DATA INTEGRITY AUDITING WITHOUT PRIVATE KEY STORAGE FOR SECURE CLOUD STORAGE

Abstract: Cloud storage service has shown its great power and wide popularity which provides fundamental support for rapid development of cloud computing. However, due to management negligence and malicious attack, there still lie enormous security incidents that lead to quantities of sensitive data leakage at cloud storage layer. Once data is stored in the cloud, a client's sovereignty over its data is lost, leaving the data vulnerable to many security threats. From the perspective of protecting cloud data confidentiality, this project proposed a Mimic model Virtual Assistant that combines cloud computing with blockchain that assures data integrity for homomorphic encryption schemes. To establish a secure CSP platform apart from encrypting data homomorphically, there is a need for a robust, tamperproof, and verifiable security architecture. Virtual Assistant will be hired to store and perform computations on client data. Each VA will have to periodically compute a master hash value of their database to be stored on a private blockchain. A client can compare these master hash values to detect if data tampering has occurred. This distributed verification system fulfils the requirements of confidentiality (HE will be used for encryption), and integrity because data modifications by the CSPs can be detected by comparing master hash values stored on the blockchain. The data sharing process is performed via a smart contract, and involved parties have to escrow to encourage honesty. The schemas of data storing and sharing guarantee the security properties including confidentiality, integrity, privacy, non-repudiation, and anonymity.