Improved Write Access Control and Stronger Freshness Guarantee to Outsourced Data.

In secure data outsourcing, even a single unauthorized write operation may heavily ruin the data owner's business operations. Another potential issue is that the untrusted service provider may return stale data to mislead the readers. Existing work on secure write access does not consider misbehavior by users with write authorization to the outsourced data files. The data owner may not wish to allow such users to modify their own written data files after a fixed amount of time. The other type of misbehavior is that a user with revoked access to a resource can modify corresponding latest versions of the resource written by him in collusion with the service provider. Also, the weak freshness guarantee (i.e., the < k, t >-staleness) is not appropriate in many time-sensitive applications. In this work, we address the misbehavior by users who attempt to modify the own written data files. Such misbehavior is detected by the data owner using an audit-based mechanism. The viability of the proposed mechanism is verified by implementing the proposed protocols in Microsoft's Azure platform. A strong freshness guarantee is addressed using proof messages from the service provider so that a read request will return the latest version of the data file at least until the time when the data file is sent from the service provider to a reader.