Secure auditing and deduplication for encrypted cloud data supporting ownership modification

Abstract

Storing only one unique copy of the same cloud data and guaranteeing its integrity are two main goals for cloud storage auditing and deduplication schemes. In such schemes, data owners can firmly believe the data integrity by periodically auditing and the cloud server can save lots of storage space by exploiting the duplication techniques. However, when a data owner deletes or modifies his outsourced data, he should lose the ownership for the original data and should not be able to successfully retrieve this data any more. For all we know, existing cloud storage auditing and deduplication literatures fail to support the modifications of ownership, which actually occur quite often in actual cloud storage scenarios. In this paper, we propose the first deduplicated data integrity auditing scheme supporting the ownership modification. It guarantees the integrity of the outsourced data and supports the dynamic access control over the outsourced data. We employ a re-encryption algorithm and the secure identity-based broadcast encryption technology, which prevent data from being disclosed to the revoked owners, even if they previously had prior ownership of these data. The security and efficiency of our proposed scheme have been validated by detailed analysis and experiments.