Secure and efficient data deduplication techniques for cloud storage systems

Abstract

Data outsourcing to a cloud storage brings forth new challenges for efficient utilization of computing resources such as storage space and network bandwidth in the cloud computing infrastructure. Data deduplication refers to a technique that eliminates the redundant data on the storage and transmitting on the network, and is considered to be one of the the most-enabling storage technologies that offers efficient resource utilization in the cloud computing. However, applying data deduplication incurs security vulnerabilities in the cloud storage system so that untrusted entities including a cloud server or unauthorized users may break data confidentiality, privacy and integrity on the outsourced data. It is challenging to solve the problems of data security and privacy with respect to data deduplication, but certainly necessary for offering a mature and stable cloud storage service.

In the dissertation, we study the security implications of data deduplication in the cloud computing environment. We analyze the issues of security and efficiency in various aspects, and propose novel solutions for secure and efficient data deduplication in the cloud storage system.

First, we propose a secure and efficient file deduplication scheme that keeps data confidentiality from a cloud server and unauthorized users. For implementing the deduplication scheme, we construct two symmetric-key equality predicate encryption algorithms, which are cryptographic primitives in the symmetric-key setting that allow to know only equivalence relations among ciphertexts without leaking any other information about that plaintexts. By applying the constructions, the cloud server is able to perform deduplication over encrypted files without any knowledge of their content. This offers data confidentiality against the cloud server while still preserving the desired storage efficiency. In addition, the proposed deduplication scheme adopts randomized approach in hybrid manner. That is, deduplic...