Page 75 - Read Online
P. 75
Page 68 Jiang et al. J Surveill Secur Saf 2020;1:61-78 I http://dx.doi.org/10.20517/jsss.2020.09
comprises s sectors. Each file and each plane of the stereo storage structure stores data as follows.
F d , ,p f = {χ , xy } 1≤≤x n ,1≤ ≤y s
F , dp = {F dp } d ∈D , ∈p P ,1≤ ≤Nf
, , f
Furthermore, there are a warrant list of corresponding files in the header file of each plane in the
structure for the auditing of the log information, which include the file origin, file type, and consistency
of outsourced files. Based on this stereo storage structure, we can quickly search any user’s file and the
corresponding data block fragments to assist one-way anonymous auditing protocol. Additionally, dynamic
data updates are an important part of the auditing schemes. However, due to the particularity of medical
data, changes in the data may cause irreversible effects on the medical data. Therefore, dynamic data
updates in this paper need both patients’ and their attending physicians’ authorization; however, those
updates will not change the division of the original file.
4 SECURITY MODEL
The following security model of the stereo storage structure assisted one-way anonymous auditing scheme
is proposed by designing a series of games between an adversary and a challenger . Taking into
account in our security model the fact that the cloud server may modify or remove the data in the cloud
due to software and hardware failure or man-made destruction, we view the untrusted cloud server as an
adversary and the user as a challenger . The formalized security model of the game is as follows:
(1) Setup. Once security parameter is inputted in the system, the challenger runs the system Setup
algorithm, and generates the system public parameter PP and a master secret key msk. Then, the challenger
sends the system public parameters PP to .
(2) Query. In this process, can spontaneously issue the following two queries to :
KeyGen Queries: At first, queries the secret key for the patient P and physician Q . Then, runs the
B
A
KeyGen algorithm in the system to generate a secret key KAB and sends the secret key to .
Extract Queries: Then, in these queries, adaptively make queries of the signatures for the file M. After
runs the KeyGen algorithm and gets the secret key, runs the Extract algorithm to generate the signatures
of the file M. Next, sends the signatures of the file M to .
(3) Challenge. In this phase, plays the role of a prover to yield a valid proof and acts as a verifier to
check out the correctness of the proof. The challenger samples a series of random numbers and sends
the challenge chal = {, }i s i ∈ iI to .
(4) Output. Once receiving the challenge from the challenger , the adversary generates corresponding
proof P and feedback to . If this proof P can be verified by with a non-negligible probability, that is to
say, this game ends and ultimately successful in the game above.
5 OUR PROPOSED SCHEME
Our proposed scheme is demonstrated in four phases in this section. Firstly, in the system setup phase, the
KGC sets the system public parameters and a master secret key. Secondly, the KGC generates privacy keys
for users and secret keys for auditing in the registration phase. Next, in the storage phase, users upload
and update files to the cloud along with file warrants, authenticators, and tags. Finally, in the integrity
verification phase, TPA is entrusted by the data owner to verify corresponding data integrity. Note that for
simplicity, some primary notations used throughout the paper are summarized in Table 1. Moreover, the
scheme is described in detail as follows:
