IEEE Access (Jan 2020)
Privacy-Preserving Cloud Auditing for Multiple Users Scheme With Authorization and Traceability
Abstract
With the widespread application of cloud storage, users could obtain many conveniences such as low-price data remote storage and flexible data sharing. Considering cloud service provider (CSP) is not full-trusted, lots of cloud auditing schemes are proposed to ensure the shared data security and integrity. However, existing cloud auditing schemes have some security risks, such as user identity disclosure, denial of service attack and single-manager abuse of power. To solve the above issues, we use certificateless signature technology to construct a privacy-preserving cloud auditing scheme for multiple users with authorization and traceability in this paper. Unlike the traditional schemes, our scheme realizes user identity anonymity without group signature and ring signature techniques, which guarantees the tag is compact. Meanwhile, our scheme supports that at least $d$ managers could trace the identity of malicious user collaboratively, which avoids the abuse of single-manager power and provides non-frameability. Furthermore, we introduce an identity authentication process between the third-party auditor (TPA) and the CSP to prevent the denial of service attack. That is, our scheme could solve the problem that anyone can challenge the CSP for the proofs, which averts network congestion and waste of cloud resources. In terms of function, the proposed scheme also supports efficient user revocation from a group. Certificateless cryptography ensures that our scheme does not involve certificate management burden and the key escrow problem. The security analysis shows that our scheme is provably secure against two types of adversaries in the environment of certificateless cryptography. The performance analysis demonstrates that our scheme is efficient
Keywords