Light-weight accountable privacy preserving (LAPP) protocol to determine dishonest role of third party auditor in cloud auditing

Abstract

Cloud computing is surfacing as the next disruptive utility paradigm. It provides massive storage capabilities, the development environment for application developers through virtual machines. It is also the home of software and databases that are accessible, on-demand. As security is the main constraint holding companies to engage into the cloud fully, third-party auditors (TPA) are becoming more and more common in cloud computing implementations. Of course, involving auditors comes with its issues such as trust and processing overhead. To achieve productive auditing, we need to (1) accomplish efficient auditing without requesting the data location, nor introducing processing overhead to the cloud client; (2) avoid involving new security vulnerabilities during the auditing process. In this paper, we propose a novel method allowing to detect a dishonest TPA: the Light-weight Accountable Privacy Preserving (LAPP) Protocol. This protocol determines the malicious behavior of the TPA. To validate the proposed protocol's effectiveness, simulation experiments have been conducted, using the GreenCloud simulator. Based on our simulation results, we confirm that our proposed protocol provides better outcomes as compared to the other known contending protocols concerning reliability, communication cost, and the auditing time per task by a fraction of the invalid responses.