Verifiability and accountability in the Cloud

Azraoui, Monir

Cloud computing is perceived as the "holy grail"  to cope with the handling of tremendous amounts of data collected every day from sensors, social networks, mobile devices, etc.  Hence, outsourcing the storage and processing of this data to the cloud cancels the need to invest in expensive storage and computing hardware or software. However, many organizations are reluctant to resort to cloud technologies. Indeed, the inherent transfer of control over storage and computation to untrusted cloud servers  raises various security challenges. In this regard, verifying cloud operations and making the cloud accountable for its actions can help users have more control over their resources and can reduce the impact of mistrust in the cloud. The literature describes methods to verifiably outsource storage and computation. However, many of the existing methods involve heavy cryptographic techniques, which render the solutions inefficient. Besides, very few  technical solutions were proposed to achieve accountability in the cloud.

This thesis proposes more efficient cryptographic protocols that enable cloud users to verify (i) the correct storage of outsourced data and (ii) the correct execution of outsourced computation. We first describe a cryptographic protocol that generates proofs of retrievability, which enable data owners to verify that the cloud correctly stores their data.  We then detail three cryptographic schemes for verifiable computation by focusing on three operations frequent in data processing routines, namely polynomial evaluation, matrix multiplication and conjunctive keyword search. The security of our solutions is analyzed in the provable security framework and we also demonstrate their efficiency thanks to prototypes. We also introduce A-PPL, an accountability policy language that allows the expression of accountability obligations into machine-readable format. We expect our contributions to foster cloud adoption by organizations still wary of using this promising paradigm.


Sécurité numérique
Eurecom Ref:
© TELECOM ParisTech. Personal use of this material is permitted. The definitive version of this paper was published in and is available at :
See also: