Auditing for data integrity and reliability in cloud storage

Abstract

Security has been identified as the most serious concern that prevents users from outsourcing sensitive data to the cloud. An efficient cloud auditing system will relieve users’s concerns regarding the availability and integrity of their outsourced data by providing evidence and records to track the activities in the cloud. This chapter provides a complete view of cloud storage auditing systems from multiple perspectives, including a clear definition, applicable technologies, major challenges, current research status, and open questions. First of all, a systematical introduction to general design principles and focuses of information auditing is given from three different aspects: strategy oriented, process oriented, and resource oriented. Then, two useful technologies, Provable Data Possession (PDP) and Proof of Retrievability (POR), are discussed thoroughly, which have been developed to verify data integrity and availability in distributed storage systems. Several typical algorithms are analyzed to illustrate their design rationales and tradeoffs. Following that, the challenges in developing a cloud auditing system are discussed and current efforts in the cloud security community are introduced. Finally, several open questions are identified, which are expected to be addressed in the near future.