Description:BACKGROUND
Field of Invention
[001] Embodiments of the present invention generally relate to a data integrity check and particularly to a system for identity based remote data integrity checking with data dynamics and public auditing in cloud.
Description of Related Art
[002] Cloud computing has revolutionized data storage and accessibility, enabling users to store their data remotely. However, ensuring the integrity and security of this data remains a significant concern. Existing methods for remote data integrity checking lack robustness, especially in scenarios where data dynamics and public auditing are crucial. Many existing methods struggle to scale effectively with the increasing volume of data stored in the cloud. As data grows, the computational overhead required for integrity checking can become prohibitively high, leading to performance degradation and potential bottlenecks. Further, traditional authentication mechanisms used in remote data integrity checking often rely on static credentials such as passwords or cryptographic keys. These methods are susceptible to various security threats, including brute force attacks, credential theft, and unauthorized access, compromising the integrity of the entire system.
[003] Current approaches often lack flexibility in handling dynamic data, such as frequent updates, deletions, or additions. As a result, they may fail to accurately verify the integrity of data that undergoes rapid changes, leading to inconsistencies or false positives in integrity checks. Many remote data integrity checking methods require sharing sensitive information with third-party auditors or service providers for verification purposes. This raises privacy concerns as it exposes potentially confidential or proprietary data to external entities, increasing the risk of data breaches or unauthorized access.
[004] There is thus a need for an improved and advanced system for identity based remote data integrity checking with data dynamics and public auditing in cloud that can administer the aforementioned limitations in a more efficient manner.
SUMMARY
[005] Embodiments in accordance with the present invention provide a system for identity based remote data integrity checking with data dynamics and public auditing in cloud. The system comprising: a cloud server adapted to store files of a data owner; a user device adapted to enable the data owner to access the files stored in the cloud server, wherein the user device enables the data owner to select files for auditing; a trusted Key Generation Center (KGC) adapted to generate a secret key for the data owner to access the files stored in the cloud server; and a third-party auditor adapted to initiate a public auditing for the files in the cloud server selected by the data owner using the user device, wherein the public auditing of the selected files is conducted using Remote Data Integrity Checking (RDIC) algorithms.
[006] Embodiments in accordance with the present invention further provide a method for identity based remote data integrity checking with data dynamics and public auditing in cloud. The method comprising steps of: enabling a trusted Key Generation Center (KGC) to generate a secret key for each data owner corresponding to their identity; enabling the data owner for initiating an auditing request, using a user device, for files stored in a cloud server using the generated secret key, wherein the auditing request is received by a third-party auditor; enabling the third-party auditor to transmit an auditing message to the cloud server; wherein the auditing message comprises a file on the cloud server to be audited, a level of audition, or a combination thereof; conducting the auditing of the selected files on the cloud server, wherein the auditing is carried out using Remote Data Integrity Checking (RDIC) algorithms; receiving an auditing proof from the cloud server after conduction of a complete auditing of the selected file son the cloud server; enabling the third-party auditor to prepare an auditing report based on the auditing proof received from the cloud server; and transmitting the prepared auditing report to the data owner.
[007] Embodiments of the present invention may provide a number of advantages depending on their particular configuration. First, embodiments of the present application may provide a system for identity based remote data integrity checking with data dynamics and auditing in cloud.
[008] Next, embodiments of the present application may provide a system for identity based remote data integrity checking with data dynamics and public auditing in cloud that combines identity-based cryptography, data dynamics, and auditing to create a comprehensive solution. By utilizing this scheme, data owners can delegate the responsibility of verifying data integrity to a trusted third-party auditor.
[009] Next, embodiments of the present application may provide a system for identity based remote data integrity checking with data dynamics and public auditing in cloud that supports efficient update operations on the data, including insertion, deletion, and modification. This ensures that the data remains up-to-date and adaptable to changing circumstances. The underlying foundation of the scheme relies on the utilization of bilinear pairings and random oracles, which contribute to its robustness against various potential attacks.
[0010] Next, embodiments of the present application may provide a system for identity based remote data integrity checking with data dynamics and public auditing in cloud that eliminates the necessity for certificates, thereby simplifying the auditing. Furthermore, it reduces both the communication and computation costs associated with data integrity checking.
[0011] Next, embodiments of the present application may provide a system for identity based remote data integrity checking with data dynamics and public auditing in cloud that scheme prioritizes the privacy of data, ensuring that sensitive information remains secure throughout the auditing.
[0012] Next, embodiments of the present application may provide a system for identity based remote data integrity checking with data dynamics and public auditing in cloud that offers numerous protocols for remote data integrity checking (RDIC) have been put forth. These protocols aim to not only alleviate the burden of data verification from the user but also introduce the concept of a public auditor to ensure unbiased and trustworthy verification.
[0013] These and other advantages will be apparent from the present application of the embodiments described herein.
[0014] The preceding is a simplified summary to provide an understanding of some embodiments of the present invention. This summary is neither an extensive nor exhaustive overview of the present invention and its various embodiments. The summary presents selected concepts of the embodiments of the present invention in a simplified form as an introduction to the more detailed description presented below. As will be appreciated, other embodiments of the present invention are possible utilizing, alone or in combination, one or more of the features set forth above or described in detail below.
BRIEF DESCRIPTION OF THE DRAWINGS
[0015] The above and still further features and advantages of embodiments of the present invention will become apparent upon consideration of the following detailed description of embodiments thereof, especially when taken in conjunction with the accompanying drawings, and wherein:
[0016] FIG. 1 illustrates a system for identity based remote data integrity checking with data dynamics and public auditing in cloud, according to an embodiment of the present invention; and
[0017] FIG. 2 depicts a flowchart of a method for identity based remote data integrity checking with data dynamics and public auditing in cloud, according to an embodiment of the present invention.
[0018] The headings used herein are for organizational purposes only and are not meant to be used to limit the scope of the description or the claims. As used throughout this application, the word "may" is used in a permissive sense (i.e., meaning having the potential to), rather than the mandatory sense (i.e., meaning must). Similarly, the words “include”, “including”, and “includes” mean including but not limited to. To facilitate understanding, like reference numerals have been used, where possible, to designate like elements common to the figures. Optional portions of the figures may be illustrated using dashed or dotted lines, unless the context of usage indicates otherwise.
DETAILED DESCRIPTION
[0019] The following description includes the preferred best mode of one embodiment of the present invention. It will be clear from this description of the invention that the invention is not limited to these illustrated embodiments but that the invention also includes a variety of modifications and embodiments thereto. Therefore, the present description should be seen as illustrative and not limiting. While the invention is susceptible to various modifications and alternative constructions, it should be understood, that there is no intention to limit the invention to the specific form disclosed, but, on the contrary, the invention is to cover all modifications, alternative constructions, and equivalents falling within the scope of the invention as defined in the claims.
[0020] In any embodiment described herein, the open-ended terms "comprising", "comprises”, and the like (which are synonymous with "including", "having” and "characterized by") may be replaced by the respective partially closed phrases "consisting essentially of", “consists essentially of", and the like or the respective closed phrases "consisting of", "consists of”, the like.
[0021] As used herein, the singular forms “a”, “an”, and “the” designate both the singular and the plural, unless expressly stated to designate the singular only.
[0022] FIG. 1 illustrates a system 100 for identity based remote data integrity checking with data dynamics and public auditing in cloud, according to an embodiment of the present invention. The system 100 may be capable of addressing various challenges associated with ensuring the integrity and security of remotely stored data. In an embodiment of the present invention, system 100 may comprise a cloud server 102, a user device 104, a Key Generation Center (KGC) 106, and a third-party auditor 108.
[0023] In an embodiment of the present invention, the cloud server 102 may be adapted to store files of a data owner. The cloud server 102 may encompass various storage solutions, including but not limited to, distributed file systems, object storage services, or virtual machine instances with attached storage volumes. These storage solutions may offer scalability, durability, and accessibility, enabling efficient management and retrieval of data assets within a cloud environment. Embodiments of the present invention are intended to include or otherwise cover any type of the storage solutions including known, related art, and/or later developed technologies.
[0024] In an embodiment of the present invention, the user device 104 may be adapted to enable the data owner to access the files stored in the cloud server 102. The user device 104 enables the data owner to select files for auditing, in an embodiment of the present invention. In an embodiment of the present invention, the user device 104 and the cloud server 102 may be configured to maintain a shared data flow.
[0025] In an embodiment of the present invention, the trusted Key Generation Center (KGC) 106 may be adapted to generate a secret key for the data owner to access the files stored in the cloud server 102. The KGC 106 may serve as a centralized entity responsible for key management and distribution, ensuring confidentiality and integrity throughout the access control process. Additionally, the KGC 106 may employ robust cryptographic techniques to safeguard key generation procedures, enhancing the overall security posture within the system architecture.
[0026] In an embodiment of the present invention, the third-party auditor 108 may be adapted to initiate an auditing for the files in the cloud server 102 selected by the data owner using the user device 104. The auditing process involves a utilization of Remote Data Integrity Checking (RDIC) algorithms, designed to verify the integrity of the selected files remotely. This entails examining cryptographic hashes or other integrity verification mechanisms applied to the files, ensuring that they have not been tampered with or altered in any unauthorized manner. In an embodiment of the present invention, the Remote Data Integrity Checking (RDIC) algorithms may employ cryptographic techniques such as hash functions or digital signatures to generate checksums or signatures for the files under audit. These algorithms may utilize public-key cryptography to enable verification by the third-party auditor without requiring access to the data owner's secret keys. Additionally, RDIC algorithms may incorporate mechanisms for handling data dynamics, such as versioning or timestamping, to accommodate changes to the files over time while still ensuring their integrity during the auditing process.
[0027] In an embodiment of the present invention, the Remote Data Integrity Checking (RDIC) algorithms for auditing of may be a Ex/tract, TagGen, Challenge, ProofGen, Proof Check, Execute, verifyupdate, and so forth. Embodiments of the present invention are intended to include or otherwise cover any type of the algorithms for auditing including known, related art, and/or later developed technologies.
[0028] In an embodiment of the present invention, the system 100 may combines identity-based cryptography, data dynamics, and auditing to conduct a comprehensive data auditing. By utilizing this scheme, the data owner may delegate the responsibility of verifying data integrity to the trusted third-party auditor 108. The third-party auditor 108 may be capable of conducting the auditing without the need to access or disclose the actual content of the files stored in the cloud server 102. The third-party auditor 108 may encompass various technologies, including but not limited to, cryptographic protocols, distributed systems, secure communication channels, and so forth. Embodiments of the present invention are intended to encompass any type of third-party auditor 108, including existing technologies, related art, and future developments in the field of data auditing and security assurance.
[0029] In an embodiment of the present invention, the system 100 may supports efficient update operations on the files stored in the cloud server 102, including insertion, deletion, and modification. This may ensure that the files stored in the cloud server 102 remains up-to-date and adaptable to changing circumstances. The underlying foundation of the system 100 may rely on utilization of bilinear pairings and random oracles, that may contribute to robustness against various potential attacks.
[0030] In an exemplary embodiment of the present invention, the system 100 may facilitate identity-based remote data integrity checking with data dynamics and public auditing in the cloud. Firstly, the trusted Key Generation Center (KGC) 106 may assign a unique secret key to each data owner, potentially aligning with their identity. For instance, ABC, a data owner, may receive a secret key generated by the KGC 106, ensuring secure and authenticated access to her data assets stored in the cloud server 102. Subsequently, utilizing her user device 104, ABC may initiate an auditing request for specific files stored in the cloud server 102 using the secret key provided by the KGC 106. Upon receipt of ABC's request, the third-party auditor 108 may transmit an auditing message to the cloud server 102, potentially specifying the files to be audited and the desired level of scrutiny. For instance, if ABC selects a crucial financial report for auditing, the third-party auditor 108 may dispatch an auditing message to the cloud server 102, triggering the Remote Data Integrity Checking RDIC algorithms to verify the file's integrity. Once the auditing is completed, the cloud server 102 may provide an auditing proof to the third-party auditor 108, enabling the preparation of a detailed auditing report that is then transmitted back to ABC, ensuring transparency and accountability in the data auditing process.
[0031] FIG. 2 depicts a flowchart of a method 200 for identity based remote data integrity checking with data dynamics and public auditing in cloud, according to an embodiment of the present invention.
[0032] At step 202, the system 100 may enable the trusted Key Generation Center (KGC) 106 to generate the secret key for each data owner corresponding to their identity.
[0033] At step 204, the system 100 may enable the data owner to initiate the auditing request, using the user device 104, for files stored in the cloud server 102 using the generated secret key. The auditing request is received by the third-party auditor 108.
[0034] At step 206, the system 100 may enable the third-party auditor 108 to transmit an auditing message to the cloud server 102. The auditing message comprises a file on the cloud server 102 to be audited, a level of audition, and so forth.
[0035] At step 208, the system 100 may conduct the auditing of the selected files on the cloud server 102. The auditing may be carried out using the Remote Data Integrity Checking (RDIC) algorithms.
[0036] At step 210, the system 100 may receive an auditing proof from the cloud server 102 after the conduction of a complete auditing of the selected file on the cloud server 102.
[0037] At step 212, the system 100 may enable the third-party auditor 108 to prepare an auditing report based on the auditing proof received from the cloud server 102.
[0038] At step 214, the system 100 may transmit the prepared auditing report to the data owner.
[0039] While the invention has been described in connection with what is presently considered to be the most practical and various embodiments, it is to be understood that the invention is not to be limited to the disclosed embodiments, but on the contrary, is intended to cover various modifications and equivalent arrangements included within the scope of the appended claims.
[0040] This written description uses examples to disclose the invention, including the best mode, and also to enable any person skilled in the art to practice the invention, including making and using any devices or systems and performing any incorporated methods. The patentable scope of the invention is defined in the claims, and may include other examples that occur to those skilled in the art. Such other examples are intended to be within the scope of the claims if they have structural elements that do not differ from the literal language of the claims, or if they include equivalent structural elements within substantial differences from the literal languages of the claims. , Claims:CLAIMS
I/We Claim:
1. A system (100) for identity based remote data integrity checking with data dynamics and public auditing in cloud, the system (100) comprising:
a cloud server (102) adapted to store files of a data owner;
a user device (104) adapted to enable the data owner to access the files stored in the cloud server (102), wherein the user device (104) enables the data owner to select files for auditing;
a trusted Key Generation Center (KGC) (106) adapted to generate a secret key for the data owner to access the files stored in the cloud server (102); and
a third-party auditor (108) adapted to initiate an auditing for the files in the cloud server (102) selected by the data owner using the user device (104), wherein the auditing of the selected files is conducted using Remote Data Integrity Checking (RDIC) algorithms.
2. The system (100) as claimed in claim 1, wherein the Remote Data Integrity Checking (RDIC) algorithms for auditing of the selected file is selected from a Ex/tract, TagGen, Challenge, ProofGen, Proof Check, Execute, verifyupdate, or a combination thereof.
3. The system (100) as claimed in claim 1, wherein the user device (104) and the cloud server (102) are configured to maintain a shared data flow.
4. A method (200) for identity based remote data integrity checking with data dynamics and public auditing in cloud, the method (200) is characterized by steps of:
enabling a trusted Key Generation Center (KGC) (106) to generate a secret key for each data owner corresponding to their identity;
enabling the data owner to initiate an auditing request, using a user device (104), for files stored in a cloud server (102) using the generated secret key, wherein the auditing request is received by a third-party auditor (108);
enabling the third-party auditor (108) to transmit an auditing message to the cloud server (102); wherein the auditing message comprises a file on the cloud server (102) to be audited, a level of audition, or a combination thereof;
conducting the auditing of the selected files on the cloud server (102), wherein the auditing is carried out using Remote Data Integrity Checking (RDIC) algorithms;
receiving an auditing proof from the cloud server (102) after conducting a complete auditing of the selected file on the cloud server (102);
enabling the third-party auditor (108) to prepare an auditing report based on the auditing proof received from the cloud server (102); and
transmitting the prepared auditing report to the data owner.
5. The method (200) as claimed in claim 4, wherein the Remote Data Integrity Checking (RDIC) algorithms for auditing of the selected file is selected from a Ex/tract, TagGen, Challenge, ProofGen, Proof Check, Execute, verifyupdate, or a combination thereof.
6. The method (200) as claimed in claim 4, wherein the user device (104) and the cloud server (102) are configured to maintain a shared data flow.
Date: May 28, 2024
Place: Noida

Dr. Keerti Gupta
Agent for the Applicant
(IN/PA-1529)