Abstract
In this paper, we propose solution for obtaining mutual nonrepudiation between the user and service provider in cloud storage. One of the solutions for mutual nonrepudiation is based on logging attestations, which are signed messages. For supporting write-serializability and read freshness of files, an intuitive solution is to have attestations be chain hashed. However, it is inefficient when files in an account can be accessed by multiple client devices interchangeably because client devices must keep all the attestations or there must exist a way to broadcast the last attestation to all the client devices. We propose a scheme that can guarantee mutual nonrepudiation between the user and service provider without requiring the client devices to exchange any messages, and each client device only has to store the last attestation it received. Concurrent accesses of files should be forbidden if all attestations need to be chained together with one chain. We propose to use multiple chains to provide concurrent file accesses in a single account. In addition, we also propose how to apply the hash tree to remove accumulated attestations. The results from related experiments demonstrate the feasibility of the proposed scheme. A service provider of cloud storage can use the proposed scheme to provide a mutual nonrepudiation guarantee in their service-level agreement.
Original language | English |
---|---|
Pages (from-to) | 583-599 |
Number of pages | 17 |
Journal | Concurrency Computation Practice and Experience |
Volume | 28 |
Issue number | 3 |
DOIs | |
Publication status | Published - 2016 Mar 10 |
Keywords
- SLA
- cloud security
- cloud storage
- hash tree
- nonrepudiation
- service-level agreement
ASJC Scopus subject areas
- Software
- Theoretical Computer Science
- Computer Networks and Communications
- Computer Science Applications
- Computational Theory and Mathematics