New Publicly Verifiable Cloud Data Deletion Scheme with Efficient Tracking
Cloud storage service, one of the most important services in the cloud computing, can offer high-quality storage service for tenants. By employing the cloud storage service, the resource-constraint data owners can outsource their data to the remote cloud server to reduce the heavy storage burden. Due to the attractive advantages, there are an increasing number of data owners prefer to embrace the cloud storage service. However, the data owners will lose the direct control over their outsourced data, and they can not directly execute operations over their outsourced data, such as data deletion operation. That will make outsourced data deletion become a crucial security problem: the selfish cloud server may not honestly perform the data deletion operation for economic interests, and then returns error results to mislead the data owners. Although a series of solutions have been proposed to solve this problem, most of them can be described as “one-bit-return” protocol: the storage server removes the data and then returns a one-bit deletion reply, and the data owners have to trust the deletion reply because they can not verify it conveniently.
In this paper, we put forward a new publicly verifiable data deletion scheme with efficient tracking for cloud storage. In our novel scheme, the remote cloud server executes the data deletion operation and returns a deletion proof. If the remote cloud server maliciously reserves the data backups, the data owner can easily detect the malicious data reservation by verifying the returned deletion proof. Besides, we utilize the primitive of Merkle Hash Tree to solve the problem of public verifiability in data deletion. Furthermore, our scheme can realize efficient data leakage source tracking when the data are leaked, which can prevent the data owner and the cloud server from exposing the data designedly to slander each other. Finally, we prove that our novel scheme can satisfy the desired security properties.
KeywordsCloud storage Data deletion Public verification Efficient tracking Merkle Hash Tree
This work was supported by the Open Projects of State Key Laboratory of Integrated Service Networks (ISN) of Xidian University (No. ISN19-13), the National Natural Science Foundation of Guangxi (No. 2016GXNSFAA380098) and the Science and Technology Program of Guangxi (No. AB17195045).
- 1.Bauer, S., Priyantha, N.B.: Secure data deletion for Linux file systems. In: Proceedings of the 10th Conference on USENIX Security Symposium, vol. 174, pp. 153–164. USENIX Association, Berkeley (2001)Google Scholar
- 2.Boneh, D., Lipton, R.: A revocable backup system. In: Proceedings of the 6th Conference on USENIX Security Symposium, vol. 6, pp. 91–96. USENIX Association, Berkeley (1996)Google Scholar
- 10.Gutmann, P.: Secure deletion of data from magnetic and solid-state memory. In: Proceedings of the Sixth USENIX Security Symposium, vol. 14, pp. 77–89. USENIX Association, Berkeley (1996)Google Scholar
- 15.Luo, Y., Xu, M., Fu, S., Wang, D.: Enabling assured deletion in the cloud storage by overwriting. In: Proceedings of the 4th ACM International Workshop on Security in Cloud Computing, pp. 17–23. ACM, New York (2016)Google Scholar
- 16.Lee, J., Yi, S., Heo, J., Park, H., Shin, S.Y., Cho, Y.: An efficient secure deletion scheme for flash file systems. J. Inf. Sci. Eng. 26(1), 27–38 (2010)Google Scholar
- 17.Merkle, R.C.: Protocols for public key cryptosystems. In: Proceedings of the 1980 IEEE Symposium on Security and Privacy (SP), pp. 122–134. IEEE Computer Society, Washington, DC (1980)Google Scholar
- 19.Ni, J., Lin, X., Zhang, K., Yu, Y., Shen, X.: Secure outsourced data transfer with integrity verification in cloud storage. In: Proceedings of the 2016 IEEE/CIC International Conference on Communications in China, ICCC 2016, pp. 1–6. IEEE Computer Society, Washington, DC (2016)Google Scholar
- 20.Paul, M., Saxena, A.: Proof of erasability for ensuring comprehensive data deletion in cloud computing. In: Meghanathan, N., Boumerdassi, S., Chaki, N., Nagamalai, D. (eds.) Recent Trends in Network Security and Applications, CNSA 2010. CCIS, vol. 89, pp. 340–348. Springer, Heidelberg (2010)CrossRefGoogle Scholar
- 21.Perito, D., Tsudik, G.: Secure code update for embedded devices via proofs of secure erasure. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) Computer Security C ESORICS 2010, ESORICS 2010. LNCS, vol. 6345, pp. 643–662. Springer, Heidelberg (2010)Google Scholar
- 22.Perlman, R.: File system design with assured delete. In: Proceedings of the Third IEEE International Security in Storage Workshop (SISW 2005), pp. 83–88. IEEE Computer Society, Washington, DC (2005)Google Scholar
- 23.Rahumed, A., Chen, H.C., Tang, Y., Lee, P.P., Lui, J.C.: A secure cloud backup system with assured deletion and version control. In: Proceedings of the 2011 40th International Conference on Parallel Processing Workshops (ICPPW), pp. 160–167. IEEE Computer Society, Washington, DC (2011)Google Scholar
- 24.Reardon, J., Basin, D., Capkun, S.: SoK: secure data deletion. In: Proceedings of the 2013 IEEE Symposium on Security and Privacy (SP), pp. 301–315. IEEE Computer Society, Washington, DC (2013)Google Scholar
- 30.Wright, C., Kleiman, D., Sundhar, R.S.S.: Overwriting hard drive data: the great wiping controversy. In: Sekar, R., Pujari, A.K. (eds.) Information Systems Security, ICISS 2008. LNCS, vol. 5352, pp. 243–257. Springer, Heidelberg (2008)Google Scholar
- 34.Yang, C., Wang, J., Tao, X., Chen, X.: Publicly verifiable data transfer and deletion scheme for cloud storage. In: Naccache, D., Xu, S., Qing, S., Samarati, P., Blanc, G., Lu, R., Zhang, Z., Meddahi, A. (eds.) ICICS 2018. LNCS, vol. 11149, pp. 445–458. Springer, Heidelberg (2018)Google Scholar