Enabling public auditability for operation behaviors in cloud storage

Hui Tian, Zhaoyi Chen, Chin Chen Chang, Minoru Kuribayashi, Yongfeng Huang, Yiqiao Cai, Yonghong Chen, Tian Wang

Research output: Contribution to journalArticlepeer-review

22 Citations (Scopus)


In this paper, we focus on auditing for users’ operation behaviors, which is significant for the avoidance of potential crimes in the cloud and equitable accountability determination in the forensic. We first present a public model for operation behaviors in cloud storage, in which a trusted third party is introduced to verify the integrity of operation behavior logs to enhance the credibility of forensic results as well as alleviate the burden of the forensic investigator. Further, we design a block-based logging approach to support selective verification and a hash-chain-based structure for each log block to ensure the forward security and append-only properties for log entries. Moreover, to achieve the tamper resistance of log blocks and non-repudiation of auditing proofs, we employ Merkle hash tree (MHT) to record the hash values of the aggregation authentication block tags sequentially and publish the root of MHT to the public once a block has been appended. Meanwhile, using the authentication property of MHT, our scheme can provide log-less verification with privacy preservation. We formally prove the security of the proposed scheme and evaluate its performance on entry appending and verification by concrete experiments and comparisons with the state-of-the-art schemes. The results demonstrate that the proposed scheme can effectively achieve secure auditing for log files of operation behaviors in cloud storage and outperforms the previous ones in computation complexity and communication overhead.

Original languageEnglish
Pages (from-to)2175-2187
Number of pages13
JournalSoft Computing
Issue number8
Publication statusPublished - Apr 1 2017


  • Cloud storage
  • Merkle hash tree
  • Operation behaviors
  • Public auditing
  • Secure logging

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Software
  • Geometry and Topology


Dive into the research topics of 'Enabling public auditability for operation behaviors in cloud storage'. Together they form a unique fingerprint.

Cite this