Skip to main content
SpringerLink
Log in

Fair Non-repudiation Framework for Cloud Storage: Part II

  • Chapter
  • First Online:
Book cover Cloud Computing for Enterprise Architectures

Part of the book series: Computer Communications and Networks ((CCN))

Abstract

Data storage is one of the most profitable applications on cloud ­computing platforms. Although a transparent service model provides flexibility and convenience, it also brings new challenges with respect to data security. For example, the existing vulnerabilities in some commercial cloud storage services can potentially lead to repudiation problems. In part I of this two-part chapter, a basic TPNR ­protocol is introduced that addresses disputes between an individual user and a service provider. In this chapter, we introduce a framework that supports a fair data transmission procedure without the risk of disputes in environments where data sharing among multiple users is required. An advanced MPNR protocol is presented. Fairness is achieved with the help of a TTP. Both parties can get evidence at the end of a round. In addition, taking advantage of the Merkle hash tree, the MPNR protocol can prevent rollback attacks by limiting the data access priorities of individual users. The rationale behind the new protocol’s design and its working modes are analyzed in detail. We also discuss its robustness under typical malicious ­network attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 129.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Amazon Inc.: Amazon import/export developer guide version 1.2. http://aws.amazon.com/documentation (2009). Accessed Aug 2009

  2. Microsoft Azure Services Platform: http://www.microsoft.com/azure/default.mspx (2009). Accessed 2009

  3. Kamara, S., Lauter, K.: Cryptographic cloud storage. In: Sion, R., et al. (eds.) Financial Cryptography and Data Security. LNCS6054, pp. 136–149. Springer, Berlin/Heidelberg (2009)

    Google Scholar 

  4. Popa, R.A., Lorch, J., Molnar, D., et al.: Enabling security in cloud storage SLAs with CloudProof. Microsoft TechReport MSR-TR-2010–46. http://research.microsoft.com/apps/pubs/default.aspx?id=131137 (2010). Accessed May 2010

  5. Bagga, W., Molva, R.: Collusion-free policy-based encryption. In: Katsikas, S., et al. (eds.) Information Security, LNCS 4176, pp. 233–245. Springer, Berlin/Heidelberg (2006)

    Chapter  Google Scholar 

  6. Bairavasundaram, L.N., Goodson, G.R., Schroeder, B., Arpaci-Dusseau, A.C., Arpaci-Dusseau, R.H.: An analysis of data corruption in the storage stack. In: USENIX conference on File and Storage Technologies, pp. 223–238. USENIX Association, San Jose, CA (2008)

    Google Scholar 

  7. Yun, A., Shi, C., Kim, Y.: On protecting integrity and confidentiality of cryptographic file system for outsourced storage. In: Proceedings of the 2009 ACM Workshop on Cloud Computing Security (CCSW ′09), pp. 67–76. ACM, New York, NY (2009)

    Google Scholar 

  8. Zhou, J., Gollmann, D.: A fair non-repudiation protocol. In: Proceedings of 1996 IEEE Symposium on Security and Privacy, pp. 55–61. IEEE Computer Society, Oakland (1996)

    Google Scholar 

  9. Zhou, J., Gollmann, D.: An efficient non-repudiation protocol. In: Proceedings of the 10th Computer Security Foundations Workshop, pp. 126–132. IEEE Computer, Oakland (1996)

    Google Scholar 

  10. Feng, J., Chen, Y., Liu, P.: Bridging the missing link of cloud data storage security in AWS. In: The 7th IEEE Consumer Communications and Networking Conference Security for CE Communications (CCNC’10, Short Position Paper), IEEE Press, Las Vegas, Nevada (2010)

    Google Scholar 

  11. Feng, J., Chen, Y., Ku, W.S., Liu, P.: Analysis of integrity vulnerabilities and a non-repudiation protocol for cloud data storage platforms. In: The 2nd International Workshop on Security in Cloud Computing (SCC 2010), in Conjunction with ICPP 2010, IEEE Computer Society, San Diego, CA (2010)

    Google Scholar 

  12. Carbonell, M., Sierra, J.M., Lopez, J.: Secure multiparty payment with an intermediary entity. Comput. Secur 28(5), 289–300 (2009)

    Article  Google Scholar 

  13. Li, S., Wang, G., Zhou, J., Chen, K.: Fair and secure mobile billing systems. Wirel. Pers. Commun. 51(1), 81–93 (2009)

    Article  Google Scholar 

  14. Onieva, J., Lopez, J., Zhou, J.: Secure Multi-party Non-repudiation Protocols and Applications. Springer, Boston (2009)

    Book  Google Scholar 

  15. Certicom Inc.: ECDSA fast verify. http://www.certicom.com/index.php/software-security-solutions (2005). Accessed 2005

  16. Bella, G., Paulson, L.C.: Mechanical proofs about a non-repudiation protocol. In: TPHOL01, vol. 2152 of LNCS, pp. 91–104. Springer, Heidelberg (2001)

    Google Scholar 

  17. Bruso, M., Cortesi, A.: Non-repudiation analysis with LYSA with annotations. Comput. Lang. Syst. Struct. 36, 352–377 (2010)

    Article  Google Scholar 

  18. Amazon Developer Forum: S3 data corruption? http://developer.amazonwebservices.com/connect/thread.jspa?threadID=22709 (2008). Accessed 2008

  19. Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)

    Book  Google Scholar 

  20. Zhou, J., Gollmann, D.: Towards verification of non-repudiation protocols. In: Proceedings of International Refinement Workshop and Formal Methods Pacific, pp. 370–380. Springer, Canberra (1998)

    Google Scholar 

  21. Louridas, P.: Some guidelines for non-repudiation protocols. SIGCOMM Comput. Commun. Rev. 30(5), 29–38 (2000)

    Article  Google Scholar 

  22. Kim, K., Park, S., Baek, J.: Improving fairness and privacy of Zhou-Gollmann’s fair non-repudiation protocol. In: Proceedings of 1999 ICPP Workshop on Security, pp. 140–145. IEEE Computer Society, Aizu, Japan (1999)

    Google Scholar 

  23. Markowitch, O., Kremer, S.: A multi-party optimistic non-repudiation protocol. In: Proceedings of 2000 International Conference on Information Security and Cryptology, pp. 109–122. Spinger, Seoul, Korea (2000)

    Google Scholar 

  24. Gurgens, S., Rudolph, C., Vogt, H.: On the security of fair non-repudiation protocols. Int. J. Inf. Secur. 4(4), 253–262 (2005)

    Article  Google Scholar 

  25. Boyd, C., Kearney, P.: Exploring fair exchange protocols using specification animation, lecture notes in computer science 1975. In: Proceedings of 2000 Information Security Workshop, pp. 209–223. Springer, Wollongong, Australia (2000)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Electrical and Computer Engineering, Binghamton University, SUNY, Binghamton, NY, 13902, USA

    Jun Feng, Yu Chen & Douglas H. Summerville

  2. Department of Electrical Engineering – Systems, University of Southern California, Los Angeles, CA, 90089, USA

    Kai Hwang

Authors
  1. Jun Feng
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yu Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Douglas H. Summerville
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kai Hwang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yu Chen .

Editor information

Editors and Affiliations

  1. School of Computing, University of Derby, Kedleston Road, Derby, DE22 1GB, United Kingdom

    Zaigham Mahmood

  2. School of Computing, University of Derby, Kedleston Road, Derby, DE22 1GB, United Kingdom

    Richard Hill

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag London Limited

About this chapter

Cite this chapter

Feng, J., Chen, Y., Summerville, D.H., Hwang, K. (2011). Fair Non-repudiation Framework for Cloud Storage: Part II. In: Mahmood, Z., Hill, R. (eds) Cloud Computing for Enterprise Architectures. Computer Communications and Networks. Springer, London. https://doi.org/10.1007/978-1-4471-2236-4_15

Download citation

  • DOI: https://doi.org/10.1007/978-1-4471-2236-4_15

  • Published:

  • Publisher Name: Springer, London

  • Print ISBN: 978-1-4471-2235-7

  • Online ISBN: 978-1-4471-2236-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation