Master of Computer Science - Research
Fan, Xinyu, On remote data integrity checking of the cloud storage, Master of Computer Science - Research thesis, , University of Wollongong, 2013. http://ro.uow.edu.au/theses/3985
Cloud computing offers different types of computational services to end users via computer networks. Nowadays it has become a trend that individuals and IT enterprises store data remotely to the cloud in a flexible on-demand manner, which has become a popular way of data outsourcing. This has reduced the burden for storage management and maintenances and costs on hardware and software, with great advancement of universal data access and convenience to users. In fact, cloud storage has become one of the major services in cloud computing where user data are stored and maintained by cloud servers. It allows users to access their data via computer networks at anytime and from anywhere.
Despite the great benefits provided by cloud computing, data security is a very important yet challenging problem that must be solved. One of the major concerns of data security is data integrity in a remote storage system. Although storing data in the cloud is attractive, it does not usually offer any guarantee on data integrity and retrievability.
Unfortunately, many Remote Integrity Checking (RIC) schemes in the literature are insecure. In this thesis, we will provide a cryptanalysis against a well-known RIC scheme. Our analysis approach can also be applied to other similar RIC schemes. We also provide a solution to the problem.
It is also very important that an auditing process should not introduce new vulnerabilities of unauthorized information leakage towards their data security. The previous efforts in RIC accommodate several security features including data integrity and confidentiality, which mainly ensure secure maintenance of data. However, they do not cover the issue of data privacy, which means that the communication flows (RIC proofs) from the cloud server should not reveal any useful information to the adversary. Intuitively, by "privacy", we mean that an adversary should not be able to distinguish which file has been uploaded by the client and maintained by the cloud server. We refer it as Indistinguishability (or IND, for short). We believe that it is very important to consider such privacy issues adequately in protocol designs. We refer to this security property as IND-privacy.
In this thesis, we also provide the definition of data privacy for RIC protocols and demonstrate how data privacy can be achieved. We demonstrate that a well-known privacy-preserving RIC protocol do not provide IND-Privacy. Actually, we can conclude that all current RIC protocols do not provide IND-privacy. We also show that with a witness distinguishability proof, we are able to achieve IND-Privacy in RIC. As a instantiation, we present a concrete RIC protocol, which capture the security property of IND-privacy.