Triangular data privacy-preserving model for authenticating all key stakeholders in a cloud environment

Cloud computing is a relatively new paradigm that provides numerous advantages to service providers, developers, and customers with respect to flexibility, scalability, and availability at a lower cost. Motivated by these technical and economical advantages, many data owners outsource their data to centralized large data centers where the data are not only stored but also shared among multiple users. This method of data outsourcing brings many new security challenges for data integrity. There have been several mechanisms proposed lately that allow data owners to use a public verifier (e.g., a third-party auditor (TPA)) for efficiently auditing cloud data integrity. The use of a TPA for this purpose is inevitable, since it provides several advantages to both cloud service users (CSUs) and cloud service providers (CSPs) in terms of efficiency, fairness, trust, etc. - which is essential to achieve economies of scale for cloud computing. Although the existing public auditing schemes are capable of simultaneously performing multiple auditing tasks (including the integrity of cloud data) in an efficient manner, these methods can reveal confidential information to public verifiers which makes a TPA a potential threat to the data security of CSUs and the reputation of CSPs. Therefore, cloud computing requires a holistic approach to security that can deal with all the potential threats that exist in the cloud environment. Taking these points into account, this paper presents a novel triangular data privacy-preserving (TDPP) model that supports public auditing with the capability of auditing all the key stakeholders (i.e., CSU, TPA, and CSP) for achieving optimal security in a cloud environment. Specifically, our proposed TDPP model supports three types of auditing. First, the TPA can audit the CSP for ensuring (a) the correctness of the CSU's data stored at the service provider side and (b) that the CSP is in full compliance of its own service level agreement (SLA). Second, the TPA can audit the CSU to (a) determine any violation of terms and conditions defined in the SLA for the cloud services provided by the CSP and (b) monitor the feedback provided by the CSU for the utilized services. Third, either the CSU or CSP can audit the TPA to minimize the possibility of any potential insider threats or attacks. For instance, the CSU can audit the TPA to (a) ensure that private information being shared with the TPA is not disclosed to any third party or misused by an insider and (b) verify that the TPA performs assigned auditing tasks according to the given specification within the agreed time frame. Our experimental results demonstrate the effectiveness and efficiency of our proposed scheme when auditing all key stakeholders.