Paper Info
Title
Improved security of a dynamic remote data possession checking protocol for cloud storage
Abstract
Cloud storage offers the users with high quality and on-demand data storage services and frees them from the burden of maintenance. However, the cloud servers are not fully trusted. Whether the data stored on cloud are intact or not becomes a major concern of the users. Recently, Chen et al. proposed a remote data possession checking protocol to address this issue. One distinctive feature of their protocol support data dynamics, meaning that users are allowed to modify, insert and delete their outsourced data without the need to re-run the whole protocol. Unfortunately, in this paper, we find that this protocol fails to achieve its purpose since it is vulnerable to forgery attack and replace attack launched by a malicious server. Specifically, we show how a malicious cloud server can deceive the user to believe that the entire file is well-maintained by using the meta-data related to the file alone, or with only part of the file and its meta-data. Then, we propose an improved protocol to fix the security flaws and formally proved that our proposal is secure under a well-known security model. In addition, our improvement keeps all the desirable features of the original protocol.
Year
DOI
Venue
2014
10.1016/j.eswa.2014.06.027
Expert Systems with Applications: An International Journal
Keywords
Field
DocType
cloud storage,data possession checking,dynamic auditing,homomorphic hashing
Computer science,Computer data storage,Computer security,Server,Cloud server,Cloud computing security,Possession (law),Cloud storage,Computer security model,Cloud computing
Journal
Volume
Issue
ISSN
41
17
0957-4174
Citations 
PageRank 
References 
18
0.71
26
Authors
6
Name
Order
Citations
PageRank
Yong Yu152345.29
Jianbing Ni2403.04
Man Ho Au3144497.70
Hong-Yu Liu418323.11
Hua Wang5180.71
Chunxiang Xu6180.71