Policy-Based De-duplication in Secure Cloud Storage

  • Chuanyi Liu
  • Xiaojian Liu
  • Lei Wan
Part of the Communications in Computer and Information Science book series (CCIS, volume 320)


Reducing the amount of data need to be transferred, stored, and managed becomes a crucial for cloud storage. On the other hand, as user data are stored and processed by outsourced cloud provider, encryption becomes a necessary before updating data into the cloud. However, the above two goals are greatly opposed to each other. In order to solve the above conflict, a policy-based de-duplication proxy scheme is proposed in this paper. It suggests a policy-based de-duplication proxy scheme to enable different trust relations among cloud storage components, de-duplication related components and different security requirements. Further proposes a key management mechanism to access and decrypt the shared de-duplicated data chunks based on Proxy Re-encryption algorithms. This paper finally analyses the security of the scheme.


Cloud Storage Encryption Data De-duplication Proxy Re-encryption Convergent Encryption 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Zheng, Q., Xu, S.: Secure and efficient proof of storage with deduplication. In: Proc. CODASPY 2012, pp. 1–12 (2012)Google Scholar
  2. 2.
    Marques, L., Costa, C.J.: Secure deduplication on mobile devices. In: Proc. OSDOC 2011, pp. 16–29 (2011)Google Scholar
  3. 3.
    Storer, M.W., Greenan, K., Long, D.D., Miller, E.L.: Secure data deduplication. In: Proc. StorageSS 2008, pp. 1–10 (2008)Google Scholar
  4. 4.
    Xu, J., Chang, E., Zhou, J.: Secure Cloud Storage with Encrypted Data using File-Based Authentication. In: IACR (2011),
  5. 5.
    Rahumed, A., Chen, H.C.H., Tang, Y., Lee, P.P.C., Lui, J.C.S.: A secure cloud backup system with assured deletion and version control. In: Proc. ICPPW 2011, pp. 160–167 (2011)Google Scholar
  6. 6.
    Anderson, P., Zhang, L.: Fast and Secure Laptop Backups with Encrypted De-duplication. In: Proc. LISA 2010, pp. 29–40 (2010)Google Scholar
  7. 7.
    Douceur, J.R., Adya, A., Bolosky, W.J., Simon, D., Theimer, M.: Reclaiming space from duplicate files in a serverless distributed file system. In: Proc. ICDCS 2002, pp. 617–624 (2002)Google Scholar
  8. 8.
    Harnik, D., Pinkas, B., Shulman-Peleg, A.: Side channels in cloud services: deduplication in cloud storage. IEEE Security & Privacy 8(6), 40–47 (2010)CrossRefGoogle Scholar
  9. 9.
    Goldwasser, S., Micali, S.: Probabilistic encryption & how to play mental poker keeping secret all partial information. In: Annual ACM Symposium on Theory of Computing (1982)Google Scholar
  10. 10.
    Gantz, J.F., et al.: The Expanding Digital Universe: A Forecast of Worldwide Information Growth through 2010. In: IDC (March 2007)Google Scholar
  11. 11.
    Nath, P., Urgaonkar, B., Sivasubramaniam, A.: Evaluating the usefulness of content addressable storage for high-performance data intensive applications. In: Proceedings of the 17th International Symposium on High Performance Distributed Computing, Boston, MA, USA (2008)Google Scholar
  12. 12.
    Green, M., Hohenberger, S., Ateniese, G., Fu, K.: Improved proxy re-encryption schemes with applications to secure distributed storage. In: Proceedings of the 12th Annual Network and Distributed System Security Symposium, NDSS (February 2005)Google Scholar
  13. 13.
    Green, M., Ateniese, G.: Identity-Based Proxy Re-encryption. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 288–306. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  14. 14.
    Blaze, M., Bleumer, G., Strauss, M.J.: Divertible Protocols and Atomic Proxy Cryptography. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 127–144. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  15. 15.
    Zhu, B., Li, K., Patterson, H.: Avoiding the Disk Bottleneck in the Data Domain Deduplication File System. In: Proceedings of the 6th USENIX Conference on File and Storage Technologies (FAST 2008), pp. 269–282 (February 2008)Google Scholar
  16. 16.
    Liu, C., Lu, Y., Du, D., Wang, D.: ADMAD: Application-Driven Metadata Aware De-duplication Archival Storage System. In: International Workshop on Storage Network Architecture and Parallel I/Os (SNAPI 2008) Held In Conjunction with the 25th IEEE Conference on Mass Storage Systems and Technologies, MSST 2008 (2008)Google Scholar
  17. 17.
    Liu, C., et al.: R-ADMAD: High reliability provision for large-scale de-duplication archival storage systems. In: Proceedings of the 23rd International Conference on Supercomputing, pp. 370–379 (June 2009)Google Scholar
  18. 18.
    Ibraimi, L., Tang, Q., Hartel, P., Jonker, W.: Type-Based Proxy Re-encryption and Its Construction. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 130–144. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  19. 19.
    Fan, L., Cao, P., Almeida, J., Broder, A.Z.: Summary Cache: A Scalable Wide-Area Web Cache Sharing Protocol. IEEE/ACM Transactions on Networking 8(3), 281–293 (2000)CrossRefGoogle Scholar
  20. 20.
    Weaver, A.C.: Secure sockets layer. Computer 39(4), 88–90 (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Chuanyi Liu
    • 1
    • 3
  • Xiaojian Liu
    • 2
    • 3
  • Lei Wan
    • 2
    • 3
  1. 1.Software SchoolBeijing University of Posts and TelecommunicationsBeijingChina
  2. 2.School of Computer Science and TechnologyBeijing University of Posts and TelecommunicationsBeijingChina
  3. 3.Key Laboratory of Trustworthy Distributed Computing and Service (BUPT)Ministry of EducationChina

Personalised recommendations