, pp. 31–42, 2010.

B. Wang, B. Li, and H. Li, “Oruta: Privacy-Preserving Public Auditing for Shared Data in the Cloud,”IEEE Transactions on Cloud Computing, vol. 2, no. 1, pp. 43–56, 2014.

K. R. Venugopal, K. G. Srinivasa, and L. M. Patnaik, “Soft Computing for Data Mining Applications,” Springer, 2009.

H. Wang, “Privacy-Preserving Data Sharing in Cloud Computing,” Journal of Computer Science and Technology, vol. 25, no. 3, pp. 401– 414, 2010. [58] R. K. Ko, B. S. Lee, and S. Pearson, “Towards Achieving Accountability, Auditability and Trust in Cloud Computing,” in International Conference on Advances in Computing and Communications, pp. 432– 444, Springer, 2011.

R. K. Ko, B. S. Lee, and S. Pearson, “Towards Achieving Accountability, Auditability and Trust in Cloud Computing,” in International Conference on Advances in Computing and Communications, pp. 432–444, Springer, 2011.

M. Van Dijk, A. Juels, A. Oprea, R. L. Rivest, E. Stefanov, and N. Triandopoulos, “Hourglass Schemes: How to Prove that Cloud Files are Encrypted,” in Proceedings of ACM Conference on Computer and Communications Security, pp. 265–280, 2012.

L. Xu, X. Wu, and X. Zhang, “CL-PRE: A Certificateless Proxy Reencryption Scheme for Secure Data Sharing with Public Cloud,” in Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, pp. 87–88, 2012.

Z. Qin, S. Wu, and H. Xiong, “Strongly Secure and Cost-Effective Certificateless Proxy Re-Encryption Scheme for Data Sharing in Cloud Computing,” in Proceedings of the International Conference on Big Data Computing and Communications, pp. 205–216, Springer, 2015.

S. R. Tate, R. Vishwanathan, and L. Everhart, “Multi-User Dynamic Proofs of Data Possession using Trusted Hardware,” in Proceedings of the Third ACM Conference on Data and Application Security andPrivacy, pp. 353–364, 2013.

X. Liu, Y. Zhang, B. Wang, and J. Yan, “Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the Cloud,” IEEE Transactions on Parallel and Distributed Systems, vol. 24, no. 6, pp. 1182–1191, 2013.

H. Rasheed, “Data and Infrastructure Security Auditing in Cloud Computing Environments,” International Journal of Information Management, vol. 34, no. 3, pp. 364–368, 2014.

Q. Liu, G. Wang, and J. Wu, “Time-Based Proxy Re-Encryption Scheme for Secure Data Sharing in a Cloud Environment,” Information Sciences, vol. 258, pp. 355–370, 2014.

Y. Yu, L. Niu, G. Yang, Y. Mu, and W. Susilo, “On the Security of Auditing Mechanisms for Secure Cloud Storage,” Future Generation Computer Systems, vol. 30, no. 1, pp. 127–132, 2014.

A. Abbas and S. U. Khan, “A Review on the State-of-the-Art Privacy-Preserving Approaches in the E-Health Clouds,” IEEE Journal of Biomedical and Health Informatics, vol. 18, no. 4, pp. 1431–1441, 2014.

G. Yang, J. Yu, W. Shen, Q. Su, Z. Fu, and R. Hao, “Enabling Public Auditing for Shared Data in Cloud Storage Supporting Identity Privacy and Traceability,” Journal of Systems and Software, vol. 113, pp. 130– 139, 2016.

A. P. Singh and S. K. Pasupuleti, “Optimized Public Auditing and Data Dynamics for Data Storage Security in Cloud Computing,” Procedia Computer Science, vol. 93, pp. 751–759, 2016.

Y. Li, Y. Yu, B. Yang, G. Min, and H. Wu, “Privacy Preserving Cloud Data Auditing with Efficient Key Update,” Future Generation Computer Systems, 2016.

H. Cui, R. H. Deng, Y. Li, and B. Qin, “Server-Aided Revocable Attribute-Based Encryption,” in Proceedings of the European Symposium on Research in Computer Security, pp. 570–587, Springer, 2016.

S. Tan and Y. Jia, “NaEPASC: A Novel and Efficient Public Auditing Scheme for Cloud Data,” Journal of Zhejiang University Science, vol. 15, no. 9, pp. 794–804, 2014.

S. Raghavendra, C. M. Geeta, K. Shaila, R. Buyya, K. R. Venugopal, S. S. Iyengar, and L. M. Patnaik, “MSSS: Most Significant Single- Keyword Search over Encrypted Cloud Data,” in Proceedings of the 6th Annual International Conference on ICT: BigData, Cloud and Security, 1–6, 2015.

J. Li, J. Li, D. Xie, and Z. Cai, “Secure Auditing and Deduplicating Data in Cloud,” IEEE Transactions on Computers, vol. 65, no. 8, pp. 2386–2396, 2016.

J. Li, Y. K. Li, X. Chen, P. P. Lee, and W. Lou, “A Hybrid Cloud Approach for Secure Authorized Deduplication,” IEEE Transactions on Parallel and Distributed Systems, vol. 26, no. 5, pp. 1206–1216, 2015.

J. Li, X. Chen, X. Huang, S. Tang, Y. Xiang, M. M. Hassan, and A. Alelaiwi, “Secure Distributed Deduplication Systems with Improved Reliability,” IEEE Transactions on Computers, vol. 64, no. 12, pp. 3569–3579, 2015.

J. Wang and X. Chen, “Efficient and Secure Storage for Outsourced Data: A Survey,” Data Science and Engineering, vol. 1, no. 3, pp. 178–188, 2016.

J. Hur, D. Koo, Y. Shin, and K. Kang, “Secure Data Deduplication with Dynamic Ownership Management in Cloud Storage,” IEEE Transactions on Knowledge and Data Engineering, vol. 28, no. 11, pp. 3113–3125, 2016.

J. Li, X. Chen, M. Li, J. Li, P. P. Lee, and W. Lou, “Secure Deduplication with Efficient and Reliable Convergent Key Management,” IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 6, pp. 1615–1625, 2014.

R. Chen, Y. Mu, G. Yang, and F. Guo, “BL-MLE: Block-Level Message-Locked Encryption for Secure Large File Deduplication,” IEEE Transactions on Information Forensics and Security, vol. 10, no. 12, pp. 2643–2652, 2015.

J. Stanek and L. Kencl, “Enhanced Secure Thresholded Data Deduplication Scheme for Cloud Storage,” IEEE Transactions on Dependable and Secure Computing, 2016.

M. Miao, J. Wang, H. Li, and X. Chen, “Secure Multi-Server-Aided Data Deduplication in Cloud Computing,” Pervasive and Mobile Computing, vol. 24, pp. 129–137, 2015.

Y. Zheng, X. Yuan, X. Wang, J. Jiang, C. Wang, and X. Gui, “Towards Encrypted Cloud Media Centre with Secure Deduplication,” IEEE Transactions on Multimedia, pp. 1–16, 2016.

X. Yao, Y. Lin, Q. Liu, and Y. Zhang, “A Secure Hierarchical Deduplication System in Cloud Storage,” in Proceedings of the IEEE/ACM 24th International Symposium on Quality of Service (IWQoS), pp. 1– 10, 2016.

J. Min, D. Yoon, and Y. Won, “Efficient Deduplication Techniques for Modern Backup Operation,” IEEE Transactions on Computers, vol. 60, no. 6, pp. 824–840, 2011.

P. Christen, “A Survey of Indexing Techniques for Scalable Record Linkage and Deduplication,” IEEE Transactions on Knowledge and Data Engineering, vol. 24, no. 9, pp. 1537–1555, 2012.

W. Xia, H. Jiang, D. Feng, F. Douglis, P. Shilane, Y. Hua, M. Fu, Y. Zhang, and Y. Zhou, “A Comprehensive Study of the Past, Present, and Future of Data Deduplication,” Proceedings of the IEEE, vol. 104, no. 9, pp. 1681–1710, 2016.

J. Wang, Z. Zhao, Z. Xu, H. Zhang, L. Li, and Y. Guo, “I-sieve: An Inline High Performance Deduplication System used in Cloud Storage,” Tsinghua Science and Technology, vol. 20, no. 1, pp. 17–27, 2015.

S. Raghavendra, C. M. Geeta, R. Buyya, K. R. Venugopal, S. S.Iyengar, and L. M. Patnaik, “DRSMS: Domain and Range Specific Multi-Keyword Search over Encrypted Cloud Data,” International Journal of Computer Science and Information Security, vol. 14, no. 5, pp. 69–78, 2016.

K. He, C. Huang, H. Zhou, J. Shi, X. Wang, and F. Dan, “Public Auditing for Encrypted Data with Client-Side Deduplication in Cloud Storage,” Wuhan University Journal of Natural Sciences, vol. 20, no. 4, pp. 291–298, 2015.

Q. Liu, G. Wang, and J. Wu, “Consistency as a Service: Auditing Cloud Consistency,” IEEE Transactions on Network and Service Management, vol. 11, no. 1, pp. 25–35, 2014.

J. Du, C. Iorgulescu, A. Roy, and W. Zwaenepoel, “Gentlerain: Cheap and Scalable Causal Consistency with Physical Clocks,” in Proceedings of the ACM Symposium on Cloud Computing, pp. 1–13, 2014.

S. P. Phansalkar and A. R. Dani, “Tunable Consistency Guarantees of Selective Data Consistency Model,” Journal of Cloud Computing, vol. 4, no. 1, pp. 1–12, 2015.

W. Golab, X. Li, and M. A. Shah, “Analyzing Consistency Properties for Fun and Profit,” in Proceedings of the 30th Annual ACM SIGACTSIGOPS Symposium on Principles of Distributed Computing, pp. 197–206, 2011.

S. Raghavendra, K. Nithyashree, C. M. Geeta, R. Buyya, K. R. Venugopal, S. S. Iyengar, and L. M. Patnaik, “RSSMSO Rapid Similarity Search on Metric Space Object Stored in Cloud Environment,” International Journal of Organizational and Collective Intelligence (IJOCI), vol. 6, no. 3, pp. 33–49, 2016.

S. Singh, Y.-S. Jeong, and J. H. Park, “A Survey on Cloud Computing Security: Issues, Threats, and Solutions,” Journal of Network and Computer Applications, vol. 75, pp. 200–222, 2016.

B. K. Jeevitha, J. Thriveni, and K. R. Venugopal, “Data Storage Security and Privacy in Cloud Computing: A Comprehensive Survey,” International Journal of Computer Applications, vol. 156, no. 12, pp. 16–27, 2016.

J. Wang, X. Chen, X. Huang, I. You, and Y. Xiang, “Verifiable Auditing for Outsourced Database in Cloud Computing,” IEEE Transactions on Computers, vol. 64, no. 11, pp. 3293–3303, 2015.

Y. Zhu, H. Wang, Z. Hu, G.-J. Ahn, H. Hu, and S. S. Yau, “Dynamic Audit Services for Integrity Verification of Outsourced Storages in Clouds,” in Proceedings of the 2011 ACM Symposium on Applied Computing, pp. 1550–1557, 2011.

J. Wang, X. Chen, J. Li, J. Zhao, and J. Shen, “Towards Achieving Flexible and Verifiable Search for Outsourced Database in Cloud Computing,” Future Generation Computer Systems, 2016.

J. Yu, X. Wang, and W. Gao, “Improvement and Applications of Secure Outsourcing of Scientific Computations,” Journal of Ambient Intelligence and Humanized Computing, vol. 6, no. 6, pp. 763–772, 2015.

X. Chen, J. Li, J. Weng, J. Ma, and W. Lou, “Verifiable Computation over Large Database with Incremental Updates,” in Proceedings of the European Symposium on Research in Computer Security, pp. 148–162, Springer, 2014.

W.-S. Ku, L. Hu, C. Shahabi, and H. Wang, “A Query Integrity Assurance Scheme for Accessing Outsourced Spatial Databases,” Geoinformatica, vol. 17, no. 1, pp. 97–124, 2013.

K. Grolinger, W. A. Higashino, A. Tiwari, and M. A. Capretz, “Data Management in Cloud Environments: NoSQL and NewSQL Data Stores,” Journal of Cloud Computing: Advances, Systems and Applications, vol. 2, no. 1, pp. 1–24, 2013.

S. V. Kiran, S. Raghuram, J. Thriveni, and K. R. Venugopal, “Efficient Video Transfer using LAN Caching Assisted by Cloud Computing,” in Proceedings of the TENCON Region 10 Conference, pp. 1–5, IEEE, 2015.

H. Jo, S.-T. Hong, J.-W. Chang, and D. H. Choi, “Offloading Data Encryption to GPU in Database Systems,” The Journal of Supercomputing, vol. 69, no. 1, pp. 375–394, 2014.

A. Waqar, A. Raza, H. Abbas, and M. K. Khan, “A Framework for Preservation of Cloud Users Data Privacy using Dynamic Reconstruction of Metadata,” Journal of Network and Computer Applications,vol. 36, no. 1, pp. 235–248, 2013.

J. K¨ohler, K. J¨unemann, and H. Hartenstein, “Confidential Database-as-a-Service Approaches: Taxonomy and Survey,” Journal of Cloud Computing, vol. 4, no. 1, pp. 1–14, 2015.

F. Doelitzscher, C. Reich, M. Knahl, and N. Clarke, “Understanding Cloud Audits,” in Privacy and Security for Cloud Computing, pp. 125–163, Springer, 2013.

S. Krendelev, M. Yakovlev, and M. Usoltseva, “Secure Database using Order-Preserving Encryption Scheme Based on Arithmetic Coding and Noise Function,” in Proceedings of the Information and Communication Technology-EurAsia Conference, pp. 193–202, Springer, 2015.

X. Chen, J. Li, X. Huang, J. Ma, and W. Lou, “New Publicly Verifiable Databases with Efficient Updates,” IEEE Transactions on Dependable and Secure Computing, vol. 12, no. 5, pp. 546–556, 2015.

Y. Zhu, H. Hu, G.-J. Ahn, and M. Yu, “Cooperative Provable Data Possession for Integrity Verification in Multicloud Storage,” IEEE Transactions on Parallel and Distributed Systems, vol. 23, no. 12, pp. 2231–2244, 2012.

J. Yu, K. Ren, C. Wang, and V. Varadharajan, “Enabling Cloud Storage Auditing With Key-Exposure Resistance,” IEEE Transactions on Information Forensics and Security, vol. 10, no. 6, pp. 1167–1179, 2015.

Y. Yu, L. Xue, M. H. Au, W. Susilo, J. Ni, Y. Zhang, A. V. Vasilakos, and J. Shen, “Cloud Data Integrity Checking with an Identity-Based Auditing Mechanism from RSA,” Future Generation Computer Systems, vol. 62, pp. 85–91, 2016.

F. Yan, X. Chen, and Y. Zhang, “Efficient Online/Offline Signcryption without Key Exposure,” International Journal of Grid and Utility Computing, vol. 4, no. 1, pp. 85–93, 2013.

Y. Yu, Y. Zhang, J. Ni, M. H. Au, L. Chen, and H. Liu, “Remote Data Possession Checking with Enhanced Security for Cloud Storage,” Future Generation Computer Systems, vol. 52, pp. 77–85, 2015.

Y. Dodis, W. Luo, S. Xu, and M. Yung, “Key-Insulated Symmetric Key Cryptography and Mitigating Attacks Against Cryptographic Cloud Software,” in Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, pp. 57–58, 2012.

H.-Y. Lin, T.-S. Wu, M.-L. Lee, and C.-K. Yeh, “New Efficient Identity-Based Key-Insulated Multisignature Scheme,” International Journal of Machine Learning and Computing, vol. 3, no. 1, pp. 117–120, 2013.

Z. Xu, C. Wang, K. Ren, L. Wang, and B. Zhang, “Proof-Carrying Cloud Computation: The Case of Convex Optimization,” IEEE Transactions on Information Forensics and Security, vol. 9, no. 11, pp.1790–1803, 2014.

M. Sookhak, A. Akhunzada, A. Gani, M. Khurram Khan, and N. B. Anuar, “Towards Dynamic Remote Data Auditing in Computational Clouds,” The Scientific World Journal, vol. 2014, pp. 1–12, 2014.

J. Yu, H. Xia, H. Zhao, R. Hao, Z. Fu, and X. Cheng, “Forward-Secure Identity-Based Signature Scheme in Untrusted Update Environments,” Wireless Personal Communications, vol. 86, no. 3, pp. 1467–1491,2016.

Y. Zhang, C. Xu, S. Yu, H. Li, and X. Zhang, “SCLPV: Secure Certificateless Public Verification for Cloud-Based Cyber-Physical- Social Systems Against Malicious Auditors,” IEEE Transactions on Computational Social Systems, vol. 2, no. 4, pp. 159–170, 2015.

S. Zhou, R. Du, J. Chen, D. He, and H. Deng, “ESDR: An Efficient and Secure Data Repairing Paradigm in Cloud Storage,” Security and Communication Networks, vol. 9, no. 16, pp. 3646–3657, 2016.

J. K. Liu, K. Liang, W. Susilo, J. Liu, and Y. Xiang, “Two-Factor Data Security Protection Mechanism for Cloud Storage System,” IEEE Transactions on Computers, vol. 65, no. 6, pp. 1992–2004, 2016.

H. Wang, Q. Wu, B. Qin, and J. Domingo-Ferrer, “Identity-Based Remote Data Possession Checking in Public Clouds,” IET Information Security, vol. 8, no. 2, pp. 114–121, 2014.

S. V. Kiran, S. Raghuram, J. Thriveni, and K. R. Venugopal, “Efficient Stereoscopic 3D Video Transmission over Multiple Network Paths,” International Journal of Computer Science and Information Security (IJCSIS), vol. 14, pp. 50–66, 2016.

J. Liu, K. Huang, H. Rong, H.Wang, and M. Xian, “Privacy-Preserving Public Auditing for Regenerating- Code-Based Cloud Storage,” IEEE Transactions on Information Forensics and Security, vol. 10, no. 7, pp. 1513–1528, 2015.

J. Li and B. Li, “Erasure Coding for Cloud Storage Systems: A Survey,” Tsinghua Science and Technology, vol. 18, no. 3, pp. 259– 272, 2013.

H. C. Chen and P. P. Lee, “Enabling Data Integrity Protection in Regenerating-Coding-Based Cloud Storage: Theory and Implementation,” IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 2, pp. 407–416, 2014.

Q. Yu, C. W. Sung, and T. H. Chan, “Irregular Fractional Repetition Code Optimization for Heterogeneous Cloud Storage,” IEEE Journal on Selected Areas in Communications, vol. 32, no. 5, pp. 1048–1060, 2014.

J. C Corena and T. Ohtsuki, “Pollution-Free Regenerating Codes with Fast Reconstruction Verification for Verifiable Cloud Storage,” Journal of Networks, vol. 9, no. 11, pp. 2892–2904, 2014.

H. C. Chen, Y. Hu, P. P. Lee, and Y. Tang, “NCCloud: a Network- Coding-Based Storage System in a Cloud-of-Clouds,” IEEE Transactions on Computers, vol. 63, no. 1, pp. 31–44, 2014.

B. Yang, X. Tang, and J. Li, “A Systematic Piggybacking Design for Minimum Storage Regenerating Codes,” IEEE Transactions on Information Theory, vol. 61, no. 11, pp. 5779–5786, 2015.

N. Silberstein, A. S. Rawat, and S. Vishwanath, “Error-Correcting Regenerating and Locally Repairable Codes via Rank-Metric Codes,” IEEE Transactions on Information Theory, vol. 61, no. 11, pp. 5765 –5778, 2015.

K. Huang, U. Parampalli, and M. Xian, “Security Concerns in Minimum Storage Cooperative Regenerating Codes,” arXiv preprint arXiv: 1509.01324, vol. 62, no. 11, pp. 6218–6232, 2015.

K. Huang, M. Xian, S. Fu, and J. Liu, “Securing the Cloud Storage Audit Service: Defending Against Frame and Collude Attacks of Third Party Auditor,” IET Communications, vol. 8, no. 12, pp. 2106–2113, 2014.

S. Raghavendra, S. R. Chitra, C. M. Geeta, R. Buyya, K. R. Venugopal, S. S. Iyengar, and L. M. Patnaik, “Survey on Data Storage and Retrieval Techniques over Encrypted Cloud Data,” vol. 14, no. 9, pp. 1–28, 2016.

Y. Chen and Y. Wang, “On the Non-Existence of Minimum Storage Regenerating Codes with Repair-by-Transfer Property,” IEEE Communications Letters, vol. 19, no. 12, pp. 2070–2073, 2015.

L. Xue, J. Ni, Y. Li, and J. Shen, “Provable Data Transfer from Provable Data Possession and Deletion in Cloud Storage,” Computer Standards and Interfaces, 2016.

S. V. Kiran, R. Prasad, J. Thriveni, K. R. Venugopal, and L. M. Patnaik, “Cloud Enabled 3D Tablet Design for Medical Applications,” in Proceedings of the 9th International Conference on Industrial and Information Systems (ICIIS), pp. 1–6, IEEE, 2014.

Downloads

Published

2018-01-11

How to Cite

C M, G., S, R., Buyya, R., K R, V., Iyengar, S. S., & Patnaik, L. M. (2018). Data Auditing and Security in Cloud Computing: Issues, Challenges and Future Directions. International Journal of Computer (IJC), 28(1), 8–57. Retrieved from https://www.ijcjournal.org/index.php/InternationalJournalOfComputer/article/view/1002

Issue

Section

Articles