A secure cloud storage system combining Time-based One Time Password and Automatic Blocker Protocol

Abstract

Cloud storages in cloud data centers can be useful for enterprises and individuals to store and access their data remotely anywhere anytime without any additional burden. By data outsourcing, users can be relieved from the burden of local data storage and maintenance. However, the major problem of cloud data storage is security. As data is stored in geographically distributed data centers, how users will get the confirmation about storing data. Moreover, cloud users must be able to use the cloud storage just like the local storage, without worrying about the need to verify the data integrity and data consistency. Some researchers have been conducted with the aid of Third Party Auditor (TPA) to verify the data stored in the cloud and be sure that it is not tampered. However, the TPA is leased by the provider and after a time cloud service provider may contract with the TPA to conceal the loss of data from the user to prevent the defamation. This paper presents a novel secure cloud storage system to ensure the protection of organizations' data from both the cloud provider and the third party auditor and from some users who take advantage of the old accounts to access the data stored on the cloud. The proposed system enhances the authentication level of security by using two authentication techniques; Time-based One Time Password (TOTP) for cloud users verification and Automatic Blocker Protocol (ABP) to fully protect the system from unauthorized third party auditor. The experimental results demonstrate the effectiveness and efficiency of the proposed system when auditing shared data integrity.