A secure privacy preserving deduplication scheme for cloud computing

Yongkai Fan, Xiaodong Lin, Wei Liang, Gang Tan, Priyadarsi Nanda

Research output: Contribution to journalArticle

Abstract

Data deduplication is a key technique to improve storage efficiency in cloud computing. By pointing redundant files to a single copy, cloud service providers greatly reduce their storage space as well as data transfer costs. Despite of the fact that the traditional deduplication approach has been adopted widely, it comes with a high risk of losing data confidentiality because of the data storage models in cloud computing. To deal with this issue in cloud storage, we first propose a TEE (trusted execution environment) based secure deduplication scheme. In our scheme, each cloud user is assigned a privilege set; the deduplication can be performed if and only if the cloud users have the correct privilege. Moreover, our scheme augments the convergent encryption with users’ privileges and relies on TEE to provide secure key management, which improves the ability of such cryptosystem to resist chosen plaintext attacks and chosen ciphertext attacks. A security analysis indicates that our scheme is secure enough to support data deduplication and to protect the confidentiality of sensitive data. Furthermore, we implement a prototype of our scheme and evaluate the performance of our prototype, experiments show that the overhead of our scheme is practical in realistic environments.

Original languageEnglish (US)
Pages (from-to)127-135
Number of pages9
JournalFuture Generation Computer Systems
Volume101
DOIs
StatePublished - Dec 1 2019

Fingerprint

Cloud computing
Cryptography
Data transfer
Data storage equipment
Costs
Experiments

All Science Journal Classification (ASJC) codes

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Cite this

Fan, Yongkai ; Lin, Xiaodong ; Liang, Wei ; Tan, Gang ; Nanda, Priyadarsi. / A secure privacy preserving deduplication scheme for cloud computing. In: Future Generation Computer Systems. 2019 ; Vol. 101. pp. 127-135.
@article{e6762b479e684a8b95040bfd7ee503e9,
title = "A secure privacy preserving deduplication scheme for cloud computing",
abstract = "Data deduplication is a key technique to improve storage efficiency in cloud computing. By pointing redundant files to a single copy, cloud service providers greatly reduce their storage space as well as data transfer costs. Despite of the fact that the traditional deduplication approach has been adopted widely, it comes with a high risk of losing data confidentiality because of the data storage models in cloud computing. To deal with this issue in cloud storage, we first propose a TEE (trusted execution environment) based secure deduplication scheme. In our scheme, each cloud user is assigned a privilege set; the deduplication can be performed if and only if the cloud users have the correct privilege. Moreover, our scheme augments the convergent encryption with users’ privileges and relies on TEE to provide secure key management, which improves the ability of such cryptosystem to resist chosen plaintext attacks and chosen ciphertext attacks. A security analysis indicates that our scheme is secure enough to support data deduplication and to protect the confidentiality of sensitive data. Furthermore, we implement a prototype of our scheme and evaluate the performance of our prototype, experiments show that the overhead of our scheme is practical in realistic environments.",
author = "Yongkai Fan and Xiaodong Lin and Wei Liang and Gang Tan and Priyadarsi Nanda",
year = "2019",
month = "12",
day = "1",
doi = "10.1016/j.future.2019.04.046",
language = "English (US)",
volume = "101",
pages = "127--135",
journal = "Future Generation Computer Systems",
issn = "0167-739X",
publisher = "Elsevier",

}

A secure privacy preserving deduplication scheme for cloud computing. / Fan, Yongkai; Lin, Xiaodong; Liang, Wei; Tan, Gang; Nanda, Priyadarsi.

In: Future Generation Computer Systems, Vol. 101, 01.12.2019, p. 127-135.

Research output: Contribution to journalArticle

TY - JOUR

T1 - A secure privacy preserving deduplication scheme for cloud computing

AU - Fan, Yongkai

AU - Lin, Xiaodong

AU - Liang, Wei

AU - Tan, Gang

AU - Nanda, Priyadarsi

PY - 2019/12/1

Y1 - 2019/12/1

N2 - Data deduplication is a key technique to improve storage efficiency in cloud computing. By pointing redundant files to a single copy, cloud service providers greatly reduce their storage space as well as data transfer costs. Despite of the fact that the traditional deduplication approach has been adopted widely, it comes with a high risk of losing data confidentiality because of the data storage models in cloud computing. To deal with this issue in cloud storage, we first propose a TEE (trusted execution environment) based secure deduplication scheme. In our scheme, each cloud user is assigned a privilege set; the deduplication can be performed if and only if the cloud users have the correct privilege. Moreover, our scheme augments the convergent encryption with users’ privileges and relies on TEE to provide secure key management, which improves the ability of such cryptosystem to resist chosen plaintext attacks and chosen ciphertext attacks. A security analysis indicates that our scheme is secure enough to support data deduplication and to protect the confidentiality of sensitive data. Furthermore, we implement a prototype of our scheme and evaluate the performance of our prototype, experiments show that the overhead of our scheme is practical in realistic environments.

AB - Data deduplication is a key technique to improve storage efficiency in cloud computing. By pointing redundant files to a single copy, cloud service providers greatly reduce their storage space as well as data transfer costs. Despite of the fact that the traditional deduplication approach has been adopted widely, it comes with a high risk of losing data confidentiality because of the data storage models in cloud computing. To deal with this issue in cloud storage, we first propose a TEE (trusted execution environment) based secure deduplication scheme. In our scheme, each cloud user is assigned a privilege set; the deduplication can be performed if and only if the cloud users have the correct privilege. Moreover, our scheme augments the convergent encryption with users’ privileges and relies on TEE to provide secure key management, which improves the ability of such cryptosystem to resist chosen plaintext attacks and chosen ciphertext attacks. A security analysis indicates that our scheme is secure enough to support data deduplication and to protect the confidentiality of sensitive data. Furthermore, we implement a prototype of our scheme and evaluate the performance of our prototype, experiments show that the overhead of our scheme is practical in realistic environments.

UR - http://www.scopus.com/inward/record.url?scp=85067189973&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85067189973&partnerID=8YFLogxK

U2 - 10.1016/j.future.2019.04.046

DO - 10.1016/j.future.2019.04.046

M3 - Article

AN - SCOPUS:85067189973

VL - 101

SP - 127

EP - 135

JO - Future Generation Computer Systems

JF - Future Generation Computer Systems

SN - 0167-739X

ER -