Enabling Identity-Based Integrity Auditing and Data Sharing With Sensitive Information Hiding for Secure Cloud Storage

With cloud storage services, users can remotely store their data to the cloud and realize the data sharing with others. Remote data integrity auditing is proposed to guarantee the integrity of the data stored in the cloud. In some common cloud storage systems, such as the electronic health records system, the cloud file might contain some sensitive information that should not be exposed to others when the cloud file is shared. Encrypting the whole shared file can realize the sensitive information hiding, but will make this shared file unusable by others. How to realize data sharing with sensitive information hiding in remote data integrity auditing still had not been explored, that is, up to now.

This webinar, which is based on our original article, addresses this problem and proposes a remote data integrity auditing scheme that realizes data sharing with sensitive information hiding. In our scheme, a sanitizer is used on the data blocks corresponding to the sensitive information of the file and transforms these data blocks? signatures into valid ones for the sanitized file. These signatures are used to verify the integrity of the sanitized file in the integrity auditing phase. As a result, our scheme enables the file stored in the cloud to be shared and used by others on the condition that the sensitive information is hidden, while the remote data integrity auditing is still able to be efficiently executed.

The proposed scheme is based on identity-based cryptography, which simplifies the complicated certificate management. Security analysis and performance evaluation has shown that the proposed scheme is secure and efficient.