A Survey on Proof of Retrievability for Cloud Data

Integrity and Availability: Cloud Storage State-of-

the-Art, Issues, Solutions and Future Trends
Tan Choon Beng1, Mohd Hanafi Ahmad Hijazi1, Yuto Lim2, Abdullah Gani3
1Facultyof Computing and Informatics, Universiti Malaysia Sabah, Jalan UMS, 88400 Kota Kinabalu, Sabah, Malaysia
2WiSE Laboratory, School of Information Science, Japan Advanced Institute of Science and Technology, Japan
3 Centre for Mobile Cloud Computing Research (C4MCCR), Faculty of Computer Science and Info Technology,

University of Malaya, Malaysia

Abstract: Cloud storage has emerged as the latest trend for data storage over the traditional storage method which consume
more storage spaces of data owner resources for backup and disaster recovery purposes. Due to the openness nature of cloud
storage, trustworthy to the storage providers remains a critical issue amongst data owners. Hence, a huge number of businesses
around the world remains choosing traditional storage method over cloud storage. This indicates a need for cloud storage
providers to adopt cloud integrity schemes to ensure the outsourced data is secured to gain trustworthiness from clients. There
are two main cloud integrity schemes available to ensure data integrity and availability: (i) Provable Data Possession (PDP)
and (ii) Proof of Retrievability (PoR). PDP and PoR are protocols designed for cloud storage to proof to clients that the stored
data is intact. Although PDP and PoR have similar functionality for providing cloud data integrity and availability, PoR is
found to be much better than PDP with respect to full data retrievability as PoR provides recovery to faulty or corrupted
outsourced data in which PDP does not cover. The objective of this paper is to examine the state-of-the-art of PoR and
subsequently to identify the issues of employing PoR on cloud storage and suggest possible solutions. We analyse available
PoR schemes. Then, the issues and challenges as a result of employing PoR specifically and cloud storage generally are
described. Some possible countermeasures to address the identified issues are suggested. Finally, the potential future work of
PoR schemes and future trends of cloud storage are presented.

Keywords: cloud computing, cloud storage integrity scheme, proof of retrievability, data integrity, data availability

1. INTRODUCTION not only for personal use, but also for business use as well as
information sharing. These facts show that cloud computing is
Cloud computing is a term we widely heard and used in our ubiquitous, where the services are available for everyone in
modern daily lives. According to definition of the term “cloud anywhere at any time, provided Internet connection.
computing” given by National Institute of Standards and
Technology (NIST), it is: Statistics provided by Statista, one of the international
online statistics databases, shown that the worldwide spending
“A model for enabling ubiquitous, convenient, on- on public cloud increases from year to year without inflation [3].
demand network access to a shared pool of configurable This statistic in other mean has shown the fact that the global
computing resources (e.g., networks, servers, storage, demand on cloud computing is increasing. The main reason lies
applications, and services) that can be rapidly provisioned and behind the increasing in demand of cloud computing over
released with minimal management effort or service provider traditional storage method is the benefits provided by cloud
interaction.” [1] computing itself, including efficient telecommute, data storage
and backup, as well as disaster recovery [4].
Generally, cloud computing is a distributed shared
service provided by cloud service provider (CSP), where shared Although the adoption of cloud computing is increasing
resources are available to its users, usually on a pay-as-you-go all the way, but not all corporates move to cloud. Indeed, there
basis. As for cloud computing, it can be categorized into three are obstacles that inhibit the adoption of cloud, for instances,
types, namely Platform as a Service (PaaS), Software as a vendor lock-in, reliability, privacy, pricing, interoperability, and
Service (SaaS), and Infrastructure as a Service (IaaS) [2]. Social the most important factor to mention, the security [5] [6]. But
media applications such Facebook, Twitter, YouTube, etc. are why security is so important in cloud? As thing goes open where
examples of cloud computing services we have been using since accessibility is ubiquitous to everyone, like cloud, there is a high
years ago. Besides, application such as Amazon Web Services, possibility that it will be taken advantages by some malicious
Google Apps, and Dropbox are also widely used in different adversaries such as hackers with no good means. If this huge
sectors of society around the world in 24/7 for various purposes, information pool is targeted by pro-hackers, serious damages
could be inflicted to not only the data owners, but other As a brief introduction, PoW was firstly introduced by
stakeholders as well. Even those well-known large-scale cloud [9] to allow a cloud user proof to a cloud in which the file is truly
service providers such as Amazon, Google, Microsoft and Sony owned by the user to prevent malicious adversaries from
could not escape and suffered from cloud incidents, in fact, they downloading it even without legal access provided. Since then,
contributed to more than half of overall [7]. When security is there were more PoW schemes been introduced by other
absent or weak in cloud storage, it could cause data leakage as researchers for the same purpose but with improvement in
someone else who is unauthorized can access the cloud data algorithm, for example [10], [11], and [12].
easily. For example, one of the infamous cloud data breach was
the incident happened in 2010, in which data stored in Microsoft Although PoW ensure only true data owner or
Business Productivity Online Suite (BPOS) was downloaded by legitimate shared data client is allowed to retrieve the stored data,
unauthorized cloud users [98] [99]. cloud server is always labeled untrustworthy. With respect to this,
PDP was introduced by [13] to allow the storage server to proof
Again, from the statistic provided by Statista, it is to its client that the stored data is actually possessed by the server
clearly shown that global spending on public cloud IaaS is with probabilistic possession guarantees. Since then, other PDP
always overwhelming the total of the other two (PaaS and SaaS) schemes such as [14], [15], and [16] were introduced to highlight
from year to year [2]. In other words, IaaS such as cloud storage cloud data integrity. Nevertheless, as PDP itself does not provide
is the main demand of the world for cloud computing. Therefore, recovery on corruption, hence stored data will be irretrievable if
by relating the increasing global demand to cloud [2], high corruption occurs, thus causing negative impacts to stakeholders
number of cloud incidents occurred in top cloud storage respectively such as data loss, financial damage, as well as loss
providers [7], and cloud security as the major obstacle which of trust from client.
inhabits the adoption of cloud in some corporates [5] [6], hence
it is clear that cloud information security is playing a significant PoR [17] that ensure cloud data integrity, similar to that
role in reducing or even solving most of the cloud incidents. of PDP, but with error-correcting codes (ECC) to allow recovery
of data corruption was introduced to address the limitation of
Information Systems Audit and Control Association PDP. Later, another PoR scheme was introduced by [18], in
(ISACA), had defined the term information security as: which erasure coding was applied to allow recovery in case of
data corruption. Meanwhile, limitations in [17] such as
“Ensures that within the enterprise, information is constrained number of challenges could be conducted by client
protected against disclosure to unauthorized users to the server to verify the integrity of a stored file, were then
(confidentiality), improper modification (integrity), and non- overcome in [18], provided unbounded number of PoR
access when required (availability).” [8] challenges.

In short, information security is composite of three main As more and more PoR schemes have been proposed in
elements as highlighted in ISACA Glossary of Terms [8], the recent years, there is a need to make a survey to summarize
confidentially, integrity and availability. Usually, these three the latest trend of PoR schemes. Even though there are some
components are known as CIA triad, but to avoid confusion with cloud storage security related survey papers been published, such
the term Central Intelligence Agency (CIA), the information as [19], [20], and [21], but they did not sufficiently address the
security’s CIA triad model sometimes is termed as AIC triad techniques, issues and trend on PoR schemes. Brief surveys on
instead. PoR specifically can be found in [22] and [23] with limited
number of PoR schemes surveyed and insufficient examples and
Similarly, as far as cloud storage security is concerned, details. Therefore, the motivation of this paper is to provide a
lots of cloud storage security schemes have introduced by survey on work of recent PoR schemes published from 2013 to
researchers since years ago. Generally, cloud data security 2016. The objectives are (i) to identify the current state of PoR
schemes can be categorized into three main categories, Proof of schemes, (ii) to identify issues of employing PoR on cloud
Ownership (PoW), Provable Data Possession (PDP), and Proof storage and potential solutions and (iii) to identify future works
of Retrievability (PoR). For a brief understanding of differences of PoR schemes.
between PoW, PDP and PoR, a general view of proofs in cloud
storage (provided from prover and shown to auditor) is shown in The key contributions of this survey paper, each of
Figure 1 below. which addressed each of the identified objective, are listed as
follow:

1. We provide a taxonomy on recent PoR schemes with

details by adapting several relevant attributes from [69]
while widen the categorization which fits for PoR
schemes.
2. Discussion and summarization on current cloud storage
security issues and countermeasure works correspond
to the security issues.
3. Discussion and identification of future trends of cloud
storage and future works of PoR schemes.

Figure 1: Difference Between PoW vs PDP / PoR This paper is organized as follows. Section 2 described
about methodology used in this survey. Section 3 discusses and
2
summarizes current cloud storage issues and vulnerabilities, as CSP after deletion. The reason is that, since at the moment this
well as countermeasure works had done by cloud security teams issue is happens, it indicates that the CSP is dishonest, and it is
corresponding to the security issues. In Section 4, latest existing no way for a dishonest CSP notice its client about the fact that
PoR schemes are discussed and a taxonomy of recent PoR they are possessing the deleted copy. Anyway, the best
schemes is presented. Section 5 presents the discussion and prevention of this issue is to choose a trustable CSP for data
identification on future trends of PoR schemes and cloud storage. outsourcing and apply privacy measures such as encryption to
Lastly, Section 6 concludes this paper. secure the outsourced data.

2. METHODOLOGY To ensure data privacy, encryption usually is the best

hit. Many large CSP such as Dropbox, Microsoft OneDrive and
In this section, the methodology used to conduct the survey of Google Drive are offering their services with encryption on
recent PoR schemes is described. outsourced data. Regarding to this, [72] and [73] have provided
some evidences on comparing Dropbox, OneDrive and Google
Firstly, to identify the risks of cloud storage and issues Drive. Dropbox uses 128-bit Secure Sockets Layer / Transport
of recent PoR schemes which related to data integrity and Layer Security (SSL/TLS) to encrypt data in transit and 256-bit
availability, several sources are referred which include online Advanced Encryption Standard (AES) encryption for data at rest
resources such as news, forums and articles, cloud vendors’ sites, [75]; Google Drive uses 256-bit SSL/TLS encryption for data in
as well as published works such as survey and technical papers. transit and 128-bit AES encryption for data at rest [76];
Online sources are used to obtain the latest information about OneDrive uses 128-bit SSL/TSL encryption for data in transit,
cloud storage such as associated risks and past cloud incidents. but 256-bit AES encryption for data at rest only available in
Meanwhile, survey and technical papers are used to identify the OneDrive for Business [77], which means data stored in personal
state-of-the-art of PoR related research, cloud storage risks, PoR OneDrive accounts are vulnerable as having no encryption on
related issues as well as future work for cloud and PoR. data at rest [74]. By looking at these facts, it is clear that which
CSP is more secure and otherwise. For encryption, it can be done
To ensure that this survey covers the latest trend of on either client side or server side, as where the encryption keys
cloud storage and PoR schemes, only articles of PoR schemes are kept. For a stronger security means in term of privacy, it is
published in recent years (2013-2016), are considered. Two better to go for client-side encryption rather than server-side
papers that first present PoRs, [17] and [18], are also considered. encryption although computation and processing time are much
A total of 97 articles and references are included in this survey. a burden on client device. This is to allow client to possess the
Most of the articles present work on PoR (43 articles). The encryption key for data security. However, decryption on
remaining are articles on PoW, PDP and cloud data integrity. All encrypted data would be impossible if client loss the encryption
the articles referred in this survey can be found in Scopus key. Nonetheless, for resource constraint devices like smart
database. phones and tablets, client-side encryption is not recommended
due to high computation cost needed.
3. STATE-OF-THE-ART CLOUD STORAGE AND
The next major risk mentioned in [70] is government
POR SCHEMES
intrusion. This issue is closely related to confidentiality of stored
data. Having information stored in cloud servers make ease for
In this section, discussions on current cloud storage issues, authorities to gain access to it without any knowledge of data
vulnerabilities and challenges as well as countermeasures are client. It is possible for some authorities to claim that data is
presented. Based on the work found in the literature, we identify owned by CSP, thus making CSP to legally obligated to hands-
the possible cloud storage issues, vulnerabilities and challenges, out needed or targeted data stored under their respective storage
together with some suggestions about their countermeasures. servers. Although some CSP will not easily hands out data
demanded by the authorities without a court order, but no entity
3.1 RISKS ASSOCIATED WITH CLOUD STORAGE can guarantee there will be no data leakage or confidential
disclosure of outsourced sensitive information. Nevertheless,
According to [70], there are several risks associated data privacy concern was significantly raised in 2013 when one
with cloud storage. First of all, using cloud storage, client data is of the contractor Edward Snowden from U.S. Department of
outsourced to cloud storage servers, meaning that the data is at Justice (DOJ), the National Security Agency (NSA), had
possession of someone else and has full control over it. Without exposed information indicating that NSA was using USA Patriot
any data integrity schemes, the outsourced data may be tampered, Act [79] to justify the bulk collection of data about millions of
modified, re-outsourced, and even deleted without notice by phone calls [78]. A suggestion of countermeasure is that
malicious CSP. Therefore, it is more trustworthy from client performing encryption on client side [85] before outsourcing
view that CSP adopts a PoR scheme to ensure stored data data to cloud storage servers. If confidential data has to be stored
integrity. Besides, as CSP is having full control over the stored in cloud servers, it should be encrypted first before being
data, the security of stored data lies within the responsibility of uploaded, else it is not advisable to store confidential data online.
CSP as data client has no physical control and access to the Even though it is not impossible for pros to break the encryption,
stored data. Better safe than sorry, data should be encrypted at however as it is costly and time consuming to do so, unless the
client side before being uploaded to cloud storage. Another thing data is the truly targeted by some authorities, else there is very
is stored data deletion. Regarding to this, as the CSP has full low possibility for them to do so [85].
control over the stored data, it may still possess by CSP as a
duplicate copy even data client has permanently deleted the file, Last but not least, outage of cloud storage servers is also
given reason for rollback deletion function. For this issue, there a major risk that requires serious concern. This issue is closely
is no way data clients can confirm their data is still possessed by
3
related to availability of stored data. When cloud storage is further emphasizing the importance of cloud integrity schemes
outage, all outsourced data is unavailable. Regarding to this, and thus the reason why PoR schemes should be adopted. As a
usually cloud storage servers’ outage is less likely or very rarely solution to ensure both storage, and communication efficiency,
to occurs, according to 99.99% guaranteed availability by CSP XOR based coding such as network coding which is widely
[71]. Nevertheless, it does not mean data outage won’t happens. adopted in communication network can be employed to replace
For examples, even those CSP titans like Microsoft [80], full replication, while computational performance of PoR using
Amazon [81] and Dropbox [82] were having their storage service XOR based coding can be enhanced by parallel processing.
outage. Although there is nothing major has been lost on a wide
scale during these outages, but these should have raise the With the emergence of Internet of Things (IoT), we
concern and awareness of both data client and CSP for cloud have many electronic devices like smart phones and tablets
storage outage risk. As a possible solution, synchronization of integrated to the Internet, and so to cloud storage services. We
cloud data with local devices should be always allowed and may need our smart phones or tablets to have access to our cloud
turned on, so that the latest possible version of data can be used storage account, working on outsourced storing documents using
in case of cloud storage outage. Nonetheless, frequent these resource constraint devices. Thus, there exists a challenge
synchronization of local devices with cloud data would cause a to design a lightweight data auditing scheme for mobile devices
high consumption of bandwidth. Figure 2 summarizes about the which are resource limited [15] [19]. Although people is working
issues and challenges of PoR schemes and cloud storage. on this, as we can see in the work of [49], the researchers have
proposed a lightweight data auditing scheme for resource
From what we have discussed in this sub-section, it can constraint devices like smart phones and tablets. However,
be summarized that cloud storage is having three main issues: according to researchers the scheme [49] needs more efficient
data integrity, data confidentiality and data availability. Out of constructions for less storage requirement and a lower
these three main issues, data integrity and availability are the communication cost. As mentioned in previous paragraph, XOR
most important factors as these are the pre-conditions of the based coding like network coding can be used to save more
existence of a cloud storage service [33]. Although data information using similar or less storage spaces and better
confidentiality is also important, but it is not as important as the communication performance.
other two factors, data availability and data integrity. In fact, not
all CSPs provide cryptography protect against stored data, for On the other hand, data integrity schemes such as PoR
example Microsoft OneDrive do not provide any encryption schemes are vulnerable to malicious threats and similarly cyber-
services on data at rest of personal accounts [77] to ensure data attacks that cause data loss. Some malicious threats include tag
confidentiality. This is the reason why we need PoR schemes forgery attack [69] [83] where malicious cloud storage servers
which ensure both integrity and availability of data stored in attempt to hide stored data damage and bypass auditing process,
cloud storage. data deletion attack [69] in situation where only tags are needed
for proof generation rather than data itself, and replace attack [69]
3.2 ISSUES OF POR WITH RESPECT TO CLOUD STORAGE where corrupted or deleted stored data block and tag pairs are
replaced with other valid pairs so to pass data auditing. For
From the previous sub-section, we have explained the reasons another thing, malicious storage servers may try to cache
why PoR schemes are needed in cloud storage. In this, sub- responses of precious passed auditing challenge to be replayed
section, issues associated with PoR schemes are discussed. in future auditing [53] [57]. Not limited to these attacks, it is
Although PoR schemes ensure data availability and data integrity, possible for a malicious storage server to act dishonest by pass
but in exchange several issues arise, such as efficiency, the auditing process using valid data, but providing corrupted
supportability of devices, malicious threats, and data stored data blocks during repair phase to construct a faulty new
deduplication issues. data blocks instead of recovery. This is known as pollution attack
[53] [69]. Besides, there is also a malicious threat known as data
First of all, we would like to address the efficiency leakage attack [69], where malicious cloud storage servers
issues regarding to computational, storage and communication attempt to extract stored data when verification is using
of cloud integrity schemes (e.g. PoR) for the stored data in cloud wiretapping. Nevertheless, [69] also suggested that data blocks
storage servers [69]. In general, data integrity schemes such as and metadata pairs should be constructed in such a way that they
PoR, preprocess the data before outsourcing it to cloud storage have strong binding with each other, while proof generation
servers. The data preprocessing is time and resource consuming. during data auditing should involves both data and metadata
Thus, a cloud storage service which has implemented cloud pairs as well as randomness factor in challenge-response
integrity schemes suffers from slower data storing process than mechanism. For example, [33] construct the coded block and
others which store data directly in storage servers without metadata in such a way that coded block is the index of
employ security measures. This is because additional data permutation list for recover back the original data for data
preprocessing such as employing erasure codes before storing retrieval using information stored in its metadata.
the data in storage servers takes time. Therefore, it is crucial for
a cloud integrity scheme to have a computational and The last issue of PoR to address here is data
communicational efficient construction to chase up the pace of deduplication. Data deduplication is a process of eliminates
lagging behind due to additional time spent on data redundant data copies in the cloud to saves storage spaces [84],
preprocessing. At the same time, the storage efficiency is also as where data deduplication is commonly adopted in PoW.
important as computational and communicational efficiency, as Meanwhile, PoR is making redundant copies at data blocks level
the cloud data growth rate is exponential [69]. This is a reason to provide recovery and retrievability. In general, PoR schemes
why replication of full data across distributed cloud servers [71] are contradicting the nature of cloud data deduplication as PoR
is no longer suitable and applicable in the near future, thus tends to form data redundancy while data deduplication tends to
4
eliminates redundant data. Faulty deduplication on data stored [59]. To the best of our knowledge, the work done on integrating
using PoR can cause permanent data loss whether partly or fully. PoR with deduplication is limited to static data only. Hence,
Although there are few PoR schemes have been proposed in future work is needed to allow dynamic operations in PoR while
recent years to integrate PoR schemes with data deduplication integrating with PoW as cloud data like documents stored in
where PoR integrate with PoW, for example [30], [44], [47], and Google Docs can be edited online smoothly and safely.

Issues and Challenges CSP has full control over outsourced

Computational, storage and
data
communication efficiency
Uncomplete data
High computation cost of deletion
dynamic PoR schemes for
resource-constraint devices Data
PoR Schemes Cloud Storage privacy/confidentiality of
Vulnerability on malicious data
threats and cyber attacks
Government
intrusion
Inefficient dynamic PoR with data
deduplication
Cloud storage outage

Figure 2: Summary of Issues and Challenges of PoR Schemes and Cloud Storage

and later, [18] was proposed in 2008 for unbounded number of

4. POR SCHEMES FOR CLOUD STORAGE times of PoR data integrity challenge (challenge client to provide
a proof), which is a limitation in [17]. Since then, many PoR
This section firstly shows the time line of PoR schemes. Then, schemes have been proposed by researchers. Figure 3 shows the
the details on PoR schemes proposed by researchers in recent time line of PoR schemes. In this paper, we consider only articles
years are reviewed based on several attributes in taxonomy. indexed by Scopus corresponding to PoR schemes proposed in
Lastly, the taxonomy about reviewed recent PoR schemes is recent years (2013-2016). Since we are only interested with the
tabulated in Table 1. recent PoR schemes, the schemes proposed before the year 2013
are not included in this paper except [17] and [18] as these two
The first PoR scheme was introduced by [17] in 2007 papers are widely referenced and contributed to the idea and
construction of PoR schemes.

Figure 3: Time Line of PoR Schemes

but with error correcting codes employed, it enable cloud data to

recover from corruption. Sentinel is a randomly-valued check
4.1 PRELIMINARY block embedded in encrypted file for storage verification [17].
Meanwhile, Message Authentication Code (MAC) is employed
Before the first PoR scheme [17] is proposed, availability of to determine whether the corruption is correctly recovered, while
outsourced data using replication throughout distributed servers its function is primitively to verify whether the stored file is
in cloud is very resource extensive, especially in this exponential subjected to tampering or not [17]. The function of the sentinel
data growth era. Basically, [17] is a sentinel based PoR scheme, embedded in data is for storage auditing purpose (storage
proposed not only to ensure availability of cloud data like PDP, verification); to verify if the data is entirely stored or otherwise.
5
Besides, the security of this stored file is ensured by means of Nature of data is an important attribute to look in as some CSPs
encryption; in addition to the way the sentinels are embedded provide storage of static data, while some others provide storage
into the encrypted file randomly [17], archive cannot distinguish of dynamic data. Hence, adoption of which PoR scheme in their
between sentinels and portions of original file (which blocks are cloud depending on their needs and the compatibility of PoR
sentinels and which blocks are data), making the storage servers schemes in term of dynamic operation supports such as update,
have no choice but to store the entrusted file properly. delete and insert operations on stored data. The founder of PoR
[17] as well as widely referenced model of PoR [18] are both
Nevertheless, due to the limitation of bounded number exhibit static data nature in their schemes, which means they do
of PoR challenge (number of times where client or auditor can not support dynamic operations. Similarly, PoR schemes such as
challenge storage servers to provide proof where the entrusted [30], [32], [33], [37] and [39] are PoR schemes deal with static
file is stored properly via PoR) in [17], two auditing schemes data. Meanwhile, PoR schemes which support for dynamic data
proposed in [18] to overcome the limitations, on which are operations include [24], [25], [31], [34], [35] and [36].
private audit by using pseudorandom functions (PRF), and
public audit by using Boneh-Lynn-Shacham signature (BLS The second attribute included in the taxonomy is cloud
signature). Meanwhile, both schemes used homomorphic server setup. There are mainly two ways of cloud storage server
authenticators (BLS and PRFs) to reduce response length by setup for PoR schemes; single server setup and multi-servers’
combining blocks and a number of authenticators into a single setup or distributed servers’ setup. Single server usually has a
aggregated block and authenticator. This is because better specification and bigger compared to multiple servers
homomorphic authenticators allow any entity to certify the which are comparably smaller. This is because single server has
output of a complex computation over a huge authenticated data to be very powerful and all-in-one to cover all needed
with only a short tag. Nevertheless, the private audit scheme functionalities such as proxy and storage. PoR schemes which
shown a shorter server response time compared to the public apply single server’s setup require the full data to be stored in a
audit scheme [18]. In term of recovery and data corruption single server, such as [40], [43], [44], [46] and [47]. On the other
resiliency, [18] used erasure coding to recover corrupted data. As hand, multiple servers have different functionalities, but often
time passes, more and more PoR schemes have been proposed. comes with lower specification. In cloud storage, multiple
In the next sub-section, we will review PoR schemes proposed servers’ setup not only allow better performance on large amount
in recent years, from 2013 to 2016. of concurrent storage-retrieval requests, but also represent the
resiliency of the cloud storage system against outages. PoR
4.2 POR SCHEMES PROPOSED IN RECENT YEARS schemes which apply distributed servers’ setup require the full
data to be partitioned or split into parts or chunks, and then
As we can see in the time line of PoR schemes shown in Figure distributed to store in multiple servers, for example [41], [42],
3, lots of PoR schemes have been proposed using different [45], [48] and [49]. Obviously, using distributed servers to store
approaches and techniques of implementation. To adopt the PoR a single file is much more resilient compared to store full data in
in real cloud environment, CSPs have to choose the one that best a single server in term of data availability. Although single server
fits their business objectives. By this mean, we constructed a setup may yield considerably lower communication cost as this
taxonomy of PoR schemes that describes the attributes of the requires no communication between servers, but this setup
surveyed papers; nature of data, cloud storage server setup, form requires the scheme to enable recovery of full data each time
of stored data, recovery, storage auditing, cryptography, as well server corruption happens. They also have the risk of server
as experimentation and analysis. The idea of taxonomy of this downtime problem. In short, distributed servers’ setup is better
paper adapted and modified the structure and several relevant in term of data availability and corruption resiliency than that of
attributes from [69]. As researchers [69] made their taxonomy single server setup for PoR schemes. As a matter of fact, PoR
based on cloud storage integrity schemes in general (PDP, PoR, schemes proposed in recent years that employ distributed servers’
etc.), and since we focus specifically on PoR schemes only, setup have outnumber the single server’s setup PoR schemes.
hence not all attributes in [69] are relevant to be assimilated in Nevertheless, there exists PoR schemes which can be
our paper. The following sub-section describes the taxonomy in implemented in both server setup method, for example [34].
details by summarizing recent PoR schemes.
The third attribute of the taxonomy is the form of stored
4.2.1 RELATED WORKS - RECENT POR SCHEMES data in cloud storage servers. There are lots of forms a file can
be stored in cloud storage servers, like data in their original form
In recent years, a number of PoR schemes have been proposed (not encrypted or coded) and distributed erasure coded data
by researchers to address cloud integrity issues. To gain a better chunks. Nevertheless, it is very difficult to tell which data storage
understanding of related works in PoR schemes, this section form is better as it depends on the techniques used in PoR
provides a taxonomy of recent PoR schemes corresponding to schemes which work on them such as erasure coding and
attributes as follows: nature of data, cloud server setup, form of replication. Depends on different techniques and requirements,
data stored, recovery, auditing, cryptography, and data can be stored as chunks across distributed servers, or even
experimentation and analysis. as forward error-correcting coded (FEC) data stored in just a
single server. Note that FEC is a code to allow the server to have
The first attribute included in the taxonomy of PoR schemes the ability to correct the error without needing for a
in this paper is nature of data. Data can be in mainly two forms, retransmission of the data, for example Hamming code. For PoR
static data and dynamic data. Static data is the data that stay schemes reviewed in this paper, we can categorize this attribute
unchanged after created for examples YouTube videos, whereas into (i) coded blocks with metadata or tags, (ii) data with
dynamic data is the data that consistently changing due to signature or tags, and (iii) others. The first form (i) coded blocks
updates such as word documents stored using Google Docs. and metadata or tags, can be seen as data that is broken into
6
pieces of chunks or parts, then these data chunks changed into data. Data auditing is initiated by client asking the storage servers
coded form (eg. 1100 ⨁ 0011 = 1111) after undergo some to provide proofs via PoR challenges. There are two ways of
operations such as XOR. Metadata or tags in this case served as storage auditing; (i) first is private auditing where data auditing
a key or information for some purpose such as decoding, for is conducted by data owners or shared data users, (ii) second is
example the number of bit ‘1’ in the coded data. PoR schemes public auditing conducted by third party auditor (TPA). For
with data stored as form (i) such [24], [25] and [26] are mostly privacy concern, private auditing is preferred as data is not
applied in distributed server’s setup, although there are some exposed to someone unknown or not trustable, whereas public
exception cases like [40], [58], and [60]. The second form (ii) auditing usually requires trust to TPA or implementation of
data with signature or tags, can be seen as data which its form cryptography schemes to the stored data. There are almost
un-change, but added with some codes (eg. parity bits), mostly similar in number of PoR schemes adopting public auditing such
to preserves their correctness (no corruption) known as metadata as [24], [32], [44], and [48] whereas private auditing such as [17],
or tags. For PoR schemes which have the data to be stored in the [40], [45], and [59]. Only a few PoR schemes adopting both
form (ii), we found that it is more favorable with single server’s private and public auditing such as [18], [35], and [38].
setup PoR schemes compared to other form for data to be stored
in cloud storage server mostly for the sake of saving The sixth attribute of the taxonomy is cryptography.
communication time, for example [37], [43], [44], [46] and [47]. Cryptography is applied on the stored data for privacy concern.
Lastly, some PoR schemes have their client’s data to be stored in Cryptographic techniques reviewed including encryption,
other forms (iii), not limited to [31], [34], and [41], but we can hashing and others. Generally, encryption is one of the widely-
see that the two forms (i) and (ii) outnumber than other forms used cryptography approach, where data is translated into secret
(iii). Nevertheless, it seems there is no problem in which form codes, where key(s) is needed to read the encrypted data via
data is more favorable to be stored in cloud storage servers, for decryption (reverse process of encryption). There are two main
those PoR schemes apply distributed servers’ setup. encryption techniques employed, (i) symmetric encryption that
uses the same key for both encryption and decryption process,
The forth attribute of the taxonomy is recovery. A and (ii) asymmetric encryption that uses different key for
common technique used for data recovery is by adding error encryption and decryption. Asymmetric encryption is stronger
correcting codes (ECC) such as cyclic redundancy check codes and more secure than symmetric encryption as it uses different
(CRC) and parity check codes. Usually, computing ECC keys for encryption and decryption, making brute-force cracking
consume less computation time and resources like storage and encrypted data a more difficult task. However, asymmetric
memory compared to other recovery techniques. Due to encryption consumed more time to compute compared to
simplicity and lower computation cost of ECC, we can see many symmetric encryption. As for application of encryption in PoR
PoR schemes are employing ECC, which including [17], [25], schemes, most of the work employed symmetric encryption
[31], [42], and [52]. However, ECC generally causes which include [17], [24], [26], [39], [40], [56], and [63]. For
considerably great increase in data size. For example, in parity another thing, although not as frequent as encryption, hashing is
check codes, each data bit has to be assigned a parity bit for error another cryptography approach used in PoR schemes. Generally,
checking. The second recovery technique is erasure coding. hashing is a one-way cryptographic function to transform data
Erasure coding is a type of coding by which data is split into into a shorter fixed-length value or key such as digital fingerprint
pieces, encoded with other data pieces, and stored across and checksum. Using a fine designed algorithm, reversing he
distributed storage servers. Not to mentioned, erasure coding hashing process to reveal the hashed data is nearly impossible.
contributes to lesser increase in data size, approximately 50% Examples of PoR schemes adopted hashing for the stored data
increase in data size, compared to ECC as well as replication. are [25], [31], [34], [35], and [52]. Meanwhile, there are some
Due to this minimal increase in data size, currently many PoR PoR schemes without adopting any cryptography approaches,
schemes are designed using erasure coding, for example [18], such as [33], [38], [41], and [55], most probably due to
[24], [32], [40], [55], and [63]. The third technique is network performance and efficiency concern.
coding (NC), which is widely used in data transmission, is
assimilated in PoR schemes [48], [57], and [64] due to its The seventh attribute of the taxonomy is
efficiency. The main idea of NC is conducting exclusive OR experimentation and analysis. For cloud storage integrity
(XOR) operation among data blocks to form a coded block. schemes like PoR schemes, there are a few methods can be used
Similar to erasure coding, NC only causes data to increase its for showing, proving and comparing the effectiveness and
size by around 50%. However, network coding is better than performances of the proposed schemes. As regards the
erasure coding in term of efficiency. This can be explain using a experimentation and analysis methods for PoR schemes,
data corruption scenario, where erasure coded data required the analytical solution, simulation, prototype, etc. are commonly
retrieval of full data before recovery can be applied. In NC coded used to show and compare performance of PoR schemes.
data on the other hand, only coded blocks which are constructed Analytical solution is method of showing the performance of
from the data blocks used to form the corrupted coded blocks are proposed or compared schemes, by giving a general description
needed for recovery. Other recovery techniques (such as about the performance of the schemes for any value of
dispersal coding and Slepian-Wolf coding) not limited to parameters [65]. As for simulation, it is also a method of showing
techniques mentioned are adopted in PoR schemes, for example the performance of proposed or compared schemes, but different
[54], [56], [60], and [61], while PoR schemes [27], [39], [51], with analytical solution in which simulation is a process of
and [53] have adopted more than one recovery techniques. imitation of the schemes in a real-world process over time with
specified parameters [66], [67]. Meanwhile, prototype is a
The fifth attribute of the taxonomy is storage auditing. preliminary product of a scheme designed to collect more
In PoR schemes, storage auditing is a method of verification to experimental or testing data before a better version of the
check either the cloud storage servers are properly storing clients’ schemes could be implemented [68]. Depending on many factors,
7
such as precision and accuracy of complexity analysis, is less relevant and lack of fairness in comparison. Hence,
compatibility and viability of simulation in real cloud performance comparison among the survey PoR schemes is not
environment, feasibility of prototype, judging which is the most conducted in this paper. Nevertheless, it is possible to look for
trustworthy proving and comparing method for PoR schemes is the trend of experimentation and analysis used in recent PoR
very difficult. Indeed, it is a very subjective question or topic to schemes. As for PoR schemes’ papers reviewed in this paper,
discuss. However, performance comparison among the surveyed obviously analytical and simulation approach are more or less
PoR schemes is less relevant and not very applicable, because similar in their use frequency, whereas prototype and other
the surveyed PoR schemes have different aspect of focus. Some methods are less likely to go favorable, not to mentioned how
PoR schemes are focusing on improving communication infrequent researchers shown their proposed PoR schemes’
(transmission) performance [26], whereas some are focusing on performances using more than one method.
error recovery computation performance [48]. Thus, comparing
the surveyed PoR schemes in term of computation performance

Table 1: Taxonomy of Recent PoR Schemes

Attributes Sub- References
Attributes
[17] A.Juels & B.S.Kaliski Jr., [18] H. Shacham & B. Waters, [26] J. Yuan & S. Yu,
[27] X. Song & H. Deng, [28] S. Sarkar & R. Safavi-Naini, [29] G. Yan et al., [30] J. Yuan & S. Yu,
[32] F. Armknecht et al., [33] T. P. Thao et al., [37] N. S. Chauhan & A. Saxena, [38] J. Zhang et al.,
Static [39] K. Omote et al., [42] A. Juels et al., [43] D. Liu & J. Zic, [44] Y. Shin et al., [45] B. Jianchao et al.,
[47] F. Rashid et al., [48] K. Omote et al., [50] M. H. Au et al., [51] K. Omote et al., [55] R. Du et al.,
Nature of
[57] T. P. Thao et al., [59] D. Vasilopoulos et al., [60] J. Lavauzelle & F. Levy-Dit-Vehel, [62] J. Li et
data
al., [63] B. Sengupta et al.
[24] E. Shi et al., [25] J. Li et al., [31] S. Rass, [34] M. I. Husain et al., [35] K. Huang et al., [40] D. Cash
et al., [41] M. Etemad & A. Küpçü, [46] M. S. Kiraz et al., [49] J. Li et al., [52] D. Tiwari & G. R.
Dynamic
Gangadharan, [53] Z. Ren et al., [54] N. Mishra et al., [56] Y. Wang et al., [58] J. Xu et al., [61] R.
Saxena & S. Dey, [64] K. Omote & T. P. Thao
[31] S. Rass, [37] N. S. Chauhan & A. Saxena, [40] D. Cash et al., [43] D. Liu & J. Zic, [44] Y. Shin et
Single server
al., [46] M. S. Kiraz et al., [47] F. Rashid et al., [58] J. Xu et al., [60] J. Lavauzelle & F. Levy-Dit-Vehel,
[17] A.Juels & B.S.Kaliski Jr., [18] H. Shacham & B. Waters, [24] E. Shi et al., [25] J. Li et al., [26] J.
Yuan & S. Yu, [27] X. Song & H. Deng, [28] S. Sarkar & R. Safavi-Naini, [29] G. Yan et al., [30] J.
Yuan & S. Yu, [32] F. Armknecht et al., [33] T. P. Thao et al., [35] K. Huang et al., [36] A. Miller et al.,
Cloud
[38] J. Zhang et al., [39] K. Omote et al.
storage Distributed
[41] M. Etemad & A. Küpçü, [42] A. Juels et al., [45] B. Jianchao et al., [48] K. Omote et al., [49] J. Li
server servers
et al., [50] M. H. Au et al., [51] K. Omote et al., [52] D. Tiwari & G. R. Gangadharan, [53] Z. Ren et al.,
setup
[54] N. Mishra et al., [55] R. Du et al., [56] Y. Wang et al., [57] T. P. Thao et al., [59] D. Vasilopoulos
et al., [61] R. Saxena & S. Dey
[62] J. Li et al., [63] B. Sengupta et al., [64] K. Omote & T. P. Thao
Either setup [34] M. I. Husain et al.
methods
PoR
[17] A.Juels &.S.Kaliski Jr., [24] E. Shi et al.
Schemes Coded
[25] J. Li et al., [26] J. Yuan & S. Yu, [33] T. P. Thao et al., [40] D. Cash et al., [45] B. Jianchao et al.,
blocks and
[48] K. Omote et al., [49] J. Li et al., [51] K. Omote et al., [53] Z. Ren et al., [55] R. Du et al., [58] J. Xu
metadata /
et al.
tags
[60] J. Lavauzelle & F. Levy-Dit-Vehel, [64] K. Omote & T. P. Thao
[18] H. Shacham & B. Waters, [27] X. Song & H. Deng, [28] S. Sarkar & R. Safavi-Naini, [29] G. Yan
Form of
et al., [30] J. Yuan & S. Yu, [32] F. Armknecht et al., [35] K. Huang et al., [36] A. Miller et al., [37] N.
data stored Data and
S. Chauhan & A. Saxena, [38] J. Zhang et al.
signature /
[39] K. Omote et al., [42] A. Juels et al., [43] D. Liu & J. Zic, [44] Y. Shin et al., [46] M. S. Kiraz et al.,
tags
[47] F. Rashid et al., [50] M. H. Au et al., [52] D. Tiwari & G. R. Gangadharan, [54] N. Mishra et al.,
[56] Y. Wang et al., [57] T. P. Thao et al., [61] R. Saxena & S. Dey, [62] J. Li et al.
[31] S. Rass, [34] M. I. Husain et al., [41] M. Etemad & A. Küpçü, [59] D. Vasilopoulos et al., [63] B.
Others
Sengupta et al.
Error [17] A.Juels & B.S.Kaliski Jr., [25] J. Li et al., [31] S. Rass, [34] M. I. Husain et al., [37] N. S. Chauhan
correcting & A. Saxena, [42] A. Juels et al., [47] F. Rashid et al., [52] D. Tiwari & G. R. Gangadharan, [59] D.
codes (ECC) Vasilopoulos et al., [62] J. Li et al.
[18] H. Shacham & B. Waters, [24] E. Shi et al., [26] J. Yuan & S. Yu, [29] G. Yan et al.
Erasure [30] J. Yuan & S. Yu, [32] F. Armknecht et al., [36] A. Miller et al., [38] J. Zhang et al.
coding [40] D. Cash et al., [41] M. Etemad & A. Küpçü, [44] Y. Shin et al., [49] J. Li et al.
[50] M. H. Au et al., [55] R. Du et al., [58] J. Xu et al., [63] B. Sengupta et al.
Recovery
Network [48] K. Omote et al., [57] T. P. Thao et al., [64] K. Omote & T. P. Thao
coding (NC)
[28] S. Sarkar & R. Safavi-Naini, [33] T. P. Thao et al., [35] K. Huang et al., [43] D. Liu & J. Zic, [45]
Others B. Jianchao et al., [46] M. S. Kiraz et al., [54] N. Mishra et al., [56] Y. Wang et al, [60] J. Lavauzelle &
F. Levy-Dit-Vehel, [61] R. Saxena & S. Dey
More than [27] X. Song & H. Deng, [39] K. Omote et al., [51] K. Omote et al., [53] Z. Ren et al.
one
8
 technique
[24] E. Shi et al., [25] J. Li et al., [26] J. Yuan & S. Yu, [27] X. Song & H. Deng, [28] S. Sarkar & R.
Safavi-Naini, [29] G. Yan et al., [30] J. Yuan & S. Yu, [32] F. Armknecht et al., [34] M. I. Husain et al.,
Public [44] Y. Shin et al., [46] M. S. Kiraz et al., [48] K. Omote et al., [49] J. Li et al., [50] M. H. Au et al., [52]
D. Tiwari & G. R. Gangadharan, [53] Z. Ren et al., [54] N. Mishra et al., [56] Y. Wang et al., [57] T. P.
Thao et al., [61] R. Saxena & S. Dey
Storage [17] A.Juels & B.S.Kaliski Jr., [31] S. Rass, [33] T. P. Thao et al., [36] A. Miller et al., [37] N. S. Chauhan
auditing & A. Saxena, [39] K. Omote et al., [40] D. Cash et al., [41] M. Etemad & A. Küpçü, [42] A. Juels et al.,
Private [43] D. Liu & J. Zic, [45] B. Jianchao et al, [47] F. Rashid et al., [51] K. Omote et al., [55] R. Du et al.,
[58] J. Xu et al., [59] D. Vasilopoulos et al., [60] J. Lavauzelle & F. Levy-Dit-Vehel, [62] J. Li et al.,
[63] B. Sengupta et al., [64] K. Omote & T. P. Thao
Both [18] H. Shacham & B. Waters, [35] K. Huang et al., [38] J. Zhang et al.
methods
Asymmetric [18] H. Shacham & B. Waters, [32] F. Armknecht et al., [36] A. Miller et al.
encryption [46] M. S. Kiraz et al., [50] M. H. Au et al., [53] Z. Ren et al., [64] K. Omote & T. P. Thao
[17] A.Juels & B.S.Kaliski Jr., [24] E. Shi et al., [26] J. Yuan & S. Yu, [28] S. Sarkar & R. Safavi-Naini,
[29] G. Yan et al., [30] J. Yuan & S. Yu, [37] N. S. Chauhan & A. Saxena, [39] K. Omote et al., 40] D.
Symmetric Cash et al., [42] A. Juels et al., [43] D. Liu & J. Zic, [45] B. Jianchao et al., [47] F. Rashid et al., [48] K.
encryption Omote et al., [51] K. Omote et al., [54] N. Mishra et al., [56] Y. Wang et al., [58] J. Xu et al., [59] D.
Cryptograp
Vasilopoulos et al., [60] J. Lavauzelle & F. Levy-Dit-Vehel, [61] R. Saxena & S. Dey, [62] J. Li et al.,
hy
[63] B. Sengupta et al.
Others [25] J. Li et al., [27] X. Song & H. Deng
(Hashing, [31] S. Rass, [34] M. I. Husain et al., [35] K. Huang et al., [49] J. Li et al., [52] D. Tiwari & G. R.
etc.) Gangadharan
[33] T. P. Thao et al., [38] J. Zhang et al., [41] M. Etemad & A. Küpçü, [44] Y. Shin et al., [55] R. Du et
None
al., [57] T. P. Thao et al.
[17] A.Juels & B.S.Kaliski Jr., [18] H. Shacham & B. Waters, [25] J. Li et al., [26] J. Yuan & S. Yu, [28]
S. Sarkar & R. Safavi-Naini, [31] S. Rass, [37] N. S. Chauhan & A. Saxena, [39] K. Omote et al., [40]
Analytical D. Cash et al., [41] M. Etemad & A. Küpçü, [44] Y. Shin et al., [45] B. Jianchao et al., [46] M. S. Kiraz
et al., [50] M. H. Au et al., [51] K. Omote et al., [56] Y. Wang et al., [58] J. Xu et al., [59] D. Vasilopoulos
et al., [64] K. Omote & T. P. Thao
Experiment [24] E. Shi et al., [30] J. Yuan & S. Yu, [33] T. P. Thao et al., [34] M. I. Husain et al., [35] K. Huang et
ation and al., [36] A. Miller et al., [38] J. Zhang et al., [42] A. Juels et al., [47] F. Rashid et al., [48] K. Omote et
Simulation
analysis al., [52] D. Tiwari & G. R. Gangadharan, [53] Z. Ren et al., [55] R. Du et al., [57] T. P. Thao et al., [60]
J. Lavauzelle & F. Levy-Dit-Vehel, [61] R. Saxena & S. Dey, [62] J. Li et al., [63] B. Sengupta et al.
Prototype [32] F. Armknecht et al., [43] D. Liu & J. Zic, [54] N. Mishra et al.
Others [49] J. Li et al.
More than [27] X. Song & H. Deng, [29] G. Yan et al.
one method

In summary, all PoR schemes are composing of all the help data auditing). For cryptography, it is a give and take or
seven attributes of the taxonomy discussed. From the taxonomy, trade-off between efficiency and security, but our review had
we discovered that the construction of PoR is moving towards shown most PoR schemes do provide a minimum of security
to dynamic data nature, as dynamic PoR suits not only dynamic with symmetric encryption. Lastly, it is easier for other
data, but also compatible with static data which requires no researchers to do comparison between theirs and those reviewed
update. On the other hand, distributed servers’ setup is more if analytical method is used for experimentation and analysis
prominent due to data corruption resiliency and backup towards efficiency of PoR schemes.
compared to single server’s setup. Meanwhile, all form of data
stored seems work well in PoR schemes which employed 5. FUTURE TRENDS OF POR SCHEMES AND
distributed servers’ setting, but coded blocks and metadata or CLOUD STORAGE
tags form seems to be more secure, as data is not stored exactly
the same form (for example, data such as 1100 is coded and 5.1 FUTURE TRENDS OF POR SCHEMES
stored as 1111) requires malicious adversary to work harder to
retrieve the data. In term of recovery, although erasure coding is New issues and challenges are emerging associated with the
still leading the trend, but in future, network coding might be a emergence of new technologies. Hence it is important to keep up
good choice for PoR construction, as its resource and the pace with evolution of information technologies.
computation efficiency in data recovery process compared to
erasure coding. For storage auditing, it is very difficult to tell Corresponding to several issues of PoR schemes
which is more prominent, but it would be better if both public identified in Section 3, there are research gaps left for future
and private auditing are made selectable in a PoR scheme to works need to be conducted to address those issues. Firstly, geo-
fulfill the wide variety needs of different users worldwide (some location of outsourced data, which is the actual location of
users concerns privacy, whereas some busy users need TPA to servers where the data is stored [69]. For example, Dropbox
cloud storage are hosted in data centers across the United States.
9
As mentioned in previous section, some authorities may have Finally, work on lightweight dynamic data auditing for
access to the data hosted in their countries with the use of law resource constraint devices such as mobile phones [19] need to
enforcement. Therefore, it is important for CSP to provide data be conducted. Generally, dynamic operation such as edit, delete,
clients information about where the outsourced data is stored. At and insert operation on online stored data is considerably
the same time, there is a need to ensure stored data is not resource extensive and timely [19], not to mentioned mobile
migrated to data center hosted in other region or even re- devices like smart phones, but even for laptops as well. Looking
outsourcing to other cheaper storage vendor [69] without from users’ perspective, for editing documents on Google Docs
providing notice to data client or agreement from data client. In using laptops, lagging is always a critic point. It shows a clear
future PoR schemes, geo-location of stored data should be picture where dynamic operation is very resource extensive, and
considered one of the integrity factor to be checked during data hence the case is applied in mobile device even worse situation.
auditing challenges. Therefore, it is crucial to involve efficient algorithm in PoR
schemes for dynamic updates, hence benefiting mobile device
Secondly, assured deletion [69] should be considered in users by affording lightweight mobile PoR schemes with
future PoR schemes as well. Assured deletion of data means dynamic operations enabled.
upon delete action done by data client, no roll-back can be done
and the data is deleted entirely without any backup copies 5.2 FUTURE TRENDS OF CLOUD STORAGE
remain in cloud servers. The assured deletion mentioned should
include permanent deletion of targeted data, at the same time With the emergence of Software Defined Networking (SDN), a
other versions of data that shares common data should be remain network protocol that allows centralized control of network
unaffected. This means that after permanent deletion operation applications and devices [89], cloud services can be made more
is performed on the targeted version of data, it should be made efficient by adopting SDN [90]. One of the benefits of
not only permanently inaccessible, but also permanently integrating cloud services with SDN is cross-storage in various
unrecovered after a period of agreed deletion unroll time, in geo-located servers [88]. The general concept of cross-storage is
order to ensure data integrity. It is important to prevent malicious applying software-defined storage [91], frankly speaking data
CSP from secretly keeping a copy of deleted data for some center plus SDN. As regards to the nature of centralizing in SDN
reasons without agreement from data client. concept to applied in storage services, storage managing can be
made increased efficiency and reduced complexity. Stick to the
Thirdly, deduplication [69] as mentioned in previous point of cross-storage, there are few examples including multi-
section as well, should be included in future PoR schemes, but clouds, hybrid clouds, meta-clouds and clouds federations
the idea here is slightly different from [69]. The main idea here provided in [87]. As regard to this, many CSP titans like
is to integrate PoR scheme with PoW schemes. In order to ensure Microsoft [90] and IBM [92] are working on cross-cloud, hence
only legitimate data clients are able to fully retrieve the indicates the future direction of cloud storage.
outsourced data without the risk of data lost and data leakage
due to eavesdropping, PoR scheme needs to properly integrate Next, machine learning and artificial intelligence (AI)
with PoW scheme which employed deduplication. As mentioned will be the future trend of cloud storage [94] [95]. Although
in previous section, there are some works done by researchers thorough application of machine learning and AI, especially on
for PoR schemes that allow deduplication [30], [44], [47], [59], cloud storage still at the stage of infancy, but the works have
but computation and storage efficiency is still left a problem. In shown some preliminary results. One of the example is Google’s
short, PoR and PoW are mutually contradict in nature, thus AlphaGo, an AI for a board game called Go, developed using
future work is still needed to efficiently integrated PoR with deep learning and other techniques [93]. Besides, systems like
PoW schemes. Cortana from Microsoft and Siri from Apple are also products
from researches in the field of machine learning and AI. From
Another future work of PoR schemes is efficient and the rise of machine learning and AI, the way of storing and
low resource cost in term of storage and memory usage for managing big data in cloud may change in near future, and thus
client-side encryption [85]. This has been mentioned in Section the future trend of cloud storage. For example, deep learning can
2 that it is still a risk to have an untrusted storage provider to be integrated in dynamic storage system for gaining more
encrypt outsourced data and at the same time keeping the storage capacity at a lower cost. Enhanced security and
cryptographic keys. If malicious cloud servers intend to extract reliability of cloud storage can be expected by employing AI and
stored data secretly, with the keys hold in hand, information can machine learning to prevent data loss and smart security features
be easily decrypted and extracted out the stored data without to detect data loss during transit in hybrid storage clouds or
anyone notice. If this happens, data confidentially is loss, as within cloud [100].
there is no more privacy. This shows the importance of enabling
client-side encryption for not letting CSP to hold the keys, but Besides, cloud-to-cloud backup will become the norm
the main problem associated with this is computational and in near future [96]. Cloud-to-cloud backup is a process where
resources efficiency. There is no assurance that client device is data stored in a cloud is backup by copying it to another cloud
very high end and with unlimited resources (storage and memory) [97]. Even with many recovery technologies invented, but the
that allow heavy computation of encryption at client-side. Hence, stored data is still exposed to the risk of data loss due to hardware
this left a future work for PoR schemes to allow efficient and failure. Imagine if only a copy of data is stored in the data center
low-cost resource consumption, so that even a resource- without backup, when the data center is struck by disaster such
constraint device of client can afford client-side encryption in as fire or flood, the stored data will never be recovered as storage
PoR schemes. hardware is destroyed. Nevertheless, as cloud-to-cloud backup
which creates more duplicates that is contradict with

10
deduplication technologies including PoW, further research is malicious users to gain benefits, for example patent stealing or
needed to allow a secured cloud-to-cloud backup. credential information leaking. Encryption could be the choice
for data privacy protection. Nevertheless, efficiency of intrusion
Last but not least, cloud security will be considerably detection systems for guarding a large-scale system like cloud
improved in the future [95]. As the emergence as many new storage and cloud services have to be greatly improved for
technologies to integrate with cloud, the openness nature of security concern. One way to do this is to adapt AI and machine
cloud which should be the benefits but also become threats to its learning [100] in the field of cloud security for better intrusion
users. In general, anything that is open is insecure as anyone also detection and prevention. Real-time encryption technology [86]
have access to it, including malicious users like hackers. By and real-time efficient defensive system can be the solutions for
integrating other new technologies into cloud, more cloud cloud based malicious threats in the future. Figure 4 below
services can be delivered to cloud users, but weakness or summarizes about the future work of PoR schemes and future
security holes of those technologies may be taken advantage by trends of cloud storage.

Geo-location information Future Trends

Software-Defined Storage
Assured deletion

Cloud security
Efficient dynamic PoR
with deduplication
Client-side encryption PoR Schemes Cloud Storage Cloud-to-cloud backup

Lightweight dynamic PoR

schemes for resource- Machine learning and
constraint devices AI for cloud storage

Figure 4: Summary of Future Work of PoR Schemes and Future Trends of Cloud Storage

6. CONCLUSION [6] B. Nedelcu, S. Madalina-Elena, T. Ioan-Florentin, T.

Smaranda-Elena, and V. Alin, “Cloud Computing and its
In conclusion, cloud storage has been introduced to lessen the Challenges and Benefits in the Bank System,” Database
burden of local storage including management and maintenance Syst. J., vol. VI, no. 1, pp. 44–58, 2015.
cost, but the existence of cloud storage itself required specific [7] R. Ko, S. Lee, and V. Rajan, “Cloud Computing
concern about integrity of outsourced data. Regrading to this, Vulnerability Incidents: A Statistical Overview,” Cloud
many data integrity schemes especially PoR schemes, have been Secur. Alliance, p. 21, 2013.
proposed by researchers, to ensure data availability and data [8] ISACA, “Isaca,” Glossary, pp. 1–103, 2015.
integrity. This paper presents the survey on state-of-the-art of [9] S. Halevi, D. Harnik, B. Pinkas, and A. Shulman-Peleg,
PoR schemes, published in 2013-2016. the issues of applying “Proofs of Ownership in Remote Storage Systems,” Proc.
PoR has also been identified. Some possible future work to 18th ACM Conf. Comput. Commun. Secur., pp. 491–500,
address the identified issues are also presented. In addition, 2011.
current cloud storage issues and vulnerabilities together with [10] C. M. Yu, C. Y. Chen, and H. C. Chao, “Proof of ownership
countermeasures are also discussed. in deduplicated cloud storage with mobile device
efficiency,” IEEE Netw., vol. 29, no. 2, pp. 51–55, 2015.
REFERENCES [11] J. Hur, D. Koo, Y. Shin, and K. Kang, “Secure Data
Deduplication with Dynamic Ownership Management in
Cloud Storage,” IEEE Trans. Knowl. Data Eng., vol. 28,
[1] P. Mell and T. Grance, “The NIST definition of cloud
no. 11, pp. 3113–3125, 2016.
computing,” NIST Spec. Publ., vol. 145, p. 7, 2011.
[2] J. Srinivas, K. Reddy, and A. Qyser, “Cloud Computing [12] L. González-Manzano and A. Orfila, “An efficient
Basics,” Build. Infrastruct. Cloud Secur., vol. 1, pp. 3–22, confidentiality-preserving Proof of Ownership for
2014. deduplication,” J. Netw. Comput. Appl., vol. 50, pp. 49–59,
2015.
[3] "Public cloud infrastructure spending worldwide 2015-
[13] G. Ateniese, R. Burns, and J. Herring, “Provable Data
2026 | Statistic", Statista, 2017. [Online]. Available:
Possession at Untrusted Stores,” Proc. 14th …, no. 1, pp.
https://www.statista.com/statistics/507952/worldwide- 598–610, 2007.
public-cloud-infrastructure-hardware-and-software- [14] R. Mukundan, S. Madria, and M. Linderman, “Efficient
spending-by-segment/. [Accessed: 15- Nov- 2016]. integrity verification of replicated data in cloud using
[4] I. Baciu, “Advantages and disadvantages of cloud homomorphic encryption,” Distrib. Parallel Databases,
computing services, from the employee’s point of view,” vol. 32, no. 4, pp. 507–534, 2014.
no. 13, pp. 95–101, 2015. [15] C. Lin, Z. Shen, Q. Chen, and F. T. Sheldon, “A Data
[5] Quest Technology Management for Business, “The Integrity Verification Scheme in Mobile Cloud Computing,”
Benefits and Challenges of Cloud Computing,” vol. 32, no. J. Netw. Comput. Appl., vol. 77, pp. 146–151, 2017.
7, p. 2015, 2015. [16] Y. Wang, Q. Wu, B. Qin, S. Tang, W. Susilo, and S.
11
 Member, “Online / Offline Provable Data Possession,” Proc. 2014 ACM SIGSAC Conf. Comput. Commun. Secur.,
IEEE Trans. Inf. Forensics Secur., vol. 12, no. 5, pp. 1182– pp. 831–843, 2014.
1194, 2017. [33] T. P. Thao, L. C. Kho, and A. O. Lim, “SW-POR: A Novel
[17] A. Juels and B. S. Kaliski Jr., “Pors: Proofs of retrievability
POR Scheme Using Slepian-Wolf Coding for Cloud
for large files,” Proc. ACM Conf. Comput. Commun. Secur.,
pp. 584–597, 2007. Storage,” 2014 IEEE 11th Intl Conf Ubiquitous Intell.
[18] H. Shacham and B. Waters, “Compact proofs of Comput. 2014 IEEE 11th Intl Conf Auton. Trust. Comput.
retrievability,” J. Cryptol., vol. 26, no. 3, pp. 442–483, 2014 IEEE 14th Intl Conf Scalable Comput. Commun. Its
2008. Assoc. Work., pp. 464–472, 2014.
[19] M. Sookhak, H. Talebian, E. Ahmed, A. Gani, and M. K. [34] M. I. Husain, S. Y. Ko, S. Uurtamo, A. Rudra, and R.
Khan, “A review on remote data auditing in single cloud Sridhar, “Bidirectional data verification for cloud storage,”
server: Taxonomy and open issues,” J. Netw. Comput.
J. Netw. Comput. Appl., vol. 45, pp. 96–107, 2014.
Appl., vol. 43, pp. 121–141, 2014.
[20] S. G. Worku, T. Zhong, and Z. G. Qin, “Survey on cloud [35] K. Huang, J. Liu, M. Xian, H. Wang, and S. Fu, “Enabling
data integrity proof techniques,” Proc. 2012 7th Asia Jt. dynamic proof of retrievability in regenerating-coding-
Conf. Inf. Secur. AsiaJCIS 2012, pp. 85–91, 2012. based cloud storage,” 2014 IEEE Int. Conf. Commun. Work.
[21] A. Singh and K. Chatterjee, “Cloud security issues and ICC 2014, pp. 712–717, 2014.
challenges: a survey Cloud security issues and challenges: [36] A. Miller, A. Juels, E. Shi, B. Parno, and J. Katz,
a survey,” J. Netw. Comput. Appl., vol. 79, no. November “Permacoin: Repurposing bitcoin work for data
2016, pp. 88–115, 2016.
preservation,” Proc. - IEEE Symp. Secur. Priv., pp. 475–
[22] A. M. Jadhav and D. P. Gadekar, “A Survey on Proof of
Retrievability and its Techniques,” Int. J. Eng. Tech., vol. 490, 2014.
4, no. Iii, pp. 269–272, 2016. [37] N. S. Chauhan and A. Saxena, “A robust scheme on proof
[23] M. T. Student, “A Survey on Public Auditing With a Proof of data retrievability in cloud,” Proc. 2014 Int. Conf. Adv.
of Retrievability in Secure Cloud Storage,” Int. J. Mag. Comput. Commun. Informatics, ICACCI 2014, pp. 665–
Eng. Technol. Manag. Res., vol. 2, no. March, pp. 118–125, 671, 2014.
2015.
[38] J. Zhang, W. Tang, and J. Mao, “Efficient public
[24] E. Shi, E. Stefanov, and C. Papamanthou, “Practical
verification proof of retrievability scheme in cloud,”
Dynamic Proofs of Retrievability,” CCS ’13 Proc. 2013
Cluster Comput., vol. 17, no. 4, pp. 1401–1411, 2014.
ACM SIGSAC Conf. Comput. Commun. Secur., pp. 325–
[39] K. Omote and T. P. Thao, “A New Efficient and Secure
336, 2013.
POR Scheme Based on Network Coding,” 2014 IEEE 28th
[25] J. Li, X. Tan, X. Chen, and D. S. Wong, “An efficient proof
Int. Conf. Adv. Inf. Netw. Appl., 2014.
of retrievability with public auditing in cloud computing,”
[40] D. Cash, A. Küpçü, and D. Wichs, Dynamic Proofs of
Proc. - 5th Int. Conf. Intell. Netw. Collab. Syst. INCoS
Retrievability via Oblivious RAM. Journal of Cryptology,
2013, pp. 93–98, 2013.
2015.
[26] J. Yuan and S. Yu, “Proofs of retrievability with public
[41] M. Etemad and A. Küpçü, “Generic Efficient Dynamic
verifiability and constant communication cost in cloud,”
Proofs of Retrievability,” Cryptol. ePrint Arch., pp. 85–96,
Cloud Comput. ’13 Proc. 2013 Int. Work. Secur. cloud
2015.
Comput., pp. 19–26, 2013.
[42] A. Juels, J. Kelley, R. Tamassia, and N. Triandopoulos,
[27] X. Song and H. Deng, “Lightweight proofs of retrievability
“Falcon Codes: Fast, Authenticated LT Codes (Or :
for electronic evidence in cloud,” Inf., vol. 4, no. 3, pp.
Making Rapid Tornadoes Unstoppable),” Ccs ’15, pp.
262–282, 2013.
1032–1047, 2015.
[28] S. Sarkar and R. Safavi-Naini, “Proofs of retrievability via
[43] D. Liu and J. Zic, “Proofs of encrypted data retrievability
fountain code,” Lect. Notes Comput. Sci. (including Subser.
with probabilistic and homomorphic message
Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol.
authenticators,” Proc. - 14th IEEE Int. Conf. Trust. Secur.
7743 LNCS, pp. 18–32, 2013.
Priv. Comput. Commun. Trust. 2015, vol. 1, pp. 897–904,
[29] G. Yan, Y. F. Zhu, C. X. Gu, Y. H. Zheng, and J. L. Fei,
2015.
“An efficient proof of retrievability scheme for fully
[44] Y. Shin, D. Koo, J. Hur, and J. Yun, “Secure proof of
homomorphic encrypted data,” J. Networks, vol. 8, no. 2,
storage with deduplication for cloud storage systems,”
pp. 339–344, 2013.
Multimed. Tools Appl., 2015.
[30] J. Yuan and S. Yu, “Secure and constant cost public cloud
[45] B. Jianchao, L. Huixia, L. Shoushan, Z. Yaxing, and L.
storage auditing with deduplication,” 2013 IEEE Conf.
Wei, “Proof of retrievability based on LDPC codes,” J.
Commun. Netw. Secur. CNS 2013, pp. 145–153, 2013.
China Univ. Posts Telecommun., vol. 22, no. 4, pp. 17–25,
[31] S. Rass, “Dynamic Proofs of Retrievability from
2015.
Chameleon-Hashes,” Secur. Cryptogr. (SECRYPT), 2013
[46] M. S. Kiraz, I. Sertkaya, and O. Uzunkol, “An efficient ID-
Int. Conf., 2013.
based message recoverable privacy-preserving auditing
[32] F. Armknecht, J.-M. Bohli, G. O. Karame, Z. Liu, and C.
A. Reuter, “Outsourced Proofs of Retrievability,” CCS ’14
12
 scheme,” 2015 13th Annu. Conf. Privacy, Secur. Trust. [61] R. Saxena and S. Dey, “Cloud Audit: A Data Integrity
PST 2015, pp. 117–124, 2015. Verification Approach for Cloud Computing,” Procedia
[47] F. Rashid, A. Miri, and I. Woungang, “Proof of Storage for Comput. Sci., vol. 89, pp. 142–151, 2016.
Video Deduplication in the Cloud,” Proc. - 2015 IEEE Int. [62] J. Li, J. Li, D. Xie, and Z. Cai, “Secure Auditing and
Congr. Big Data, BigData Congr. 2015, pp. 499–505, Deduplicating Data in Cloud,” IEEE Trans. Comput., vol.
2015. 65, no. 8, pp. 2386–2396, 2016.
[48] K. Omote and T. P. Thao, “MD-POR: Multisource and [63] B. Sengupta, S. Bag, S. Ruj, and K. Sakurai, “Retricoin:
Direct Repair for Network Coding-Based Proof of Bitcoin Based on Compact Proofs of Retrievability,” Proc.
Retrievability.,” Int. J. Distrib. Sens. Networks, vol. 2015, 17th Int. Conf. Distrib. Comput. Netw., p. 14:1--14:10,
pp. 1–14, 2015. 2016.
[49] J. Li, X. Tan, X. Chen, D. S. Wong, and F. Xhafa, “OPoR: [64] K. Omote and T. P. Thao, “D2-POR : Direct Repair and
Enabling proof of retrievability in cloud computing with Dynamic Operations in Network Coding-Based Proof of
resource-constrained devices,” IEEE Trans. Cloud Retrievability,” IEICE Trans. Inf. Syst., no. 4, pp. 816–829,
Comput., vol. 3, no. 2, pp. 195–205, 2015. 2016.
[50] M. H. Au, Y. Mu, and H. Cui, “Proof of retrievability with [65] P. Impact, T. Changes, W. Paper, and R. S. Company,
public verifiability resilient against related-key attacks,” “Simulation versus Analytic Modeling in Large
IET Inf. Secur., vol. 9, no. 1, pp. 43–49, 2015. Computing Environments.”
[66] S. Sahin, “Computer simulations in science education:
[51] K. Omote and P. T. Tran, “ND-POR: A POR based on
Implications for distance education,” Turkish Online J.
network coding and dispersal coding,” IEICE Trans. Inf. Distance Educ., vol. 7, no. 4, pp. 132–146, 2006.
Syst., vol. E98D, no. 8, pp. 1465–1476, 2015. [67] A. Maria, “Introduction to modelling and simulation,”
[52] D. Tiwari and G. R. Gangadharan, “A novel secure cloud Winter Simul. Conf., pp. 7–13, 1997.
storage architecture combining proof of retrievability and [68] E. J. Christie et al., “Prototyping Strategies: Literature
revocation,” 2015 Int. Conf. Adv. Comput. Commun. Review and Identification of Critical Variables,” Am. Soc.
Informatics, ICACCI 2015, pp. 438–445, 2015. Eng. Educ. pp. 01154-22. 2012., pp. 1154–1122, 2012.
[69] F. Zafar et al., “A survey of cloud computing data integrity
[53] Z. Ren, L. Wang, Q. Wang, and M. Xu, “Dynamic proofs
schemes: Design challenges, taxonomy and future trends,”
of retrievability for coded cloud storage systems,” IEEE Comput. Secur., vol. 65, 2017.
Trans. Serv. Comput., vol. PP, no. 99, pp. 1–13, 2015. [70] D. Sullivan, "Top Ten Major Risks Associated With Cloud
[54] N. Mishra, R. Bhardwaj, and R. Kumar, “Data traceability Storage", Cloudwards, 2017. [Online]. Available:
in cloud environment,” Int. Conf. Comput. Commun. https://www.cloudwards.net/top-ten-major-risks-
Autom. ICCCA 2015, pp. 674–677, 2015. associated-with-cloud-storage/. [Accessed: 05- Apr- 2017].
[55] R. Du, L. Deng, J. Chen, K. He, and M. Zheng, “Proofs of [71] "Amazon Simple Storage Service (S3) — Cloud Storage
— AWS", Amazon Web Services, Inc., 2017. [Online].
ownership and retrievability in cloud storage,” Proc. -
Available: https://aws.amazon.com/s3/faqs/. [Accessed:
2014 IEEE 13th Int. Conf. Trust. Secur. Priv. Comput. 06- Apr- 2017].
Commun. Trust. 2014, pp. 328–335, 2015. [72] "How secure are Dropbox, Microsoft OneDrive, Google
[56] Y. Wang, Q. Wu, B. Qin, X. Chen, X. Huang, and Y. Zhou, Drive and Apple iCloud cloud storage services?", Alphr,
“Group-oriented Proofs of Storage,” Asiaccs, no. 1, pp. 73– 2017. [Online]. Available:
84, 2015. http://www.alphr.com/apple/1000326/how-secure-are-
dropbox-microsoft-onedrive-google-drive-and-apple-
[57] T. P. Thao and K. Omote, “ELAR: Extremely Lightweight
icloud-cloud-storage. [Accessed: 06- Apr- 2017].
Auditing and Repairing for Cloud Security,” ACM Int. [73] "Dropbox Encryption vs. Google Drive Encryption", Virtru,
Conf. Proceeding Ser., vol. 5, pp. 40–51, 2016. 2017. [Online]. Available:
[58] J. Xu, F. Zhou, Z. Jiang, and R. Xue, “Dynamic proofs of https://www.virtru.com/blog/dropbox-encryption/.
retrievability with square-root oblivious RAM,” J. Ambient [Accessed: 06- Apr- 2017].
Intell. Humaniz. Comput., vol. 7, no. 5, pp. 611–621, 2016. [74] "OneDrive Security: An Overview", Sookasa, 2017.
[59] D. Vasilopoulos, S. Antipolis, M. Önen, S. Antipolis, S. [Online]. Available:
https://www.sookasa.com/resources/onedrive-security/.
Antipolis, and S. Antipolis, “Message-Locked Proofs of
[Accessed: 06- Apr- 2017].
Retrievability with Secure Deduplication,” CCSW 2016 - [75] "Security Architecture - Security - Trust guide - Dropbox
Proc. 2016 ACM Cloud Comput. Secur. Work., pp. 73–83, Business", Dropbox, 2017. [Online]. Available:
2016. https://www.dropbox.com/business/trust/security/architect
[60] J. Lavauzelle and F. Levy-Dit-Vehel, “New proofs of ure. [Accessed: 06- Apr- 2017].
retrievability using locally decodable codes,” IEEE Int. [76] "Security - Google Cloud Help", Support.google.com,
Symp. Inf. Theory - Proc., vol. 2016–Augus, pp. 1809– 2017. [Online]. Available:
https://support.google.com/work/answer/6056693?hl=en.
1813, 2016.
[Accessed: 06- Apr- 2017].
[77] "Microsoft Trust Center | Encryption", Microsoft.com,
2017. [Online]. Available: https://www.microsoft.com/en-

13
 us/trustcenter/security/encryption. [Accessed: 06- Apr- [94] D. Basile, "5 huge trends in big data and storage", The Next
2017]. Web, 2017. [Online]. Available:
[78] "What is USA Patriot Act? - Definition from WhatIs.com", https://thenextweb.com/insider/2016/04/01/5-big-data-
SearchDataManagement, 2017. [Online]. Available: storage-trends-watch/#.tnw_FA3yw6Rq. [Accessed: 08-
http://searchdatamanagement.techtarget.com/definition/Pa Apr- 2017].
triot-Act. [Accessed: 06- Apr- 2017]. [95] P. Dholakiya, "Five key cloud trends to look forward to in
[79] J. Gilbert, "USA Patriot Act Effect on Cloud Computing 2017: Containers, AI, and more", Cloud Tech News, 2017.
Services", ITLG, 2017. [Online]. Available: [Online]. Available: https://www.cloudcomputing-
https://www.itlawgroup.com/resources/articles/113-usa- news.net/news/2017/feb/03/five-key-cloud-trends-look-
patriot-act-effect-on-cloud-computing-services. [Accessed: forward-2017-containers-ai-and-more/. [Accessed: 08-
06- Apr- 2017]. Apr- 2017].
[80] M. Mozart, "Human Error Caused Microsoft Azure Outage [96] D. Raffo, "Hot data storage technology trends for 2017",
- Cloudwards", Cloudwards, 2017. [Online]. Available: SearchStorage, 2017. [Online]. Available:
https://www.cloudwards.net/news/human-error-caused- http://searchstorage.techtarget.com/feature/Hot-data-
microsoft-azure-outage-5776/. [Accessed: 06- Apr- 2017]. storage-technology-trends-for-2017. [Accessed: 08- Apr-
[81] M. Balneario and Bjelleklang, "Time to Get Real: 2017].
Amazon's AWS is Terrifying", Cloudwards, 2017. [Online]. [97] "What is cloud-to-cloud backup? - Definition from
Available: https://www.cloudwards.net/time-to-get-real- WhatIs.com", WhatIs.com, 2017. [Online]. Available:
amazons-aws-is-terrifying/. [Accessed: 06- Apr- 2017]. http://whatis.techtarget.com/definition/cloud-to-cloud-
[82] "Dropbox Explains Reason Behind 2014 Outage", backup. [Accessed: 08- Apr- 2017].
Cloudwards, 2017. [Online]. Available: [98] I. Orton, A. Alva, and B. Endicott-Popovsky, Legal Process
https://www.cloudwards.net/news/dropbox-explains- and Requirements for Cloud Forensic Investigations. 2013.
reason-behind-2014-outage-2534/. [Accessed: 06- Apr- [99] K. Thomas, “Microsoft Cloud Data Breach Heralds Things
2017]. to Come,” PCWorld, 2010. [Online]. Available:
[83] J. M, C. A, and K. S, “Survey On Verification Of Storage https://www.pcworld.com/article/214775/microsoft_cloud
Correctness In Cloud Computing,” Int. J. Eng. Comput. _data_breach_sign_of_future.html. [Accessed: 20-Dec-
Sci., vol. 4, no. 9, pp. 14336–14340, 2015. 2017].
[84] "Data Deduplication - EMC Glossary", Emc.com, 2017. [100] D. Robb, “Top 10 AI and Machine Learning Data
[Online]. Available: Storage Trends,” Enteprise Storage Focum.com, 2017.
https://www.emc.com/corporate/glossary/data- [Online]. Available:
deduplication.htm. [Accessed: 07- Apr- 2017]. http://www.enterprisestorageforum.com/storage-
[85] "Cloud encryption - client-side vs server-side", management/top-10-ai-and-machine-learning-data-
Stackfield.com, 2017. [Online]. Available: storage-trends.html. [Accessed: 21-Dec-2017].
https://www.stackfield.com/blog/cloud-encryption---
client-side-vs-server-side-1. [Accessed: 07- Apr- 2017].
[86] ]D. Quick, B. Martini and K. Choo, Cloud Storage
Forensics, 1st ed. Syngress, 2013, p. 143.
[87] Y. Elkhatib, “Defining Cross-Cloud Systems,” pp. 1–4,
2016.
[88] W. Dou, X. Zhang, J. Liu and J. Chen, "HireSome-II:
Towards Privacy-Aware Cross-Cloud Service Composition
for Big Data Applications", IEEE Transactions on Parallel
and Distributed Systems, vol. 26, no. 2, pp. 455-466, 2015.
[89] "What is software-defined networking (SDN)? - Definition
from WhatIs.com", SearchSDN, 2017. [Online]. Available:
http://searchsdn.techtarget.com/definition/software-
defined-networking-SDN. [Accessed: 08- Apr- 2017].
[90] A. Greenberg, SDN for the Cloud, 1st ed. Microsoft, 2015,
pp. 1-47.
[91] D. Raffo, "Hot data storage technology trends for 2017",
SearchStorage, 2017. [Online]. Available:
http://searchstorage.techtarget.com/feature/Hot-data-
storage-technology-trends-for-2017. [Accessed: 08- Apr-
2017].
[92] R. Kennedy, "Hybrid cloud storage: Past, present and
future", Cloud computing news, 2017. [Online]. Available:
https://www.ibm.com/blogs/cloud-
computing/2016/08/hybrid-cloud-storage-past-present-
future/. [Accessed: 08- Apr- 2017].
[93] J. Chen, "The Evolution of Computing: AlphaGo",
Computing in Science & Engineering, vol. 18, no. 4, pp. 4-
7, 2016.

14