Secure Cloud Storage with Data Dynamics and Privacy-Preserving Audits Using Secure Network Coding

In the age of cloud computing, cloud users with a limited amount of storage can outsource their data to remote servers. The cloud servers, in lieu of monetary benefits, offer retrievability of their clients’ data at any point of time. Secure cloud storage protocols ensure the integrity of the outsourced data that can be dynamic (or static) in nature depending on whether the client can (or cannot) update the uploaded data as needed. In this work, we explore the possibility of constructing a secure cloud storage for dynamic data by leveraging the idea of secure network coding. Specifically, we fail to provide a general construction of an efficient secure cloud storage protocol for dynamic data from an arbitrary secure network coding protocol. However, we show that some of the secure network coding schemes with some required properties can be used to construct secure cloud storage protocols for dynamic data, and we indeed construct a publicly verifiable secure cloud storage protocol based on a secure network coding protocol. To the best of our knowledge, our scheme is the first secure cloud storage protocol for dynamic data that is based on a secure network coding protocol and that is secure in the standard model. In a publicly verifiable setting, auditing task is often delegated to a third party auditor that audits the outsourced data on behalf of a client. It is desirable that the auditor gains no knowledge about the actual content of the client’s data which may be sensitive. We extend our scheme in order to provide privacy-preserving audits where the content of the client’s data is protected from the third party auditor. Furthermore, we extend our scheme in order to offer anonymity of a user updating shared data in an enterprise setting. In this setting, the cloud server cannot distinguish the user (belonging to a group) updating the data shared among the users of that group. We also modify an existing secure cloud storage protocol for dynamic data in order to support privacypreserving audits. We compare the performance of our secure cloud storage protocol with that of other secure cloud storage schemes and discuss some limitations of our scheme. Finally, we provide another construction of a secure cloud storage protocol that is specialized for append-only data and that overcomes some of the limitations of our earlier scheme.