Abstract
The adoption of cloud computing solutions is an established reality in government agencies and in small, medium, and large companies due to procurement easiness and the variety of available services, as well as its low cost compared to the acquisition and management of own infrastructures. Among the most used services is cloud file storage, and the security of this storage has been an essential subject of recent research, particularly customer data integrity. Thus, this article proposes a solution for the monitoring of the integrity of files stored in the cloud, based on the use of smart contracts in Blockchain Networks, symmetric encryption, and computational trust. The proposed solution consists of a protocol that provides confidentiality, decentralization, audit availability, and the secure sharing of file integrity monitoring results, without overloading the services involved, as well as an unabridged reference implementation which was used to validate the proposal. The results obtained during the validation tests have shown that the solution is feasible and faultless in detecting corrupted files. These tests also confirmed that the sharing of integrity monitoring results, coupled with the application of computational trust techniques, significantly increased the efficiency of the proposed solution.
Highlights
C Loud Computing (CC) is an environment that provides on-demand access, through the network, to computational resources such as storage, servers, applications, and other services, which the customer can efficiently aggregate or release [1]
The reference implementation of the proposed protocol, covering the functionalities established for all roles, compatible with networks that adopt the Blockchain Ethereum platform, composed of the following components: i) a smart contract (SC) responsible for calculating, storing, and sharing the trust level assigned to each Cloud Storage Service (CSS); ii) a SC responsible for storing the file validation information, receiving challenges from the Integrity Check Services (ICS), and receiving and validating the CSS responses; iii) a desktop application that implements the tasks established for the Client role; iv) a web service application that implements the expected duties of the CSS role; and, v) a web service application that implements the tasks established for the ICS role
2) Application Implementation for Cloud Storage Services We developed the CSS application as a web service, whose main functionalities are the following: receive the file submitted by the Client for storage; audit the information stored in the Blockchain Network (BN) through a Cloud File Storage and Monitoring Contract (CFSMC) instance; confirm its compatibility with the received file; answer the integrity verification challenges registered at the BN through the respective CFSMC instance; and, allow exclusive access to the file content for the Client who submitted it
Summary
C Loud Computing (CC) is an environment that provides on-demand access, through the network, to computational resources such as storage, servers, applications, and other services, which the customer can efficiently aggregate or release [1]. A. MAIN CONTRIBUTIONS OF THIS STUDY This study proposes a solution based on the use of Blockchain technology for the storage of files in a Cloud Storage Service (CSS) that allows Clients to contract untrustworthy third parties to carry out permanent and auditable monitoring of the integrity of these files using challenges, without compromising the confidentiality of the stored information, through SCs. In addition, this study proposes a shared process to classify a CSS according to trust levels based on its behavior, this task being performed autonomously by SCs. The proposed solution improves previous work [8], minimizing its limitations, and increasing its efficiency. The reference implementation of the proposed protocol, covering the functionalities established for all roles, compatible with networks that adopt the Blockchain Ethereum platform, composed of the following components: i) a SC responsible for calculating, storing, and sharing the trust level assigned to each CSS; ii) a SC responsible for storing the file validation information, receiving challenges from the ICS, and receiving and validating the CSS responses; iii) a desktop application that implements the tasks established for the Client role; iv) a web service application that implements the expected duties of the CSS role; and, v) a web service application that implements the tasks established for the ICS role
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
