Dredas: Decentralized, reliable and efficient remote outsourced data auditing scheme with blockchain smart contract for industrial IoT

Fan, K; Bao, Z; Liu, M; Vasilakos, AV; Shi, W

Dredas: Decentralized, reliable and efficient remote outsourced data auditing scheme with blockchain smart contract for industrial IoT

Fan, K Bao, Z Liu, M Vasilakos, AV Shi, W

Permalink

Publisher:: Elsevier
Publication Type:: Journal Article
Citation:: Future Generation Computer Systems: the international journal of grid computing: theory, methods and applications, 2020, 110, pp. 665-674
Issue Date:: 2020

Closed Access

	Filename	Description	Size
	1-s2.0-S0167739X19315560-main.pdf	Published version	1.33 MB	Adobe PDF	View/Open

Copyright Clearance Process

Recently Added
In Progress
Closed Access

This item is closed access and not available.

Full metadata record

Field	Value	Language
dc.contributor.author	Fan, K
dc.contributor.author	Bao, Z
dc.contributor.author	Liu, M
dc.contributor.author	Vasilakos, AV
dc.contributor.author	Shi, W
dc.date.accessioned	2020-12-20T03:02:34Z
dc.date.available	2020-12-20T03:02:34Z
dc.date.issued	2020
dc.identifier.citation	Future Generation Computer Systems: the international journal of grid computing: theory, methods and applications, 2020, 110, pp. 665-674
dc.identifier.issn	0167-739X
dc.identifier.uri	http://hdl.handle.net/10453/144862
dc.description.abstract	© 2019 Elsevier B.V. The development of cloud computing and the Internet of things (IOT) attracts more and more enterprises to outsource the data from their Industrial Internet of things (IIOT) to cloud servers in order to save operating costs and improve efficiency. However, in this environment, protecting the security and privacy of data storage is an important challenge for IIOT and cloud server provider (CSP). Data auditing could allow data owner discover malicious behaviors of CSP which destroy their outsourced data. The public auditing authorizes the trusted third part auditor (TPA) to audit the owner's outsourced data and frees owner from regular tasks. However, the public auditing using TPA is considered a centralized auditing, and the TPA is assumed totally honest, but it is difficult to find a reliable auditing organization. In this paper, a novel decentralized auditing smart contract in Ethereum is proposed. By replacing the TPA with a designed smart contract, a decentralized auditing scheme (Dredas) is proposed, where anyone can obtain the auditing result from Ethereum without worrying about semi-honest TPA. Compared with traditional auditing, apart from being able to perform traditional auditing functions, Dredas has three important benefits over previous work. First, the random values of challenge are more secure. Dredas chooses the current blockchain nonce as a random seed to prevent any party forging random values. Secondly, in order to achieve a safe, regular, proactive auditing, the protocol writes the auditing rules into the blockchain, and uses the number blocks on the Ethereum as the security timestamp. Finally, data owner, user and CSP must pay some ether for smart contract as deposit. This way not only inhibits the malicious behavior of these three parties, but also makes it more reasonable in real life. We implement Dredas to show that the computation costs are reasonable and efficient.
dc.language	en
dc.publisher	Elsevier
dc.relation.ispartof	Future Generation Computer Systems: the international journal of grid computing: theory, methods and applications
dc.relation.isbasedon	10.1016/j.future.2019.10.014
dc.rights	info:eu-repo/semantics/closedAccess
dc.subject	0803 Computer Software, 0805 Distributed Computing, 0806 Information Systems
dc.subject.classification	Distributed Computing
dc.title	Dredas: Decentralized, reliable and efficient remote outsourced data auditing scheme with blockchain smart contract for industrial IoT
dc.type	Journal Article
utslib.citation.volume	110
utslib.for	0803 Computer Software
utslib.for	0805 Distributed Computing
utslib.for	0806 Information Systems
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Electrical and Data Engineering
pubs.organisational-group	/University of Technology Sydney
utslib.copyright.status	closed_access	*
pubs.consider-herdc	true
dc.date.updated	2020-12-20T03:02:32Z
pubs.publication-status	Published
pubs.volume	110

Abstract:

© 2019 Elsevier B.V. The development of cloud computing and the Internet of things (IOT) attracts more and more enterprises to outsource the data from their Industrial Internet of things (IIOT) to cloud servers in order to save operating costs and improve efficiency. However, in this environment, protecting the security and privacy of data storage is an important challenge for IIOT and cloud server provider (CSP). Data auditing could allow data owner discover malicious behaviors of CSP which destroy their outsourced data. The public auditing authorizes the trusted third part auditor (TPA) to audit the owner's outsourced data and frees owner from regular tasks. However, the public auditing using TPA is considered a centralized auditing, and the TPA is assumed totally honest, but it is difficult to find a reliable auditing organization. In this paper, a novel decentralized auditing smart contract in Ethereum is proposed. By replacing the TPA with a designed smart contract, a decentralized auditing scheme (Dredas) is proposed, where anyone can obtain the auditing result from Ethereum without worrying about semi-honest TPA. Compared with traditional auditing, apart from being able to perform traditional auditing functions, Dredas has three important benefits over previous work. First, the random values of challenge are more secure. Dredas chooses the current blockchain nonce as a random seed to prevent any party forging random values. Secondly, in order to achieve a safe, regular, proactive auditing, the protocol writes the auditing rules into the blockchain, and uses the number blocks on the Ethereum as the security timestamp. Finally, data owner, user and CSP must pay some ether for smart contract as deposit. This way not only inhibits the malicious behavior of these three parties, but also makes it more reasonable in real life. We implement Dredas to show that the computation costs are reasonable and efficient.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/144862