SECURE DEDUPLICATION, VERIFICATION, AND RELIABILITY ASPECTS OF CLOUD STORAGE

Abstract

Cloud storage services allow users to remotely store their data in a distributed environment and enjoy the cloud applications ubiquitously. However, Cloud Storage Providers generally maintain a single copy of the identical data received from multiple sources to optimize the space. They cannot deduplicate the identical data when the clients upload the data in the encrypted form. To address this problem, recently, Duplicateless Encryption for Simple Storage (DupLESS) scheme is introduced in the literature. Besides, the data stored in the cloud is not reliable due to data losses. However, this scheme stores the key and data on a single storage server, which is not reliable if that server is down. In essence, the existing related works aim to handle either secure-deduplication or reliability are limited to either key reliability or data reliability. Hence, there is a need for developing a secure-deduplication mechanism that is not vulnerable to any malicious activity, semantically secures both data and key, and achieves reliability. In this thesis, rst, we handle reliability issues by investigating optimal encoding parameters. Most of the existing literature focuses on either the cost of recovery or overhead due to the redundant storage without considering the interests of the users, such as high reliability and lower storage cost. We believe that the storage service providers should choose an appropriate encoding scheme with optimal values of two encoding parameters, i.e., data fragments and parity fragments. The values of these encoding parameters depend on the size of the input data and the Quality of Service (QoS) requirements of the users, such as storage e ciency, availability, and recoverability. These parameters play a crucial role in providing higher reliability and lower storage costs. Therefore, in this thesis, we investigate the optimal encoding parameters that meet the users' expectations. Further, we utilized the ndings of this study in subsequent works to attain reliability in the secure deduplication environment and the veri cation framework. Subsequently, this thesis describes the secure-deduplication framework to meet the speci c design goals such as compromise resilience, brute-force attack resilience, reliability, securededuplication, key security, and management. We use the DupLESS concept and Erasure Coding (EC) scheme to achieve secure-deduplication and reliability for both data and key, respectively. To address the secure-deduplication problems, this thesis proposes the dualDup framework that a) optimizes the storage by eliminating the duplicate encrypted data from multiple users by extending the DupLESS concept, and b) securely distributes the data and key fragments to achieve the privacy and reliability using EC scheme. The erasure encoding scheme creates multiple coded data and parity fragments to protect the data from losses. Besides, to maximize users' trust, we also integrate a veri cation mechanism that guarantees the correctness of the stored data. The storage application fragments the user data and stores them on multiple cloud storage servers. However, it su ers from expensive data aggregation computations while processing veri cation services and inevitably poses a data integrity veri cation challenge. To avoid these expensive computations, we simplify the veri cation procedure without needing the data aggregation, just by storing the evidence fragments and data fragments across the datacenters. In distributed environments, the storage correctness veri cation mechanism depends on the availability of storage servers. Therefore, the challenge of proof/evidence availability may arise due to a server failure or data corruption, hence, decreasing the reliability of storage correctness veri cation. Thus, the problem of proof reliability is introduced over the distributed data. A few techniques proposed in the literature provide data reliability; however, none of these existing works have considered the proof reliability to the best of our knowledge. To address the new issue of proof reliability, in this thesis, we utilize and leverage the EC scheme to propose a reliable storage correctness veri cation solution that guarantees the retrieval of evidence and minimizes the e ect of server failure/unavailability.