The invention relates generally to a method for providing integrity and consistency of a cloud storage service to a group of mutually trusted clients. The invention relates further to a server system, a cloud system a cloud storage system, a data processing program, and a computer program product.
More and more people are outsourcing their data into the cloud, in particular cloud storage. That brings several advantages such as global accessibility, cost efficiency, and disaster protection. Particularly, collaborating on a shared resource using cloud services is easier than ever before. For example, programmers work together using online source code repositories, project teams spanning multiple companies produce complex technical deliverables, or friends simply share their holiday photo albums with others. Nevertheless, cloud services have also one serious drawback: the users rely fully on the provider in terms of confidentiality and correctness. In other words, they need to trust the cloud provider. Using modern cryptographic encryption schemes can preserve the confidentiality but cannot prevent from inadvertent or malicious modifications by the provider.
There are several disclosures related to a method for providing a cloud storage service to a group of clients.
U.S. Pat. No. 8,706,701 describes example embodiments of an authenticated file system that provides integrity and freshness of both, data and metadata. The architecture is natural to cloud settings involving a cloud service provider and enterprise-class tenants, thereby addressing key practical considerations, including garbage collection, multiple storage tiers, multi-layer caching, and check-pointing.
U.S. Pat. No. 8,676,710 discloses a method of providing security as a service in a cloud storage environment, including storing, through a cloud manager of the cloud storage environment, a security level of access of a storage controller associated with a customer of the security as a service, and receiving a request from the customer to access security information of the storage controller associated therewith.
However, there may be a need to overcome limitations of existing technologies, in particular, providing a trusted cloud storage service that is lean, reliable and that has little overhead and that addresses the integrity and consistency of data residing on untrusted cloud storage.