Detecting malicious third-party auditor and privacy preserving protocol for public cloud

Abstract

Cloud computing is an anticipated and an inevitable solution for large storage capacities, the virtual presence of ownership and universal accessibility which extends the boundaries of a user today. These benefits also open up a challenge for being too exposed for welcoming attackers to steal potential information from those cloud environments. Irrespective of types of data, information stored on these cloud environments vary from databases to the coding of software and raw and processed information of various organizations, including governments. To ensure confidentiality and integrity of data input from various users, cloud service providers employ third-party auditors to verify the safety measures are intact and maintained. As the name predicts, an auditor may not possess a responsibility to protect the data after their intended verification is over. Third-Party Auditors have the function of confirming that the saved data has the same integrity as of original data, does not seek any information shortly to disturb the integrity and finally do not introduce any loopholes for new attacking attempts from external sources. This proposal intends to derive a mechanism to limit the resources provided to third party auditors in the architecture. The location of data and users protected in this approach along with locking of data segments to enhance the security of the architecture. The simulation results compare the technique and prove that this method outperforms the previous techniques when addressing the sturdiness, communication complexity, and time consumption concerns.