Cloud computing has emerged as a great advantage to enterprise and individual users dealing with large data size. There is significant cost associated with data storage and considering the rapid rate at which data is getting generated, users are finding it more cost effective to push data to cloud storage services. However, security is a major concern for cloud users because control boundaries are moving towards cloud provider. In such scenario, cloud consumers desire more mechanisms to get assurance about security of their data stored with cloud provider. There are opportunities of data integrity violation due to malicious intent or lack of controls within cloud provider environment.
Many companies in cloud market are providing cost-effective and scalable file storage in the cloud. However verifying integrity of data stored with third party still remains challenge for cloud user community. There are various technical and operational issues which can compromise integrity of customer data in cloud. SLA's and contracts do not provide technical, efficient and verifiable method to find the integrity status of data hosted in cloud provider environment.
There are some tools available with cloud provider which checks the integrity of data over a period but their usage are limited to cloud provider and such tools many times do not provide option for cloud customer or user to verify independently the integrity of data. The tools and processes used at cloud provider side usually perform integrity check independent of requirement of particular user and data. Some available tools for data integrity verification of storage tapes might perform the verification for entire data block set or tape. Cloud customer/user might be only interested in verifying integrity of their data only instead of complete data storage. Most of the data integrity verification techniques require cryptographic operation for verification to be performed by device with significant computation capability. In a scenario where multiple cloud users use such machine, it cannot be considered as trusted or personalized device.
In view of foregoing discussion there is a need for providing a mechanism to cloud customer for verifying integrity of cloud data using unconnected trusted device.