Provable Multiple-Copy Integrity Auditing Scheme for Cloud-Based IoT

Abstract

Cloud-based Internet of Things systems facilitate cloud storage and provide cloud users with convenient data outsourcing service, although there are a number of associated risks to the users (e.g., an untrusted cloud server or their employee/vendor may delete rarely accessed data). In order to ensure that the cloud server stores the data correctly, users need to verify the integrity of remote data periodically. Most of the existing public auditing protocols only considered storing single copy on the cloud; in this case, the loss of users is irreparable when the data are damaged. Subsequently, some multicopy auditing schemes have been proposed where users can store multiple replicas on the cloud. However, it can be challenging to check the integrity of all the copies without incurring significant computation overheads for the auditor/user. Hence, this article proposes a provable multicopy integrity auditing scheme (PMCIA), which reduces the verification cost of the auditor to several lightweight hash operations. Using the medical settings (e.g., where electronic health records containing sensitive information of patients need to be preprocessed before outsourcing storage) as a use case, we explain how our proposed scheme can be deployed. Specifically, to minimize computation overhead for users (e.g., patients), we introduce a hospital information center to help patients generate multiple copies and corresponding tags. We then prove the security under the computational Diffie–Hellman assumption as well as evaluate the performance of our PMCIA scheme. Finally, we explain how PMCIA can be extended to support batch auditing to improve auditing efficiency for multiple auditing tasks.