Wenbin Yao

Multiple-File Remote Data Checking for cloud storage

Remote Data Checking (RDC) adds data possession or retrievability guarantee to cloud storage without downloading the whole data. The support for dynamic data updates is vital for the practical application of RDC. We define Multiple-File Remote Data Checking (MF-RDC), an RDC model suitable for the specific data update model of cloud storage. MF-RDC checks the intactness of a dynamic file group consisting of a growing number of static files. By checking a group of files aggregately, the overhead of the scheme can be significantly reduced. We propose constructions of two MF-RDC schemes: MF-PDP and MF-POR. An efficient and secure MF-PDP scheme that provides data possession guarantee is constructed from a single-file PDP scheme by combining homomorphic authenticators with virtual block indices. The scheme is amended to integrate with file encoding using adversarial error-correcting codes, producing the MF-POR scheme that provides data retrievability guarantee. We conduct rigorous security analysis of the schemes and perform experimental evaluation on our implementation. With an efficient implementation, the communication and computation overhead of the schemes is reduced from linear in the size of the data to near constant. The performance of the schemes is bounded by disk I/O rather than cryptographic computation.

VAOFS: A Verifiable Append-Only File System for Regulatory Compliance

Append-only file systems, with which data can only be updated in an append-only manner, are of great importance to the regulatory compliance requirements for storing immutable data. However, existing approaches fail to provide the verifiability of the append-only property of the file system in the presence of an inside attacker who can manipulate on-disk data directly, and thus are unsuitable for use in regulatory compliance. This paper presents the design and implementation of VAOFS, a Verifiable Append-Only File System for regulatory compliance. Verifiability is provided by a tamper resistant hardware device cooperating with an instrumented file system. Non-appending operations can be detected in an audit process. A time-based secure deletion method is also proposed to handle file deletion in VAOFS. Experiments with a prototype VAOFS called ext3ao built with ext3 show that the overhead of ext3ao is 53.0% compared with ext3; the audit process is efficient.