research-article

Cloud Storage File Recoverability

Authors:

Christian A. Gorke,

Christian Janson,

Frederik Armknecht,

Carlos CidAuthors Info & Claims

SCC '17: Proceedings of the Fifth ACM International Workshop on Security in Cloud Computing

Pages 19 - 26

https://doi.org/10.1145/3055259.3055264

Published: 02 April 2017 Publication History

Abstract

Data loss is perceived as one of the major threats for cloud storage. Consequently, the security community developed several challenge-response protocols that allow a user to remotely verify whether an outsourced file is still intact. However, two important practical problems have not yet been considered. First, clients commonly outsource multiple files of different sizes, raising the question how to formalize such a scheme and in particular ensuring that all files can be simultaneously audited. Second, in case auditing of the files fails, existing schemes do not provide a client with any method to prove if the original files are still recoverable. We address both problems and describe appropriate solutions. The first problem is tackled by providing a new type of "Proofs of Retrievability" scheme, enabling a client to check all files simultaneously in a compact way. The second problem is solved by defining a novel procedure called "Proofs of Recoverability", enabling a client to obtain an assurance whether a file is recoverable or irreparably damaged. Finally, we present a combination of both schemes allowing the client to check the recoverability of all her original files, thus ensuring cloud storage file recoverability.

References

[1]

C. S. Alliance. The Treacherous 12 -- Cloud Computing Top Threats in 2016, 2016. https://downloads.cloudsecurityalliance.org/assets/research/top-threats/Treacherous-12_Cloud-Computing_Top-Threats.pdf.

[2]

Amazon. Amazon S3 API, 2016. http://docs.aws.amazon.com/AmazonS3/latest/API/s3-api.pdf.

[3]

Amazon. Amazon S3 Reduced Redundancy Storage (RRS), 2017. https://aws.amazon.com/s3/reduced-redundancy/.

[4]

F. Armknecht, L. Barman, J. Bohli, and G. O. Karame. Mirror: Enabling proofs of data replication and retrievability in the cloud. In T. Holz and S. Savage, editors, 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10--12, 2016., pages 1051--1068. USENIX Association, 2016.

[5]

F. Armknecht, J. Bohli, D. Froelicher, and G. O. Karame. SPORT: sharing proofs of retrievability across tenants. IACR Cryptology ePrint Archive, 2016:724, 2016.

[6]

F. Armknecht, J. Bohli, G. O. Karame, Z. Liu, and C. A. Reuter. Outsourced proofs of retrievability. In G. Ahn, M. Yung, and N. Li, editors, Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, AZ, USA, November 3--7, 2014, pages 831--843. ACM, 2014.

Digital Library

[7]

G. Ateniese, R. C. Burns, R. Curtmola, J. Herring, O. Khan, L. Kissner, Z. N. J. Peterson, and D. Song. Remote data checking using provable data possession. ACM Trans. Inf. Syst. Secur., 14(1):12, 2011.

Digital Library

[8]

G. Ateniese, R. C. Burns, R. Curtmola, J. Herring, L. Kissner, Z. N. J. Peterson, and D. X. Song. Provable data possession at untrusted stores. In P. Ning, S. D. C. di Vimercati, and P. F. Syverson, editors, ACM Conference on Computer and Communications Security, pages 598--609. ACM, 2007.

Digital Library

[9]

G. Ateniese, S. Kamara, and J. Katz. Proofs of storage from homomorphic identification protocols. In M. Matsui, editor, Advances in Cryptology - ASIACRYPT 2009, 15th International Conference on the Theory and Application of Cryptology and Information Security, Tokyo, Japan, December 6--10, 2009. Proceedings, volume 5912 of Lecture Notes in Computer Science, pages 319--333. Springer, 2009.

Digital Library

[10]

G. Ateniese, R. D. Pietro, L. V. Mancini, and G. Tsudik. Scalable and efficient provable data possession. In A. Levi, P. Liu, and R. Molva, editors, 4th International ICST Conference on Security and Privacy in Communication Networks, SECURECOMM 2008, Istanbul, Turkey, September 22--25, 2008, page 9. ACM, 2008.

Digital Library

[11]

M. Azraoui, K. Elkhiyaoui, R. Molva, and M. Önen. Stealthguard: Proofs of retrievability with hidden watchdogs. In M. Kutylowski and J. Vaidya, editors, Computer Security - ESORICS 2014 - 19th European Symposium on Research in Computer Security, Wroclaw, Poland, September 7--11, 2014. Proceedings, Part I, volume 8712 of Lecture Notes in Computer Science, pages 239--256. Springer, 2014.

Digital Library

[12]

K. D. Bowers, A. Juels, and A. Oprea. HAIL: a high-availability and integrity layer for cloud storage. In E. Al-Shaer, S. Jha, and A. D. Keromytis, editors, Proceedings of the 2009 ACM Conference on Computer and Communications Security, CCS 2009, Chicago, Illinois, USA, November 9--13, 2009, pages 187--198. ACM, 2009.

Digital Library

[13]

K. D. Bowers, A. Juels, and A. Oprea. Proofs of retrievability: theory and implementation. In R. Sion and D. Song, editors, Proceedings of the first ACM Cloud Computing Security Workshop, CCSW 2009, Chicago, IL, USA, November 13, 2009, pages 43--54. ACM, 2009.

Digital Library

[14]

K. D. Bowers, M. van Dijk, A. Juels, A. Oprea, and R. L. Rivest. How to tell if your cloud files are vulnerable to drive crashes. In Y. Chen, G. Danezis, and V. Shmatikov, editors, ACM Conference on Computer and Communications Security, pages 501--514. ACM, 2011.

Digital Library

[15]

D. Cash, A. Küpçü, and D. Wichs. Dynamic Proofs of Retrievability via Oblivious RAM. In T. Johansson and P. Q. Nguyen, editors, EUROCRYPT, volume 7881 of Lecture Notes in Computer Science, pages 279--295. Springer, 2013.

[16]

R. Curtmola, O. Khan, R. C. Burns, and G. Ateniese. MR-PDP: Multiple-Replica Provable Data Possession. In ICDCS, pages 411--420. IEEE Computer Society, 2008.

Digital Library

[17]

Y. Dodis, S. P. Vadhan, and D. Wichs. Proofs of Retrievability via Hardness Amplification. In O. Reingold, editor, TCC, volume 5444 of Lecture Notes in Computer Science, pages 109--127. Springer, 2009.

Digital Library

[18]

C. C. Erway, A. Küpçü, C. Papamanthou, and R. Tamassia. Dynamic provable data possession. In E. Al-Shaer, S. Jha, and A. D. Keromytis, editors, ACM Conference on Computer and Communications Security, pages 213--222. ACM, 2009.

Digital Library

[19]

Google. Google Storage API Reference, 2015. https://cloud.google.com/storage/docs/json_api/v1/.

[20]

Google. Google Cloud Platform: Concepts and Techniques, 2016. http://cloud.google.com/storage/docs/concepts-techniques/.

[21]

C. A. Gorke, C. Janson, F. Armknecht, and C. Cid. Cloud storage file recoverability. Cryptology ePrint Archive, Report 2017/167, 2017. http://eprint.iacr.org/2017/167.

[22]

C. Gritti, W. Susilo, and T. Plantard. Efficient dynamic provable data possession with public verifiability and data privacy. In E. Foo and D. Stebila, editors, Information Security and Privacy - 20th Australasian Conference, ACISP 2015, Brisbane, QLD, Australia, June 29 - July 1, 2015, Proceedings, volume 9144 of Lecture Notes in Computer Science, pages 395--412. Springer, 2015.

[23]

C. Guan, K. Ren, F. Zhang, F. Kerschbaum, and J. Yu. Symmetric-key based proofs of retrievability supporting public verification. In G. Pernul, P. Y. A. Ryan, and E. R. Weippl, editors, Computer Security - ESORICS 2015 - 20th European Symposium on Research in Computer Security, Vienna, Austria, September 21--25, 2015, Proceedings, Part I, volume 9326 of Lecture Notes in Computer Science, pages 203--223. Springer, 2015.

Digital Library

[24]

A. Juels and B. S. K. Jr. PORs: Proofs Of Retrievability for Large Files. In P. Ning, S. D. C. di Vimercati, and P. F. Syverson, editors, ACM Conference on Computer and Communications Security, pages 584--597. ACM, 2007.

Digital Library

[25]

Microsoft. Microsoft Azure: How to use Blob storage from .NET, 2015. https://azure.microsoft.com/en-us/documentation/articles/storage-dotnet-how-to-use-blobs/.

[26]

M. B. Paterson, D. R. Stinson, and J. Upadhyay. A coding theory foundation for the analysis of general unconditionally secure proof-of-retrievability schemes for cloud storage. Cryptology ePrint Archive, Report 2012/611, 2012.

[27]

M. B. Paterson, D. R. Stinson, and J. Upadhyay. Multi-prover proof-of-retrievability. Cryptology ePrint Archive, Report 2016/265, 2016. http://eprint.iacr.org/.

[28]

H. Shacham and B. Waters. Compact proofs of retrievability. In J. Pieprzyk, editor, Advances in Cryptology - ASIACRYPT 2008, 14th International Conference on the Theory and Application of Cryptology and Information Security, Melbourne, Australia, December 7--11, 2008. Proceedings, volume 5350 of Lecture Notes in Computer Science, pages 90--107. Springer, 2008.

Digital Library

[29]

E. Shi, E. Stefanov, and C. Papamanthou. Practical dynamic proofs of retrievability. In A.-R. Sadeghi, V. D. Gligor, and M. Yung, editors, ACM Conference on Computer and Communications Security, pages 325--336. ACM, 2013.

Digital Library

[30]

E. Stefanov, M. van Dijk, A. Juels, and A. Oprea. Iris: a scalable cloud file system with efficient integrity checks. In R. H. Zakon, editor, 28th Annual Computer Security Applications Conference, ACSAC 2012, Orlando, FL, USA, 3--7 December 2012, pages 229--238. ACM, 2012.

Digital Library

[31]

D. Vasilopoulos, M. Önen, K. Elkhiyaoui, and R. Molva. Message-locked proofs of retrievability with secure deduplication. In E. R. Weippl, S. Katzenbeisser, M. Payer, S. Mangard, E. Androulaki, and M. K. Reiter, editors, Proceedings of the 2016 ACM on Cloud Computing Security Workshop, CCSW 2016, Vienna, Austria, October 28, 2016, pages 73--83. ACM, 2016.

Digital Library

[32]

J. Yuan and S. Yu. Proofs of retrievability with public verifiability and constant communication cost in cloud. In Proceedings of the 2013 International Workshop on Security in Cloud Computing, Cloud Computing '13, pages 19--26, New York, NY, USA, 2013. ACM.

Digital Library

Cited By

Ali Harchaoui AYounes AEl Hibaoui ABendahmane A(2021)Survey and a New Taxonomy of Proofs of Retrievability on the Cloud StorageProceedings of the 4th International Conference on Networking, Information Systems & Security10.1145/3454127.3457629(1-8)Online publication date: 1-Apr-2021
https://dl.acm.org/doi/10.1145/3454127.3457629
Fang JLiu LLin J(2019)Practical Verification of Data Encryption for Cloud Storage ServicesServices Computing – SCC 201910.1007/978-3-030-23554-3_2(16-31)Online publication date: 19-Jun-2019
https://doi.org/10.1007/978-3-030-23554-3_2

Index Terms

Cloud Storage File Recoverability
1. Information systems
  1. Information storage systems
2. Security and privacy

Recommendations

Cloud storage providers: a comparison review and evaluation
CompSysTech '14: Proceedings of the 15th International Conference on Computer Systems and Technologies

Storage and file synchronisation is a common and important service provided by contemporary cloud providers and a new standard for file sharing and information storage among companies and individuals. However, choosing the right storage provider depends ...
Evaluation of Security Supporting Mechanisms in Cloud Storage
ITNG '14: Proceedings of the 2014 11th International Conference on Information Technology: New Generations

Cloud storage is one of the most promising services of cloud computing. It holds promise for unlimited, scalable, flexible, and low cost data storage. However, security of data stored at the cloud is the main concern that hinders the adoption of cloud ...
Reducing Storage Overhead with Small Write Bottleneck Avoiding in Cloud RAID System
GRID '12: Proceedings of the 2012 ACM/IEEE 13th International Conference on Grid Computing

Cloud storage systems commonly use replication of stored data sets to ensure high reliability and availability. However, the high storage overhead of replication becomes increasingly unacceptable with the explosive growth of data stored in cloud. Some ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SCC '17: Proceedings of the Fifth ACM International Workshop on Security in Cloud Computing

April 2017

100 pages

ISBN:9781450349703

DOI:10.1145/3055259

Program Chairs:
Cong Wang
City University of Hong Kong, China
,
Murat Kantarcioglu
University of Texas at Dallas, USA

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 April 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ASIA CCS '17

Sponsor:

SIGSAC

ASIA CCS '17: ACM Asia Conference on Computer and Communications Security

April 2, 2017

Abu Dhabi, United Arab Emirates

Acceptance Rates

SCC '17 Paper Acceptance Rate 11 of 27 submissions, 41%;

Overall Acceptance Rate 64 of 159 submissions, 40%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
305
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 02 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Ali Harchaoui AYounes AEl Hibaoui ABendahmane A(2021)Survey and a New Taxonomy of Proofs of Retrievability on the Cloud StorageProceedings of the 4th International Conference on Networking, Information Systems & Security10.1145/3454127.3457629(1-8)Online publication date: 1-Apr-2021
https://dl.acm.org/doi/10.1145/3454127.3457629
Fang JLiu LLin J(2019)Practical Verification of Data Encryption for Cloud Storage ServicesServices Computing – SCC 201910.1007/978-3-030-23554-3_2(16-31)Online publication date: 19-Jun-2019
https://doi.org/10.1007/978-3-030-23554-3_2

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten