Practical cloud storage auditing using serverless computing

Cloud storage auditing research is dedicated to solving the data integrity problem of outsourced storage on the cloud. In recent years, researchers have proposed various cloud storage auditing schemes using different techniques. While these studies are elegant in theory, they assume an ideal cloud storage model; that is, they assume that the cloud provides the storage and compute interfaces as required by the proposed schemes. However, this does not hold for mainstream cloud storage systems because these systems only provide read and write interfaces but not the compute interface. To bridge this gap, this work proposes a serverless computing-based cloud storage auditing system for existing mainstream cloud object storage. The proposed system leverages existing cloud storage auditing schemes as a basic building block and makes two adaptations. One is that we use the read interface of cloud object storage to support block data requests in a traditional cloud storage auditing scheme. Another is that we employ the serverless computing paradigm to support block data computation as traditionally required. Leveraging the characteristics of serverless computing, the proposed system realizes economical, pay-as-you-go cloud storage auditing. The proposed system also supports mainstream cloud storage upper layer applications (e.g., file preview) by not modifying the data formats when embedding authentication tags for later auditing. We prototyped and open-sourced the proposed system to a mainstream cloud service, i.e., Tencent Cloud. Experimental results show that the proposed system is efficient and promising for practical use. For 40 GB of data, auditing takes approximately 98 s using serverless computation. The economic cost is 120.48 CNY per year, of which serverless computing only accounts for 46%. In contrast, no existing studies reported cloud storage auditing results for real-world cloud services.