Showing total 9 results

1. Efficient identity-based multi-copy data sharing auditing scheme with decentralized trust management.

Author

Tian, Ying, Tan, Haowen, Shen, Jian, Pandi, Vijayakumar, Gupta, Brij B., and Arya, Varsha

Subjects

*TRUST, *INFORMATION sharing, *CLOUD storage, *TROJAN horses (Computer viruses), *AUDITING, *DOWNLOADING

Abstract

The development of cloud storage provides convenient group data sharing services to us. In reality, not only can users upload data to the cloud, but more often they are inclined to download data from the cloud. Unfortunately, data stored on the cloud is not always trustworthy, and downloading Trojan or virus data can bring bad experiences to users. In certain cloud computing scenarios, with the aim of preventing data loss, both the original data and the corresponding data copies are stored. Consequently, the huge amounts of stored data copies result in large storage overhead to the cloud. In order to tackle all of the above problems, an efficient identity-based multi-copy data sharing auditing scheme with decentralized trust management is presented in this paper. In our scheme, the group manager detects shared data and generates short signatures for the data that can pass detection successfully before it is stored on the cloud. Further, the group manager calculates the trust value for users and enhances the management of user behavior according to it. Through adopting data merging, the total amount of data copies and the overhead of users and cloud are reduced in our scheme. In terms of security, our scheme can resist forgery attacks launched by three different adversaries. At last, we prove that our scheme is secure and practical through security and performance analysis, respectively. • This paper proposes a shared data integrity auditing scheme supporting distributed trust management, which can effectively prevent malicious users from sharing malicious data such as Trojans or virus data. • In our scheme, each user is bound to a trust value, which indicates the trustworthiness of the user. • The user's trust value is generated by the manager, and when it does not satisfy the conditions for sharing data, the user will not be allowed to share data on the cloud. • In the group, the manager checks the data shared by the user and generates signatures for the legal data. • The cloud will refuse to store any data that cannot be verified by the manager's public key. • This scheme also realizes efficient integrity auditing, batch verification, and multi-copy storage. [ABSTRACT FROM AUTHOR]

Published

2023

2. DSCAPS: A decentralized smart contract auditing platform based on sidechain.

Author

Jiang, Wenchao, Dai, Weiqi, Zheng, Jiamin, Liang, Zhipeng, Huang, Quankeng, Zhang, Fanlong, and Wu, Tao

Subjects

*AUDITING, *INCENTIVE (Psychology), *CONTRACTS, *DIGITAL asset management, *REPUTATION, *BLOCKCHAINS

Abstract

Successful attacks on smart contracts can result in loss of digital assets with potential financial and reputation implications. This reinforces the importance of auditing smart contracts prior to deployment. However, existing auditing approaches are generally non transparent, inefficient, limited to known bugs, and imprecise due to lack of real-world information in the blockchain. Therefore, we design a D ecentralized S mart C ontract A uditing P latform based on S idechain (DSCAPS) in this paper. DSCAPS leverages the two-way peg sidechain technology to implement the interactions between the main chain and the sidechain which is used as the audit chain platform. Unlike conventional centralized audits, blockchain users can evaluate the security of contracts in a real-world smart contract execution environment by designing an appropriate incentive mechanism. Thus, detection results will be more comprehensive and precise. Moreover, to prevent multi-party collusion from manipulating the blockchain or audit process, we introduce a margin mechanism. Findings from our security analysis demonstrate that DSCAPS can mitigate potential threats. Evaluation findings based on the system implementation also show that DSCAPS is efficient in auditing a contract with performance overheads of less than 10%. [ABSTRACT FROM AUTHOR]

Published

2024

3. Blockchain-based fair payment smart contract for public cloud storage auditing.

Author

Wang, Hao, Qin, Hong, Zhao, Minghao, Wei, Xiaochao, Shen, Hua, and Susilo, Willy

Subjects

*PUBLIC contracts, *CLOUD storage, *PAYMENT, *AUDITING, *AUDITORS

Abstract

Cloud storage plays an important role in today's cloud ecosystem. Increasingly clients tend to outsource their data to the cloud. In spite of its copious advantages, integrity has always been a significant issue. The audit method is commonly used to ensure integrity in cloud scenarios. However, traditional auditing schemes expect a third-party auditor (TPA), which is not always available in the real world. Also, the former scheme implies a limited pay-as-you-go service, as it requires the client to pay for the service in advance. In this paper, we aim to address the aforementioned drawback by adopting blockchain to replace TPA and designing a blockchain-based fair payment smart contract for public cloud storage auditing. In our system, data owner and cloud service provider (CSP) will run a blockchain-based smart contract. The contract ensures that the CSP is required to submit data possession proof regularly. The CSP gets paid only if the verification is passed; otherwise, it gets no remuneration but has to pay the penalties. To reduce the number of interactions in the execution of contract, we present the notion of non-interactive public provable data possession and design a blockchain-based smart contract for public cloud storage auditing based on this primitive. [ABSTRACT FROM AUTHOR]

Published

2020

4. Smart contract-based integrity audit method for IoT.

Author

Wang, Chunbo, Liu, Xu, Li, Hang, Di, Xiaoqiang, Cong, Ligang, Zhang, Siyu, and Qi, Hui

Subjects

*CLOUD storage, *INTERNET of things, *AUDITING, *CLOUD computing, *DATA integrity, *AUDITORS

Abstract

• Using chaotic systems to realize non-interactive integrity audit. • Building integrity audit trees to reduce the computational overhead of entities. • Using the automatic trigger function of smart contracts to design reward and punishment rules. • In order to protect privacy, neither cloud storage nor auditors have access to the raw data. With the widespread adoption of Internet of Things (IoT) technology, a large amount of private data has been generated. Due to the limited computing and storage resources of IoT devices, enterprises and individuals choose to use a cloud storage provider (CSP) to manage their data. However, they lose the actual control of the data, and hence users need to verify the integrity of the data in the cloud. As a result, reducing the computational overhead of integrity auditing tasks for massive amounts of data and optimizing the distribution of benefits among the participants have become the key to the healthy development of IoT technologies. This paper proposes an integrity auditing method based on smart contracts. First, we construct a noninteractive auditing model based on a chaotic system so that the third-party auditor (TPA) can complete the auditing task without challenging the CSP. Second, we proposed a new construction method for audit trees that can quickly generate the verification tag of the root node. Finally, we design a smart contract-based auditing algorithm on the blockchain, which can simultaneously verify the behaviour of the CSP and the TPA to achieve fair payments. The theoretical analysis shows that our scheme can effectively prevent the TPA from falsifying audit results and prevent collusion between the TPA and the CSP. The experimental results show that our scheme has higher audit efficiency. [ABSTRACT FROM AUTHOR]

Published

2023

5. Identity-based key-exposure resilient cloud storage public auditing scheme from lattices.

Author

Zhang, Xiaojun, Wang, Huaxiong, and Xu, Chunxiang

Subjects

*CLOUD storage, *AUDITING, *LATTICE theory, *PUBLIC key infrastructure (Computer security), *AUDITORS

Abstract

Abstract With the rapid development of cloud auditing services, key exposure has been highlighted as a serious security issue. Using the exposed private key of a client, cloud servers can forge previous auditing proofs to cheat auditors. To date, a few pairing-based cloud storage auditing schemes addressing key exposure have been proposed. However, they are not secure from quantum attacks, and they rely on public key infrastructure (PKI), which involves complex certificate management. In this paper, we propose an efficient identity-based key-exposure resilient public auditing scheme from lattice assumptions in cloud storage. Our scheme is not only quantum-resistant, but eliminates the need to establish a PKI. We employ lattice basis delegation technique to update a client's private key flexibly, keeping the private key size constant. Based on the hardness of lattice assumptions, we prove the forward security of storage correctness guarantee against malicious cloud servers in detail, and that the proposed scheme preserves privacy against curious auditors. Furthermore, we conduct a performance comparison to demonstrate that our scheme is much more efficient and practical for post-quantum secure cloud storage. [ABSTRACT FROM AUTHOR]

Published

2019

6. Public auditing for shared cloud data with efficient and secure group management.

Author

Tian, Hui, Nan, Fulin, Jiang, Hong, Chang, Chin-Chen, Ning, Jianting, and Huang, Yongfeng

Subjects

*AUDITING, *CLOUD storage security measures, *SOCIAL groups, *INTERNET users, *COLLUSION

Abstract

Highlights • A full scheme aiming to achieve all necessary demands for shared-data public auditing. • A novel lazy-revocation strategy for efficient and secure user revocation. • Enable identity traceability of malicious users using a modification record table. • Enable dynamic operations of shared data using an extended dynamic hash table. • The scheme outperforms the state-of-the-art ones in computational costs. Abstract With increasing popularity of collaboration in clouds, shared data auditing has become an important issue in cloud auditing field, and attracted extensive attention from the research community. However, none of the state of the arts can fully achieve all indispensable functional and security requirements. Thus, in this paper, we present a comprehensive public auditing scheme for shared data. Specifically, to preserve users' identity privacy, signatures on the challenged blocks are converted to the ones signed by the group manager during proof generation; to protect data privacy, a random masking is adopted to blind data proof; a modification record table is designed to record operation information to support identity traceability; we further extend the dynamic hash table to support shared-data dynamics, and present a batch auditing strategy. Moreover, we design a lazy-revocation based group management mechanism to achieve efficient group dynamics, which can resist collusion attacks while significantly reducing computational costs. We formally prove the security of our scheme, and evaluate its performance by comprehensive experiments and comparisons with the state-of-the-art ones. The results demonstrate that our scheme can effectively achieve secure auditing and outperforms the previous ones in computational overhead while maintaining relatively low communication costs. [ABSTRACT FROM AUTHOR]

Published

2019

7. Evolutionary dynamics of compliance in a two-population game of auditors and taxpayers.

Author

De Giovanni, Domenico, Lamantia, Fabio, and Pezzino, Mario

Subjects

*TAX evasion, *AUDITORS, *TAXPAYER compliance, *SOCIAL pressure, *CORRUPTION

Abstract

The paper studies the dynamics of compliance in a population of taxpayers that can decide whether to engage in tax evasion. In addition, these agents are subject to control by auditors who also choose to engage in dishonest behavior and request a bribe for not reporting detected tax evasion. We investigate the rich, dynamic scenarios that may arise through the interaction of auditors and taxpayers and describe how corruption cycles may emerge. • We study a two-population evolutionary game of compliance and tax evasion. • Social pressure is a function of the current level of honesty in the population. • When tax morale is strong, convergence to widespread honesty is a possible outcome. • Weak tax morale implies diffuse dishonesty or its coexistence with honesty. • Mild social pressure produces corruption cycles in the long run. [ABSTRACT FROM AUTHOR]

Published

2023

8. Efficient ID-based public auditing for the outsourced data in cloud storage.

Author

Zhang, Jianhong and Dong, Qiaocui

Subjects

*CLOUD storage, *AUDITING, *DATA analysis, *CRYPTOGRAPHY, *AUDITORS

Abstract

Cloud storage can make data users store and access their files anytime, from anywhere and with any device. To ensure the security of the outsourced data, data user needs to periodically check data integrity. The existing public auditing schemes are mainly based on the PKI (public key infrastructure). In this infrastructure, the auditor must validate the certificates of data user before auditing data integrity. Thus, it results in a large amount of computation cost. Especially, it brings heavy burden to the auditor in the multi-user setting. To overcome this problem, in this paper, we propose an efficient ID-based auditing protocol for cloud data integrity based on ID-Based Cryptography, which is provably secure in the random oracle model and has tight security reduction. And we also extend it to support batch auditing in the multi-user setting. Finally, extensive security and simulation results show that our ID-based auditing protocols are secure and efficient, especially it reduces the computation cost of the auditor in the multi-user setting. In comparison with Wang et al.’s ID-based remote data possession checking protocol, our protocol is more suitable to the large-scale cloud storage system. [ABSTRACT FROM AUTHOR]

Published

2016

9. Anomaly intrusion detection by clustering transactional audit streams in a host computer

Author

Park, Nam Hun, Oh, Sang Hyun, and Lee, Won Suk

Subjects

*ANOMALY detection (Computer security), *CLUSTER analysis (Statistics), *AUDITING, *CLIENT/SERVER computing, *DATA mining, *STREAMING technology, *PERFORMANCE evaluation

Abstract

Abstract: In anomaly intrusion detection, modeling the normal behavior of activities performed by a user is an important issue. To extract normal behavior from the activities of a user, conventional data mining techniques are widely applied to a finite audit data set. However, these approaches model only the static behavior of a user in the audit data set. This drawback can be overcome by viewing a user’s continuous activities as an audit data stream. This paper proposes an anomaly intrusion detection method that continuously models the normal behavior of a user over the audit data stream. A set of features is used to represent the characteristics of an activity. For each feature, clusters of feature values corresponding to activities observed thus far in an audit data stream are identified by a statistical grid-based clustering algorithm for a data stream. Each cluster represents the frequency range of the activities with respect to the feature. As a result, without the physical maintenance of any historical activity of the user, the user’s new activities can be continuously reflected in the ongoing results. At the same time, various statistics of activities related to the identified clusters are also modeled to improve the performance of anomaly detection. The proposed algorithm is illustrated by a series of experiments to identify various characteristics. [Copyright &y& Elsevier]

Published

2010