Data deduplication has attracted many cloud service providers (CSPs) as a way to reduce storage costs. Even though the general deduplication approach has been increasingly accepted, it comes with many security and privacy problems due to the outsourced data delivery models of cloud storage. To deal with specific security and privacy issues, secure deduplication techniques have been proposed for cloud data, leading to a diverse range of solutions and trade-offs. Hence, in this article, we discuss ongoing research on secure deduplication for cloud data in consideration of the attack scenarios exploited most widely in cloud storage. On the basis of classification of deduplication system, we explore security risks and attack scenarios from both inside and outside adversaries. We then describe state-of-The-Art secure deduplication techniques for each approach that deal with different security issues under specific or combined threat models, which include both cryptographic and protocol solutions. We discuss and compare each scheme in terms of security and efficiency specific to different security goals. Finally, we identify and discuss unresolved issues and further research challenges for secure deduplication in cloud storage.
Bibliographical noteFunding Information:
This work was supported by a Korea University Grant and by a National Research Foundation of Korea (NRF) grant funded by the Korean government (MSIP) (no. 2016R1A2A2A05005402).
© 2017 ACM.
- Deterministic information dispersal
- Message-dependent encryption
- Proof of ownership
- Traffic obfuscation
ASJC Scopus subject areas
- Theoretical Computer Science
- Computer Science(all)