A Hybrid Cloud Approach for Secure Authorized Deduplication

Data deduplication is one of important data compression techniques for eliminating duplicate copies of repeating data, and has been widely used in cloud storage to reduce the amount of storage space and save bandwidth. To protect the confidentiality of sensitive data while supporting deduplication,...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on parallel and distributed systems Jg. 26; H. 5; S. 1206 - 1216
Hauptverfasser: Jin Li, Yan Kit Li, Xiaofeng Chen, Lee, Patrick P. C., Wenjing Lou
Format: Journal Article
Sprache:Englisch
Veröffentlicht: IEEE 01.05.2015
Schlagworte:
Cloud computing
Educational institutions
Encryption
Protocols
Servers
authorized duplicate check
Deduplication
hybrid cloud
confidentiality
ISSN:1045-9219
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Data deduplication is one of important data compression techniques for eliminating duplicate copies of repeating data, and has been widely used in cloud storage to reduce the amount of storage space and save bandwidth. To protect the confidentiality of sensitive data while supporting deduplication, the convergent encryption technique has been proposed to encrypt the data before outsourcing. To better protect data security, this paper makes the first attempt to formally address the problem of authorized data deduplication. Different from traditional deduplication systems, the differential privileges of users are further considered in duplicate check besides the data itself. We also present several new deduplication constructions supporting authorized duplicate check in a hybrid cloud architecture. Security analysis demonstrates that our scheme is secure in terms of the definitions specified in the proposed security model. As a proof of concept, we implement a prototype of our proposed authorized duplicate check scheme and conduct testbed experiments using our prototype. We show that our proposed authorized duplicate check scheme incurs minimal overhead compared to normal operations.
ISSN:1045-9219
DOI:10.1109/TPDS.2014.2318320