Back to publication list
S. R. Tate, R. Vishwanathan, and L. Everhart.
"Multi-user dynamic proofs of data possession using trusted
hardware," Proceedings of the 3rd ACM Conference on Data and
Application Security and Privacy (CODASPY '13), 2013,
pp. 353-364.
Abstract:
In storage outsourcing services, clients store their data on a
potentially untrusted server, which has more computational power and
storage capacity than the individual clients. In this model,
security properties such as integrity, authenticity, and freshness
of stored data ought to be provided, while minimizing computational
costs at the client, and communication costs between the client and
the server. Using trusted computing technology on the server's side,
we propose practical constructions in the provable data possession
model that provide integrity and freshness in a
dynamic, multi-user setting, where groups of users can update their
shared files on the remote, untrusted server. Unlike previous
solutions based on a single-user, single-device model, we consider a
multi-user, multi-device model. Using trusted hardware on the server
helps us to eliminate some of the previously known challenges with
this model, such as forking and rollback attacks by
the server. We logically separate bulk storage and data
authentication issues to different untrusted remote services, which
can be implemented either on the same or different physical
servers. With only minor modifications to existing services, the
bulk storage component can be provided by large-scale storage
providers such as Google, CloudDrive, DropBox, and a smaller
specialized server equipped with a trusted hardware chip can be used
for providing data authentication. Our constructions eliminate
client-side storage costs (clients do not need to maintain
persistent state), and are suitable for situations in which multiple
clients work collaboratively on remotely stored, outsourced data.
Download:
Conference Paper