ABSTRACT
SSPs include cloud storage providers (such as Amazon, Google, and IBM), providers of services for online data backup, recovery, or archival that target both businesses and individual consumers (such as Iron Mountain [www. ironmountain.com], EVault [www.evault.com], Mozy [mozy.com], or Carbonite [www. carbonite.com]), and even providers of web-based e-mail services (such as Google Gmail and Yahoo Mail). Verifying the authenticity
CONTENTS 21.1 Introduction 277 21.2 Remote Data Integrity Checking for Static Settings 278
21.2.1 Requirements for RDIC Schemes 278 21.2.2 Early RDIC Schemes 279 21.2.3 Provable Data Possession 279
21.2.3.1 Adversarial Model 280 21.2.3.2 e PDP Scheme 280 21.2.3.3 Achieving Robustness 282 21.2.3.4 Remarks 282
21.2.4 Proofs of Retrievability 283 21.3 RDIC for Dynamic Data 284
21.3.1 Dynamic Provable Data Possession 284 21.3.2 Dynamic Proofs of Retrievability 284 21.3.3 Auditable Version Control Systems 286
21.4 Summary 287 Further Reading 287 References 287
of data stored remotely on untrusted servers has emerged as a critical issue. It arises in peer-to-peer storage systems (Kubiatowicz et al. 2000), network le systems (Li et al. 2004; Kallahalla et al. 2003), long-term archives (Maniatis et al. 2005), web-service object stores (Yumerefendi and Chase 2007), and database systems (Maheshwari et al. 2000). Such systems prevent storage servers from misrepresenting or modifying data by having data owners keep a small piece of metadata that allows them to check the authenticity of the data upon retrieval.
