Provable Multicopy Dynamic Data Possession in Cloud Computing Systems
Increasingly more and more organizations are opting for outsourcing data to remote cloud service providers (CSPs). Customers can rent the CSPs storage infrastructure to store and retrieve almost unlimited amount of data by paying fees metered in gigabyte/month. For an increased level of scalability, availability, and durability, some customers may want their data to be replicated on multiple servers across multiple data centers. The more copies the CSP is asked to store, the more fees the customers are charged. Therefore, customers need to have a strong guarantee that the CSP is storing all data copies that are agreed upon in the service contract, and all these copies are consistent with the most recent modifications issued by the customers. In this paper, we propose a map-based provable multicopy dynamic data possession (MB-PMDDP) scheme that has the following features.
- It provides evidence to the customers that the CSP is not cheating by storing fewer copies.
- It supports outsourcing of dynamic data, i.e., it supports block-level operations, such as block modification, insertion, deletion, and append.
- It allows authorized users to seamlessly access the file copies stored by the CSP. We give a comparative analysis of the proposed MB-PMDDP scheme with a reference model obtained by extending existing provable possession of dynamic single-copy schemes. The theoretical analysis is validated through experimental results on a commercial cloud platform. In addition, we show the security against colluding servers, and discuss how to identify corrupted copies by slightly modifying the proposed scheme.
The cloud computing storage model considered in this work consists of three main components as illustrated.
- A data owner that can be an organization originally possessing sensitive data to be stored in the cloud.
- A CSP who manages cloud servers (CSs) and provides paid storage space on its infrastructure to store the owner’s ﬁles.
- Authorized users a set of owner’s clients who have the right to access the remote data.
The storage model used in this work can be adopted by many practical applications. For example, e-Health applications can be envisioned by this model where the patients’ database that contains large and sensitive information can be stored on the cloud servers. In these types of applications, the e-Health organization can be considered as the data owner, and the physicians as the authorized users who have the right to access the patients’ medical history. Many other practical applications like financial, scientific, and educational applications can be viewed in similar settings.
- There is no proof the client is using full utilized space allocated to him.
- Utilization is not effective and efficiency.
We propose a MB-PMDDP scheme allowing the data owner to update and scale the blocks of files copies outsourced to cloud servers which may be untrusted. Validating such copies of dynamic data requires the knowledge of the block versions to ensure that the data blocks in all copies are consistent with the most recent modifications issued by the owner. Moreover, the verifier should be aware of the block indices to guarantee that the CSP has inserted or added the new blocks at the requested positions in all copies. To this end, the proposed scheme is based on using a small data structure (metadata), which we call a map-version table.
Utilisatin is very effective and efficiency.
Proof for the utilization of the spaces allocated.
The usage of cloud storage is performed by uploading files, multi-copy, View and Delete.
The file is uploaded to cloud storage for the multi-operation on the files
The file is copied to the multiple cloud locations for the easier, effective and efficiency access or operation on the file.
The list of files can be view and number of files for the proof of number of files and list of files.
The files can be edited in the modification module and it can be downloaded for the usage.
If admin deletes the files from a location without the knowledge of the user it is reflected in the view module in numbers and list of files.
Outsourcing data to remote servers has become a growing trend for many organizations to alleviate the burden of local data storage and maintenance. In this work we have studied the problem of creating multiple copies of dynamic data ﬁle and verifying those copies stored on untrusted cloud servers.
We have proposed a new PDP scheme (referred to as MB-PMDDP), which supports outsourcing of multi-copy dynamic data, where the data owner is capable of not only archiving and accessing the data copies stored by the CSP, but also updating and scaling these copies on the remote servers. To the best of our knowledge, the proposed scheme is the first to address multiple copies of dynamic data. The interaction between the authorized users and the CSP is considered in our scheme, where the authorized users can seamlessly access a data copy received from the CSP using a single secret key shared with the data owner. Moreover, the proposed scheme supports public verfiability, enables arbitrary number of auditing, and allows possession-free verification where the verifier has the ability to verify the data integrity even though he neither possesses nor retrieves the file blocks from the server.
Through performance analysis and experimental results, we have demonstrated that the proposed MB-PMDDP scheme outperforms the TB-PMDDP approach derived from a class of dynamic single-copy PDP models. The TB-PMDDP leads to high storage overhead on the remote servers and high computations on both the CSP and the verifier sides. The MB-PMDDP scheme significantly reduces the computation time during the challenge-response phase which makes it more practical for applications where a large number of verifiers are connected to the CSP causing a huge computation overhead on the servers. Besides, it has lower storage overhead on the CSP, and thus reduces the fees paid by the cloud customers. The dynamic block operations of the map-based approach are done with less communication cost than that of the tree-based approach.
A slight modification can be done on the proposed scheme to support the feature of identifying the indices of corrupted copies. The corrupted data copy can be reconstructed even from a complete damage using duplicated copies on other servers. Through security analysis, we have shown that the proposed scheme is provably secure.