1        Introduction

1.1  An Overview of Cloud Storage

1.2  Cloud Storage Architecture and Applications

1.2.1 Cloud Storage Architecture

1.2.2 Cloud Storage Applications

1.4  Aim of the Monograph

2 Basic Techniques for Data Security and Privacy

  2.1 Data Confidentiality

2.1.1 Symmetric-key Encryption

2.1.2 Public-key Encryption

  2.2 Data Authentication

2.2.1 Message Authentication Code

2.2.2 Hash Function

2.2.3 Digital Signature

2.2.4 Threshold Cryptography

2.2.5 Certificateless Cryptography

2.2.6 Blockchain

3 Secure Data Integrity Verification for Cloud Storage

  3.1 Introduction

3.2 Related Work

3.3 Problem Statement

3.3.1 System Model

3.3.2 Threat Model

3.3.3 Challenges and Design Goals

  3.4 Proposed CPVPA

3.4.1 Overview of CPVPA

3.4.2 Construction of CPVPA

3.4.3 Remark and Further Disscussion

  3.5 Security Analysis

  3.6 Performance Evaluation

3.6.1 Communication Costs

3.6.3 Monetary Costs

  3.7 Conclusion

4 Security Data Deduplication for Cloud Storage and Its Applications

  4.1 Introduction

  4.2 Related Work

  4.3 Problem Statement

4.3.1 System Model

4.3.3 Challenges and Design Goals

  4.4 Proposed Secure Deduplication Scheme

4.4.1 Overview

4.4.2 Construction

4.4.3 Remark and Further Discussion

  4.5 Security Analysis

  4.6 HealthDep: Cloud-based eHealth Systems with Secure Deduplication

  4.8 Conclusion

5 Secure Data Retrieval for Cloud Storage

  5.1 Introduction

  5.2 Related Work

5.3.1 System Model

5.3.2 Threat Model

5.3.3 Challenges and Design Goals

  5.4 Proposed SEPSE

5.4.1 Overview of SEPSE

5.4.2 Construction of SEPSE

5.4.3 Improment of Efficiency

5.4.3 Remark and Further Discussion

  5.5 Security Analysis

  5.6 Performance Evaluation

6 Secure Data Provenance for Cloud Storage

  6.1 Introduction

  6.2 Related Work

  6.3 Problem Statement

6.3.2 Threat Model

6.3.3 Challenges and Design Goals

6.4.1 Overview of ESP

6.4.2 Construction of ESP

6.4.3 Remark and Further Discussion

6.5 Security Analysis

6.6 Performance Evaluation

6.7 Conclusion

7 Secure Data Time-stamping for Cloud Storage

  7.1 Introduction

  7.2 Related Work

  7.3 Problem Statement

7.3.2 Threat Model

7.3.3 Challenges and Design Goals

7.4.1 Overview of Chronos

7.4.2 Construction of Chronos

7.4.3 Remark and Further Discussion

7.5 Security Analysis

7.6 Performance Evaluation

7.7 Conclusion

8 Summary and Future Research Directions

  8.1 Summary

  8.2 Future Research Directions

8.2.1 Secure Data Integrity Verification

8.2.3 Secure Provenance under Complex Models

8.2.4 Secure Time-stamping for Operations on Outsourced Data

Yuan Zhang is currently a Ph.D. candidate at the School of Computer Science and Engineering, University of Electronic Science and Technology of China (UESTC), and a visiting Ph.D. student at BBCR Lab, Department of Electrical and Computer Engineering, University of Waterloo, Canada. His research interests include applied cryptography, data security, and blockchain technology. He has published more than 20 papers on data security in top journals in the field (e.g. IEEE TIFS, IEEE TDSC, IEEE TII, IEEE TCC, and IEEE TCSS) and prominent conference proceedings (e.g. ICICS, IEEE ICC, ICA3PP). He served as a Technical Program Committee Member for the IEEE Globecom’18 and IEEE ICCC’19.

Xuemin (Sherman) Shen received his Ph.D. in Electrical Engineering from Rutgers University, New Brunswick, NJ, USA, in 1990. He is currently a University Professor at the Department of Electrical and Computer Engineering, University of Waterloo, ON, Canada. His research focuses on resource management in interconnected wireless/wired networks, wireless network security, social networks, smart grids, and vehicular ad hoc and sensor networks. He is a registered Professional Engineer of Ontario, Canada, an Engineering Institute of Canada Fellow, a Canadian Academy of Engineering Fellow, a Royal Society of Canada Fellow, and a Distinguished Lecturer of the IEEE Vehicular Technology Society and Communications Society.

Dr. Shen received the R.A. Fessenden Award from the IEEE, Canada, in 2019; the James Evans Avant Garde Award from the IEEE Vehicular Technology Society in 2018; and the Education Award from the IEEE Communications Society in 2017. He has served as the Technical Program Committee Chair/Co-Chair for various IEEE conferences, is the Editor-in-Chief of the IEEE Internet of Things Journal, and Vice President on Publications of the IEEE Communications Society.

This book provides a comprehensive overview of data security in cloud storage, ranging from basic paradigms and principles, to typical security issues and practical security solutions. It also illustrates how malicious attackers benefit from the compromised security of outsourced data in cloud storage and how attacks work in real situations, together with the countermeasures used to ensure the security of outsourced data. Furthermore, the book introduces a number of emerging technologies that hold considerable potential – for example, blockchain, trusted execution environment, and indistinguishability obfuscation – and outlines open issues and future research directions in cloud storage security.

The topics addressed are important for the academic community, but are also crucial for industry, since cloud storage has become a fundamental component in many applications. The book offers a general introduction for interested readers with a basic modern cryptography background, and a reference guide for researchers and practitioners in the fields of data security and cloud storage. It will also help developers and engineers understand why some current systems are insecure and inefficient, and move them to design and develop improved systems.