Multi-replicas integrity checking scheme with supporting probability audit for cloud-based IoT

Yilin Yuan; Fan Yang; Xiao Wang; Yimin Tian; Zichen Li

doi:10.7717/peerj-cs.1790

Multi-replicas integrity checking scheme with supporting probability audit for cloud-based IoT

PeerJ Comput Sci. 2024 Jan 16:10:e1790. doi: 10.7717/peerj-cs.1790. eCollection 2024.

Authors

Yilin Yuan¹, Fan Yang¹, Xiao Wang^{2

3

4}, Yimin Tian^{1

5}, Zichen Li¹

Affiliations

¹ College of Information Engineering, Beijing Institute of Graphic Communication, Beijing, China.
² Guangdong Provincial Key Laboratory of Novel Security Intelligence Technologies, Guangzhou, Guangdong, China.
³ Department of Information Science and Technology, Tianjin University of Finance and Economics, Tianjin, China.
⁴ College of Intelligence and Computing, Tianjin University, Tianjin, China.
⁵ Science Education Department, Beijing Institute of Graphic Communication, Beijing, China.

Abstract

Nowadays, more people are choosing to use cloud storage services to save space and reduce costs. To enhance the durability and persistence, users opt to store important data in the form of multiple copies on cloud servers. However, outsourcing data in the cloud means that it is not directly under the control of users, raising concerns about security and integrity. Recent research has found that most existing multicopy integrity verification schemes can correctly perform integrity verification even when multiple copies are stored on the same Cloud Service Provider (CSP), which clearly deviates from the initial intention of users wanting to store files on multiple CSPs. With these considerations in mind, this paper proposes a scheme for synchronizing the integrity verification of copies, specifically focusing on strongly privacy Internet of Things (IoT) electronic health record (EHR) data. First, the paper addresses the issues present in existing multicopy integrity verification schemes. The scheme incorporates the entity Cloud Service Manager (CSM) to assist in the model construction, and each replica file is accompanied with its corresponding homomorphic verification tag. To handle scenarios where replica files stored on multiple CSPs cannot provide audit proof on time due to objective reasons, the paper introduces a novel approach called probability audit. By incorporating a probability audit, the scheme ensures that replica files are indeed stored on different CSPs and guarantees the normal execution of the public auditing phase. The scheme utilizes identity-based encryption (IBE) for the detailed design, avoiding the additional overhead caused by dealing with complex certificate issues. The proposed scheme can withstand forgery attack, replace attack, and replay attack, demonstrating strong security. The performance analysis demonstrates the feasibility and effectiveness of the scheme.

Keywords: EHR data; Identity-based encryption; Multi-replicas integrity verification; Probability audit; Public auditing.

Grants and funding

This work was supported by the Guangdong Provincial Key Laboratory of Novel Security Intelligence Technologies under Grant 2022B1212010005. The funders had a role in the decision to publish and preparation of the manuscript. The funders had no role in study design and data collection and analysis.