In this paper, we study the problem of secure cloud storage in a multi-user setting such that the ownership of outsourced files can be hidden against the cloud server. There is a group manager for initiating the system, who is also responsible for issuing private keys for the involved group members. All authorized members are able to outsource files to the group’s storage account at some cloud server. Although the ownership of outsourced file is preserved against the cloud server, the group manager could trace the true identity of any suspicious file for liability investigation. To address this issue, we introduce and formalize a notion of ownership-hidden group-oriented proofs of storage (OPoS). We present a generic OPoS construction from pre-homomorphic signatures, and propose an OPoS instantiation by employing the Boneh–Boyen short signature. We show that the OPoS instantiation can be optimized using a polynomial commitment technique, so that the integrity auditing protocol would only take constant-size communication overheads by the cloud server. Theoretical and experimental analyses show that our OPoS instantiations are efficient and practical for enterprise-oriented cloud storage applications. Also, we show that the OPoS instantiations can be enhanced to safeguard against a dynamic set of corrupted members, as well as support batch integrity auditing mechanism.
Read full abstract