Dredas: Decentralized, reliable and efficient remote outsourced data auditing scheme with blockchain smart contract for industrial IoT

Publication Type:
Journal Article
Future Generation Computer Systems: the international journal of grid computing: theory, methods and applications, 2020, 110, pp. 665-674
Issue Date:
Filename Description Size
1-s2.0-S0167739X19315560-main.pdfPublished version1.33 MB
Adobe PDF
Full metadata record
© 2019 Elsevier B.V. The development of cloud computing and the Internet of things (IOT) attracts more and more enterprises to outsource the data from their Industrial Internet of things (IIOT) to cloud servers in order to save operating costs and improve efficiency. However, in this environment, protecting the security and privacy of data storage is an important challenge for IIOT and cloud server provider (CSP). Data auditing could allow data owner discover malicious behaviors of CSP which destroy their outsourced data. The public auditing authorizes the trusted third part auditor (TPA) to audit the owner's outsourced data and frees owner from regular tasks. However, the public auditing using TPA is considered a centralized auditing, and the TPA is assumed totally honest, but it is difficult to find a reliable auditing organization. In this paper, a novel decentralized auditing smart contract in Ethereum is proposed. By replacing the TPA with a designed smart contract, a decentralized auditing scheme (Dredas) is proposed, where anyone can obtain the auditing result from Ethereum without worrying about semi-honest TPA. Compared with traditional auditing, apart from being able to perform traditional auditing functions, Dredas has three important benefits over previous work. First, the random values of challenge are more secure. Dredas chooses the current blockchain nonce as a random seed to prevent any party forging random values. Secondly, in order to achieve a safe, regular, proactive auditing, the protocol writes the auditing rules into the blockchain, and uses the number blocks on the Ethereum as the security timestamp. Finally, data owner, user and CSP must pay some ether for smart contract as deposit. This way not only inhibits the malicious behavior of these three parties, but also makes it more reasonable in real life. We implement Dredas to show that the computation costs are reasonable and efficient.
Please use this identifier to cite or link to this item: