Public Data Auditing with Constrained Auditing Number for Cloud Storage

As the popularity and the proliferation of cloud storage increase, data security is becoming one of the biggest concerns for users of cloud storage. How to preserve the data integrity, as one of the most important security aspects, has been a research hotspot in the field of cloud security. Many data auditing schemes for checking the data integrity have been presented, however; these schemes are based on the assumption that the third party auditor (TPA) is secure and trustworthy. If TPA becomes wicked, these schemes are easy to make cloud server suffer distributed denial-of-service (DDOS) attack. In order to deal with this problem, we propose an authorized auditing scheme with constrained auditing number in this paper In our scheme, only authorized TPA can make valid challenges to cloud for data integrity checking. Moreover; the total auditing number that an authorized TPA can make is decided by the user In our construction, a constrained auditing number is integrated into the authorization generated by user to achieve this property. Once the number of a TPA's auditing reaches the constraint, cloud server will not respond to this TPA's challenges, which literally rules out the threat of DDOS attack. Analysis and experimental results show the proposed scheme is secure and efficient.