Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Towards Immutability: A Secure and Efficient Auditing Framework for Cloud Supporting Data Integrity and File Version Control

Faisal Haque Bappy, Saklain Zaman, Tariqul Islam, Redwan Ahmed Rizvee, Joon S. Park, Kamrul Hasan

TL;DR

The paper tackles cloud data auditability by addressing the overhead and privacy concerns of blockchain-based solutions in centralized settings. It introduces Entangled Merkle Forest, a persistent, node-sharing Merkle-Tree framework that enables version control and dynamic auditing via a semi-trusted third-party auditor, while keeping file metadata privacy-protected. Key contributions include the persistent Merkle structure, the CreateInitialTree/UpdateFileBlock/Challenge-Proof-Verify algorithms, and a prototype that demonstrates significant time and storage efficiency over Hyperledger Fabric-based schemes, with complexities $O(N)$ for initial tree creation, $O(\log N)$ for updates, and $O(\log N + \log Q)$ for challenges. The approach offers scalable, secure, and auditable cloud storage with immutability and reduced synchronization costs, making it practically impactful for enterprise cloud services.

Abstract

Although wide-scale integration of cloud services with myriad applications increases quality of services (QoS) for enterprise users, verifying the existence and manipulation of stored cloud information remains an open research problem. Decentralized blockchain-based solutions are becoming more appealing for cloud auditing environments because of the immutable nature of blockchain. However, the decentralized structure of blockchain results in considerable synchronization and communication overhead, which increases maintenance costs for cloud service providers (CSP). This paper proposes a Merkle Hash Tree based architecture named Entangled Merkle Forest to support version control and dynamic auditing of information in centralized cloud environments. We utilized a semi-trusted third-party auditor to conduct the auditing tasks with minimal privacy-preserving file metadata. To the best of our knowledge, we are the first to design a node sharing Merkle Forest to offer a cost-effective auditing framework for centralized cloud infrastructures while achieving the immutable feature of blockchain, mitigating the synchronization and performance challenges of the decentralized architectures. Our proposed scheme outperforms it's equivalent Blockchain-based schemes by ensuring time and storage efficiency with minimum overhead as evidenced by performance analysis.

Towards Immutability: A Secure and Efficient Auditing Framework for Cloud Supporting Data Integrity and File Version Control

TL;DR

The paper tackles cloud data auditability by addressing the overhead and privacy concerns of blockchain-based solutions in centralized settings. It introduces Entangled Merkle Forest, a persistent, node-sharing Merkle-Tree framework that enables version control and dynamic auditing via a semi-trusted third-party auditor, while keeping file metadata privacy-protected. Key contributions include the persistent Merkle structure, the CreateInitialTree/UpdateFileBlock/Challenge-Proof-Verify algorithms, and a prototype that demonstrates significant time and storage efficiency over Hyperledger Fabric-based schemes, with complexities for initial tree creation, for updates, and for challenges. The approach offers scalable, secure, and auditable cloud storage with immutability and reduced synchronization costs, making it practically impactful for enterprise cloud services.

Abstract

Although wide-scale integration of cloud services with myriad applications increases quality of services (QoS) for enterprise users, verifying the existence and manipulation of stored cloud information remains an open research problem. Decentralized blockchain-based solutions are becoming more appealing for cloud auditing environments because of the immutable nature of blockchain. However, the decentralized structure of blockchain results in considerable synchronization and communication overhead, which increases maintenance costs for cloud service providers (CSP). This paper proposes a Merkle Hash Tree based architecture named Entangled Merkle Forest to support version control and dynamic auditing of information in centralized cloud environments. We utilized a semi-trusted third-party auditor to conduct the auditing tasks with minimal privacy-preserving file metadata. To the best of our knowledge, we are the first to design a node sharing Merkle Forest to offer a cost-effective auditing framework for centralized cloud infrastructures while achieving the immutable feature of blockchain, mitigating the synchronization and performance challenges of the decentralized architectures. Our proposed scheme outperforms it's equivalent Blockchain-based schemes by ensuring time and storage efficiency with minimum overhead as evidenced by performance analysis.
Paper Structure (16 sections, 4 figures, 1 table, 2 algorithms)

This paper contains 16 sections, 4 figures, 1 table, 2 algorithms.

Table of Contents

  1. Introduction
  2. Related Works
  3. Architectural Overview
  4. Merkle Hash Tree
  5. Sibling Path
  6. Achieving Immutability through Persistency
  7. System Components
  8. Implementation Overview
  9. Initial Tree Creation
  10. Block Update Operation
  11. Challenge-Proof-Verify
  12. Complexity Analysis
  13. System Evaluation
  14. Experimental Setup
  15. Performance Analysis
  16. ...and 1 more sections

Figures (4)

  • Figure 1: Entangled Merkle Forest Architecture
  • Figure 2: Interactions between System Components
  • Figure 3: Performance Comparison
  • Figure 4: Challenge-Proof-Verify