Cryptology ePrint Archive: Report 2011/304

Auditing the Auditor: Secure Delegation of Auditing Operation over Cloud Storage

Jia XU

Abstract: In cloud storage service, users upload their data together with authentication information to cloud storage server. To ensure the availability and integrity of users' data stored in the cloud storage, users need to verify the cloud storage remotely and periodically, with the help of the pre-stored authentication information and without storing a local copy of the data or retrieving back the data during verification. Public verification enables a third party auditor (TPA), on the behalf of the data owner, to verify the integrity of cloud storage with the data owner's public key. In this paper, we propose a method that allows the data owner to delegate the auditing task to a potentially untrusted third party auditor in a secure manner: (1) The data owner can verify whether the TPA has indeed performed the specified audit task; (2) The data owner can verify whether the TPA did the audit task at the right time specified by the data owner; (3) The confidentiality of the data is protected against the TPA. Our method also enables a TPA to re-outsource the audit task.

Category / Keywords: cryptographic protocols / Authentication, Proof of Retrievability, Secure Cloud Storage, Secure Delegation of Auditing

Date: received 7 Jun 2011

Contact author: jiaxu2001 at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20110608:113818 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]