In this paper we study about hybrid cloud approach for secure authorized deduplication. Data deduplication is one of important data compression techniques for eliminating duplicate copies of repeating data, and has been rapidly used in clouds to reduce the amount of storage space. To protect the privacy of sensitive data while supporting deduplication, the convergent encryption technique has been used to encrypt the data before outsourcing. To better protect data security, this paper makes the first attempt to formally address the problem of authorized data deduplication. This technique is different from traditional deduplication systems, the differential privileges of users are further considered in duplicate check besides the data itself. We also present several new deduplication constructions that have been supporting the authorized deduplication in a hybrid cloud environment. Security analysis demonstrates that our deduplication scheme is secure by the definitions specified in the proposed security model. As a proof of concept, we implement a prototype of our proposed authorized deduplication scheme and conduct tested experiments using our prototype. We show that our proposed authorized deduplication scheme incurs minimal overhead compared to normal operations.
L. Sankaran, D. Ashok Kumar, S. Dushyanth, E. Ayyappan
Security, Data Protection, Deduplication, Convergent Encryption, Cloud Storage.
- J. Stanek, A. Sorniotti, E. Androulaki, and L. Kencl, "A secure data deduplication scheme for cloud storage," in Financial Cryptography and Data Security - 18th International Conference, Christ Church, Barbados, March 3-7, 2014, Revised Selected Papers, pp. 99–118.
- D. Harnik, B. Pinkas, and A. Shulman-Peleg, "Side channels in cloud services: Deduplication in cloud storage," IEEE Security & Privacy, vol. 8, no. 6, pp. 40–47, 2010.
- S. Keelveedhi, M. Bellare, and T. Ristenpart, "Dupless: Serveraided encryption for deduplicated storage," in Proceedings of the 22th USENIX Security Symposium, Washington, DC, USA, August 14-16, 2013, pp. 179–194.
- D. Meister and A. Brinkmann, "Multi-level comparison of data deduplication in a backup scenario," in Proceedings of SYSTOR 2009: The Israeli Experimental Systems Conference 2009, Haifa, Israel, May 4-6, 2009, p. 8.
- N. Mandagere, P. Zhou, M. A. Smith, and S. Uttamchandani, "Demystifying data deduplication," in Middleware 2008, ACM/IFIP/USENIX 9th International Middleware Conference, Leuven, Belgium, December 1-5, 2008, Companion Proceedings, pp. 12–17.
- L. Aronovich, R. Asher, E. Bachmat, H. Bitner, M. Hirsch, and S. T. Klein, "The design of a similarity based deduplication system," in Proceedings of SYSTOR 2009: The Israeli Experimental Systems Conference 2009, Haifa, Israel, May 4-6, 2009, p. 6.
- M. Dutch and L. Freeman, "Understanding data de-duplication ratios," http://www.snia.org/sites/default/files/Understanding Data Deduplication Ratios-20080718.pdf, accessed: 2016-03-07.
- D. Harnik, O. Margalit, D. Naor, D. Sotnikov, and G. Vernik, "Estimation of deduplication ratios in large data sets," in IEEE 28th Symposium on Mass Storage Systems and Technologies, MSST 2012, April 16-20, 2012, CA, USA, pp. 1–11.
- S. Halevi, D. Harnik, B. Pinkas, and A. Shulman-Peleg, "Proofs of ownership in remote storage systems," in Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, Chicago, IL, USA, October 17-21, 2011, pp. 491–500.
- R. D. Pietro and A. Sorniotti, "Boosting efficiency and security in proof of ownership for deduplication," in 7th ACM Symposium on Information, Compuer and Communications Security, ASIACCS ’12, Seoul, Korea, May 2-4, 2012, pp. 81–82.
- J. R. Douceur, A. Adya, W. J. Bolosky, D. Simon, and M. Theimer, "Reclaiming space from duplicate files in a serverless distributed file system," in ICDCS, 2002, pp. 617–624.
- M. W. Storer, K. M. Greenan, D. D. E. Long, and E. L. Miller, "Secure data deduplication," in Proceedings of the 2008 ACM Workshop On Storage Security And Survivability, StorageSS 2008, Alexandria, VA, USA, October 31, 2008, pp. 1–10.
- M. Bellare, S. Keelveedhi, and T. Ristenpart, "Message-locked encryption and secure deduplication," in Advances in Cryptology - EUROCRYPT 2013, 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Athens, Greece, May 26-30, 2013. Proceedings, pp. 296–312.
- M. Bellare and S. Keelveedhi, "Interactive message-locked encryption and secure deduplication," in Public-Key Cryptography - PKC 2015 - 18th IACR International Conference on Practice and Theory in Public-Key Cryptography, Gaithersburg, MD, USA, March 30 - April 1, 2015, Proceedings, pp. 516–538.
- J. Xu, E. Chang, and J. Zhou, "Weak leakage-resilient client-side deduplication of encrypted data in cloud storage," in 8th ACM Symposium on Information, Computer and Communications Security, ASIA CCS ’13, Hangzhou, China - May 08 - 10, 2013, pp. 195–206.
- F. Armknecht, J.-M. Bohli, G. O. Karame, and F. Youssef, "Transparent data deduplication in the cloud," in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, 2015, pp. 886–900.
- J. Li, X. Chen, M. Li, J. Li, P. P. C. Lee, and W. Lou, "Secure deduplication with efficient and reliable convergent key management," IEEE Trans. Parallel Distrib. Syst., vol. 25, no. 6, pp. 1615–1625.
- P. Meye, P. R. Parv´edy, F. Tronel, and E. Anceaume, "A secure two-phase data deduplication scheme," in 6th IEEE International Symposium on Cyberspace Safety and Security CSS 2014, Paris, France, August 20-22, 2014, pp. 802–809.
- Y. Duan, "Distributed key generation for encrypted deduplication: Achieving the strongest privacy," in Proceedings of the 6th edition of the ACM Workshop on Cloud Computing Security, CCSW ’14, Scottsdale, AZ, USA, November 7, 2014, pp. 57–68.
- P. Puzio, R. Molva, M. O¨ nen, and S. Loureiro, "Cloudedup: Secure deduplication with encrypted data for cloud storage," in IEEE 5th International Conference on Cloud Computing Technology and Science, Bristol, UK, December 2-5, 2013, Volume 1, pp. 363–370.
- J. Liu, N. Asokan, and B. Pinkas, "Secure deduplication of encrypted data without additional independent servers," in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, Oct. 2015, pp. 874–885.
- X. Zhao, Y. Zhang, Y. Wu, K. Chen, J. Jiang, and K. Li, "Liquid: A scalable deduplication file system for virtual machine images," IEEE Trans. Parallel Distrib. Syst., vol. 25, no. 5, pp. 1257–1266.
- J. R. Douceur, "The sybil attack," in Peer-to-Peer Systems, First International Workshop, IPTPS 2002, Cambridge, MA, USA, March 7-8, 2002, Revised Papers, pp. 251–260.
- S. Goldwasser and S. Micali, "Probabilistic encryption," J. Comput. Syst. Sci., vol. 28, no. 2, pp. 270–299, 1984.
- A. Shamir, "How to share a secret," Commun. ACM, vol. 22, no. 11, pp. 612–613, 1979.
- G. Ateniese, J. Camenisch, S. Hohenberger, and B. de Medeiros, "Practical group signatures without random oracles," IACR Cryptology ePrint Archive 2005/385.
- P. S. L. M. Barreto, B. Lynn, and M. Scott, "Efficient implementation of pairing-based cryptosystems," J. Cryptology, vol. 17, no. 4, pp. 321–334, 2004.
- B. Lynn, "The pairing-based crypto. library," http://crypto. stanford.edu/pbc/, accessed: 2016-03-07.
- V. Goyal, O. Pandey, A. Sahai, and B. Waters, "Attribute-based encryption for fine-grained access control of encrypted data," in Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, VA, USA, Oct. 2006, pp. 89–98.
- "The Pirate Bay 2008-12 Dataset," University Of Zurich, Department of Informatics webpage, http://www.csg.uzh.ch/ publications/data/piratebay.html, accessed: 2016-03-07.
- "Ubuntu Popularity Contest," http://popcon.ubuntu.com/, accessed: 2016-03-15.
- D. F. Aranha, K. Karabina, P. Longa, C. H. Gebotys, and J. L´opez, "Faster explicit formulas for computing pairings over ordinary curves," in Advances in Cryptology - EUROCRYPT 2011 - 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, Estonia, May 15-19, 2011. Proceedings, pp. 48–68.
- J. Camenisch, S. Hohenberger, and A. Lysyanskaya, "Balancing accountability and privacy using e-cash (extended abstract)," in Security and Cryptography for Networks, 5th International Conference, SCN 2006, Maiori, Italy, Sept. 6-8, 2006, Proceedings, pp. 141–155.
- A. Lysyanskaya, R. L. Rivest, A. Sahai, and S. Wolf, "Pseudonym systems," in Selected Areas in Cryptography, 6th Annual International Workshop, SAC’99, Kingston, ON, Canada, August 9-10, 1999, Proceedings, pp. 184–199
|Published in :
||Volume 3 | Issue 2 | March-April - 2017
|Date of Publication
Cite This Article
L. Sankaran, D. Ashok Kumar, S. Dushyanth, E. Ayyappan, "A De-Duplication Scheme and Distributed Key Generation for Achieving the Strongest Privacy in Cloud", International Journal of Scientific Research in Science, Engineering and Technology(IJSRSET), Print ISSN : 2395-1990, Online ISSN : 2394-4099, Volume 3, Issue 2, pp.210-215, March-April-2017.
URL : http://ijsrset.com/IJSRSET173275.php