With the popularity of cloud storage, increasing users begin to outsource data to the cloud. In order to resist possible data analysis for centralized outsourced data and improve the fault tolerance, users prefer to distribute data to cloud servers of different cloud service providers. However, once the data have been outsourced, it will be out of user’s control and many security issues may occur, such as outsourced data being illegally tamper with, or rarely accessed data being secretly deleted. In this article, we propose a decentralized self-auditing scheme for multi-cloud storage, called DSAS. First, based on the symmetric balanced incomplete block design, DSAS achieves integrity verification for outsourced data via the interactions of cloud servers and the auditing costs are shared by the participating CSs. Second, DSAS can locate misbehavior cloud server with low computation costs, and resist denial of service attack initiated by malicious cloud servers which attempts to destroy the audit. Third, DSAS can recover the corrupted data without fetching data, and support the revocation of cloud servers and batch auditing. Finally, security proof and function evaluation show that DSAS has comprehensive security and functionality, and performance simulations and experiment results show that DSAS is efficient.
Read full abstract