Enabling public auditability for operation behaviors in cloud storage

Hui Tian, Zhaoyi Chen, Chin Chen Chang, Minoru Kuribayashi, Yongfeng Huang, Yiqiao Cai, Yonghong Chen, Tian Wang

Research output: Contribution to journalArticle

12 Citations (Scopus)

Abstract

In this paper, we focus on auditing for users’ operation behaviors, which is significant for the avoidance of potential crimes in the cloud and equitable accountability determination in the forensic. We first present a public model for operation behaviors in cloud storage, in which a trusted third party is introduced to verify the integrity of operation behavior logs to enhance the credibility of forensic results as well as alleviate the burden of the forensic investigator. Further, we design a block-based logging approach to support selective verification and a hash-chain-based structure for each log block to ensure the forward security and append-only properties for log entries. Moreover, to achieve the tamper resistance of log blocks and non-repudiation of auditing proofs, we employ Merkle hash tree (MHT) to record the hash values of the aggregation authentication block tags sequentially and publish the root of MHT to the public once a block has been appended. Meanwhile, using the authentication property of MHT, our scheme can provide log-less verification with privacy preservation. We formally prove the security of the proposed scheme and evaluate its performance on entry appending and verification by concrete experiments and comparisons with the state-of-the-art schemes. The results demonstrate that the proposed scheme can effectively achieve secure auditing for log files of operation behaviors in cloud storage and outperforms the previous ones in computation complexity and communication overhead.

Original languageEnglish
Pages (from-to)2175-2187
Number of pages13
JournalSoft Computing
Volume21
Issue number8
DOIs
Publication statusPublished - Apr 1 2017

Fingerprint

Auditing
Authentication
Crime
Forward Security
Hash Chain
Privacy Preservation
Non-repudiation
Accountability
Credibility
Agglomeration
Concretes
Integrity
Aggregation
Communication
Roots
Verify
Evaluate
Experiments
Demonstrate
Experiment

Keywords

  • Cloud storage
  • Merkle hash tree
  • Operation behaviors
  • Public auditing
  • Secure logging

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Software
  • Geometry and Topology

Cite this

Tian, H., Chen, Z., Chang, C. C., Kuribayashi, M., Huang, Y., Cai, Y., ... Wang, T. (2017). Enabling public auditability for operation behaviors in cloud storage. Soft Computing, 21(8), 2175-2187. https://doi.org/10.1007/s00500-016-2311-y

Enabling public auditability for operation behaviors in cloud storage. / Tian, Hui; Chen, Zhaoyi; Chang, Chin Chen; Kuribayashi, Minoru; Huang, Yongfeng; Cai, Yiqiao; Chen, Yonghong; Wang, Tian.

In: Soft Computing, Vol. 21, No. 8, 01.04.2017, p. 2175-2187.

Research output: Contribution to journalArticle

Tian, H, Chen, Z, Chang, CC, Kuribayashi, M, Huang, Y, Cai, Y, Chen, Y & Wang, T 2017, 'Enabling public auditability for operation behaviors in cloud storage', Soft Computing, vol. 21, no. 8, pp. 2175-2187. https://doi.org/10.1007/s00500-016-2311-y
Tian, Hui ; Chen, Zhaoyi ; Chang, Chin Chen ; Kuribayashi, Minoru ; Huang, Yongfeng ; Cai, Yiqiao ; Chen, Yonghong ; Wang, Tian. / Enabling public auditability for operation behaviors in cloud storage. In: Soft Computing. 2017 ; Vol. 21, No. 8. pp. 2175-2187.
@article{469cd89ef78142f6a7bfa9c8f9f36943,
title = "Enabling public auditability for operation behaviors in cloud storage",
abstract = "In this paper, we focus on auditing for users’ operation behaviors, which is significant for the avoidance of potential crimes in the cloud and equitable accountability determination in the forensic. We first present a public model for operation behaviors in cloud storage, in which a trusted third party is introduced to verify the integrity of operation behavior logs to enhance the credibility of forensic results as well as alleviate the burden of the forensic investigator. Further, we design a block-based logging approach to support selective verification and a hash-chain-based structure for each log block to ensure the forward security and append-only properties for log entries. Moreover, to achieve the tamper resistance of log blocks and non-repudiation of auditing proofs, we employ Merkle hash tree (MHT) to record the hash values of the aggregation authentication block tags sequentially and publish the root of MHT to the public once a block has been appended. Meanwhile, using the authentication property of MHT, our scheme can provide log-less verification with privacy preservation. We formally prove the security of the proposed scheme and evaluate its performance on entry appending and verification by concrete experiments and comparisons with the state-of-the-art schemes. The results demonstrate that the proposed scheme can effectively achieve secure auditing for log files of operation behaviors in cloud storage and outperforms the previous ones in computation complexity and communication overhead.",
keywords = "Cloud storage, Merkle hash tree, Operation behaviors, Public auditing, Secure logging",
author = "Hui Tian and Zhaoyi Chen and Chang, {Chin Chen} and Minoru Kuribayashi and Yongfeng Huang and Yiqiao Cai and Yonghong Chen and Tian Wang",
year = "2017",
month = "4",
day = "1",
doi = "10.1007/s00500-016-2311-y",
language = "English",
volume = "21",
pages = "2175--2187",
journal = "Soft Computing",
issn = "1432-7643",
publisher = "Springer Verlag",
number = "8",

}

TY - JOUR

T1 - Enabling public auditability for operation behaviors in cloud storage

AU - Tian, Hui

AU - Chen, Zhaoyi

AU - Chang, Chin Chen

AU - Kuribayashi, Minoru

AU - Huang, Yongfeng

AU - Cai, Yiqiao

AU - Chen, Yonghong

AU - Wang, Tian

PY - 2017/4/1

Y1 - 2017/4/1

N2 - In this paper, we focus on auditing for users’ operation behaviors, which is significant for the avoidance of potential crimes in the cloud and equitable accountability determination in the forensic. We first present a public model for operation behaviors in cloud storage, in which a trusted third party is introduced to verify the integrity of operation behavior logs to enhance the credibility of forensic results as well as alleviate the burden of the forensic investigator. Further, we design a block-based logging approach to support selective verification and a hash-chain-based structure for each log block to ensure the forward security and append-only properties for log entries. Moreover, to achieve the tamper resistance of log blocks and non-repudiation of auditing proofs, we employ Merkle hash tree (MHT) to record the hash values of the aggregation authentication block tags sequentially and publish the root of MHT to the public once a block has been appended. Meanwhile, using the authentication property of MHT, our scheme can provide log-less verification with privacy preservation. We formally prove the security of the proposed scheme and evaluate its performance on entry appending and verification by concrete experiments and comparisons with the state-of-the-art schemes. The results demonstrate that the proposed scheme can effectively achieve secure auditing for log files of operation behaviors in cloud storage and outperforms the previous ones in computation complexity and communication overhead.

AB - In this paper, we focus on auditing for users’ operation behaviors, which is significant for the avoidance of potential crimes in the cloud and equitable accountability determination in the forensic. We first present a public model for operation behaviors in cloud storage, in which a trusted third party is introduced to verify the integrity of operation behavior logs to enhance the credibility of forensic results as well as alleviate the burden of the forensic investigator. Further, we design a block-based logging approach to support selective verification and a hash-chain-based structure for each log block to ensure the forward security and append-only properties for log entries. Moreover, to achieve the tamper resistance of log blocks and non-repudiation of auditing proofs, we employ Merkle hash tree (MHT) to record the hash values of the aggregation authentication block tags sequentially and publish the root of MHT to the public once a block has been appended. Meanwhile, using the authentication property of MHT, our scheme can provide log-less verification with privacy preservation. We formally prove the security of the proposed scheme and evaluate its performance on entry appending and verification by concrete experiments and comparisons with the state-of-the-art schemes. The results demonstrate that the proposed scheme can effectively achieve secure auditing for log files of operation behaviors in cloud storage and outperforms the previous ones in computation complexity and communication overhead.

KW - Cloud storage

KW - Merkle hash tree

KW - Operation behaviors

KW - Public auditing

KW - Secure logging

UR - http://www.scopus.com/inward/record.url?scp=84981531630&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84981531630&partnerID=8YFLogxK

U2 - 10.1007/s00500-016-2311-y

DO - 10.1007/s00500-016-2311-y

M3 - Article

AN - SCOPUS:84981531630

VL - 21

SP - 2175

EP - 2187

JO - Soft Computing

JF - Soft Computing

SN - 1432-7643

IS - 8

ER -