對於雲端計算服務以及雲端儲存服務而言，稽核是相當重要的。其中，行動裝置上對於雲端儲存服務的稽核方法必須支持動態群組以及個人隱私保護。為了達到個人身分隱私保護，Yu 等學者提出他們支援動態群組的方法。然而，我們針對動態群體的攻擊明確指出他們的方法，當群體成員與群體金鑰變動時、無法滿足前向與後向的安全性要求。為了改正這個安全缺失，提出我們的第一個方法，除了前向與後向的安全性要求外，還提供最大化的個人身分隱私保護。
對於雲端計算稽核方面，Wei等學者提出他們的雲端計算稽核方法。然而，他們針對攻擊者的行為假設是不實際的。移除不實際的假設後，將導致稽核所需的數量大增，稽核者的計算需求將變得龐大，導致可能無法在合理的時間內回應稽核結果。同時，發現不正確的計算結果的稽核機率也無法達到使用者的要求。針對改善線上稽核的效能或是稽核機率，我們提出一些策略有效地增加稽核驗證子的數量，透過稽核驗證子數量增加，可以改善效能或是稽核的機率。我們的策略利用了離線計算或是利用雲端計算伺服器計算能力，藉以提升線上稽核效能和稽核機率。根據我們的效能分析與探討，我們的策略不只是提升線上效能，也能用來提升線上稽核機率。

Auditing is important both for cloud computing services and cloud storage services.  The audit scheme of cloud storage services for mobile devices should support dynamic groups and identity privacy protection.  To audit uploading files for the dynamic mobile groups, Yu et al. proposed their scheme to protect identity-privacy.  However, our dynamic group attacks shows that their scheme does not satisfy the forward and backward privacy for the group secret key change after some members leave.  To provide forward and backward privacy for the group secret keys, our first protocol is proposed.  Besides, our protocol provides the maximal identify-privacy protection.
For cloud computation, Wei et al. proposed their cloud computation auditing scheme.  However, their assumption about the adversary’s behaviors is impractical.  After removing this impractical assumption, auditors’ computation load becomes so heavy that auditors may not return the auditing results in reasonable time.  The probability of finding out incorrect computed results cannot reach the users’ requirement.  To improve the on-line audit performance or probability, some improving strategies are proposed to increase the number of auditors efficiently.  Then the increase of the number of auditors will improve either audit performance or audit probability.  Our strategies utilize the off-line computation and cloud computation server help to improve the online audit performance and the audit probability.  According to our performance analysis and the discussion, our strategies improve not only the online audit performance but also the audit probability for cloud computation.

Table of Content
Chapter 1 Introduction	1
Chapter 2 Review	5
2.1 Yu et al.’s Identity Privacy-Preserving Public Auditing Protocol for Dynamic Groups		5
2.2 Security Assumptions for Our Identity-Privacy Public Auditing Supporting Dynamic Groups for Mobile Cloud Storages	8
2.3 System Model, Assumptions, and Security Requirements for Our Auditing Strategies	9
2.4 Merkle Hash Trees	12
2.5 Threat Model and Secure Cloud Computation Auditing Requirement	13
Chapter 3 Our Identity-Privacy Public Auditing Supporting Dynamic Groups for Mobile Cloud Storage	15
3.1 Dynamic Group Weakness in Yu et al.’s Scheme	15
3.2 Our New Protocol	16
Chapter 4 Security Analysis for Our Identity-Privacy Public Auditing Supporting Dynamic Groups for Mobile Cloud Storage	22
Chapter 5 Our Cloud Computation Auditing Strategies	27
5.1 Our Brief Cloud Computation Delegation and Auditing Scheme	27
5.2 The Off-Line Easy-Auditor Improving Strategy	30
5.3 The Function-Based Improving Strategy	32
5.4 The Mixed Improving Strategy	36
Chapter 6 Probability/Performance Analysis and Discussion for Our Auditing Strategies	41
6.1 Probability Analysis	41
6.2 Discussions about Probability Analysis	43
6.3 Performance Analysis	43
6.4 Discussions about Performance Analysis	46
Chapter 7 Conclusions	48
References	49
Appendix	53

List of Tables 
Table 1: The Notations of Our Protocol 17 
Table 2: The Notations of Our Auditing Strategies 27 
Table 3: Relationship among the Parameters k,

[1]	M. Arrington, “Gmail Disaster: Reports of Mass Email Deletions (2006)”, https://techcrunch.com/2006/12/28/gmail-disaster-reports-of-mass-email-deletions/.
[2]	M. Belenkiy, M. Chase, C. Erway, J. Jannotti, A. Küpçü, and A. Lysyanskaya, “Incentivizing Outsourced Computation,” Proceedings of the 3rd International Workshop on Economics of Networked Systems, Seattle, WA, USA, August 17-22, 2008, pp.85-90.
[3]	H. Canepa and D. Lee, “A Virtual Cloud Computing Provider for Mobile Devices,” Proceeding of 1st ACM Workshop on Mobile Cloud Computing and Services Social Networks and Beyond (MCS 2010), Vol. 6. ACM Digital Library, San Francisco, 2010.
[4]	R. Canetti, B. Riva, and G. Rothblum, “Verifiable Computation with Two or More Clouds,” Workshop on Cryptography and Security in Clouds, Zurich, Switzerland, March 15-16, 2011.
[5]	W. Diffie, and M.E. Hellman, “New directions in cryptography,” IEEE Transactions on Information Theory, Vol. 22, Issue 6, pp. 644-654, Nov. 1976.
[6]	H.T. Dinh, C. Lee, D. Niyato, and P. Wang, “A Survey of Mobile Cloud Computing: Architecture, Applications, and Approaches,” Wireless Communication and Mobile Computing, Vol. 13, No. 8, pp. 1587-1611, 2013.
[7]	N. Fernando, S.W. Loke, and W. Rahayu, “Mobile Cloud Computing: A Survey,” Future Generation Computer Systems , Vol. 29, pp. 84-106, 2013.
[8]	R. Gennaro, C. Gentry and B. Parno, “Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers,” 30th International Cryptology Conference (CYPTO 2010), Santa Barbara, California, USA, August 15-19, 2010, pp.465.482.
[9]	P. Golle and I. Mironov, “Uncheatable Distributed Computations,” The Cryptographers’ Track at RSA Conference 2001, San Francisco, CA, USA, April 8-12,2001, pp.425-440.
[10]	D. Huang, T. Xing, and H. Wu, “Mobile Cloud Computing Service Models: A User-centric Approach,” IEEE Network, Vol. 27, No. 5, pp. 6–11, 2013.
[11]	K. Kumar and Y.H. Lu, “Cloud Computing for Mobile Users: Can Offloading Computation Save Energy? ” IEEE Journal Computer, Vol. 43, No. 4, pp. 51-56, 2010.
[12]	M. Krigsman, “Apples MobileMe Experiences Post-launch Pain (2008),” http://www.zdnet.com/article/apples-mobileme-experiences-post-launch-pain/.
[13]	P. Mell and T. Grance, “Draft NIST Working Definition of Cloud Computing (2009),” http://csrc.nist.gov/groups/SNS/cloud-computing/index.html. 
[14]	F. Monrose, P. Wycko, and A. Rubin, “Distributed Execution with Remote Audit,” Proceedings of the Network and Distributed Systems Security Symposium (NDSS), San Diego, California, USA, 1999, pp.103-113.
[15]	B.P. Rimal, E. Choi, and I. Lumb, “A Taxonomy and Survey of Cloud Computing Systems,” Proceeding of 5th International Joint Conference of INC, IMS and IDC, NCM 2009, Seoul, Korea, IEEE Press, 2009, pp. 44-51. 
[16]	A. Sadeghi, T. Schneider, and M. Winandy, “Token-based Cloud Computing: Secure Outsourcing of Data and Arbitrary Computations with Lower Latency,” Trust and Trustworthy Computing, Berlin, Germany, June 21-23, 2010, pp.417-429.
[17]	C.P. Schnorr, “Efficient Signature Generation by Smart Cards,” ACMJournal of Cryptology, Vol.4, Issue 3, pp.161-174, 1991.
[18]	M. Shiels. “Phone Sales Hit by Sidekick Loss (2009),” http://news.bbc.co.uk/2/hi/technology/8303952.stm.
[19]	B. Wang, B. Li, and H. Li, “Knox: Privacy-Preserving Auditing for Shared Data with Large Groups in the Cloud,” Applied Cryptography and Network Security (ACNS 2012), LNCS 7341, Heidelberg: Springer, 2012, pp. 507–525.
[20]	B. Wang, B. Li, and H. Li, “Oruta: Privacy-Preserving Auditing for Shared Data in the Cloud,” Proceeding of IEEE 5th International Conference on Cloud Computing (IEEE Cloud 2012), Honolulu, HI, USA, June 24-29, 2012, pp. 295–302. 
[21]	B. Wang, B. Li, and H. Li, “Privacy-Preserving Public Auditing for Shared Cloud Data Supporting Group Dynamics,” Proceeding of IEEE International Conference on Communications(ICC 2013), Budapest, Hungary, June 9-13, 2013, pp. 1946-1950.
[22]	C. Wang, S. S. M. Chow, Q. Wang, K. Ren, and W. Lou, “Privacy-Preserving Public Auditing for Secure Cloud Storage,” IEEE Transactions on Computers, Vol. 62, No. 2, pp. 362–375, 2013.
[23]	C. Wang, K. Ren, W. Lou, and J. Li, “Toward Public Auditable Secure Cloud Data Storage Services,” IEEE Network, Vol. 24, No. 4, pp. 19-24, 2010.
[24]	Q. Wang, C. Wang, K. Ren, W. Lou, and J. Li, “Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing,” Proceeding of ESORICS 2009, Saint Malo, France, Sep. 21-25, 2009, pp. 355-370.
[25]	Q. Wang, C. Wang, K. Ren, W. Lou, and J. Li, “Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing,” IEEE Transactions on Parallel Distributed Systems, Vol. 22, No. 5, pp. 847-859, 2012.
[26]	L. Wei, H. Zhu, Z. Cao, W. Jia, and A. Vasilakos, “Seccloud: Bridging Secure Storage and Computation in Cloud,” 30th International Conference on Distributed Computing Systems Workshops (IEEE ICDCSW 2010), Genova, Italy, June 21-25, 2010.
[27]	L. Wei, H. Zhu, Z. Cao, W. Jia, X. Dong, W. Jia, Y. Chen, and A. Vasilakos, “Security and Privacy for Storage and Computation in Cloud Computing,” Information Sciences,Vol.258, pp.371-386 , Feb. 2014.
[28]	K. Yang and X. Jia, “An Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud Computing,” IEEE Transactions on Parallel Distributed Systems, Vol. 24, No. 9, pp. 1717–1726, 2013.
[29]	Y. Yu, Y. Mu, J. Ni, J. Deng, and K. Huang, “Identity Privacy-Preserving Public Auditing with Dynamic Group for Secure Mobile Cloud Storage,” International Conference, NSS, Springer International Publishing, 2014, pp.28-40
[30]	Y. Zhu, H. Hu, G.J. Ahn, and S. Stephen, “Yau: Efficient Audit Service Outsourcing for Data Integrity in Clouds,” Journal of Systems and Software, Vol. 85, No. 5, pp.1083-1095, 2012.
[31]	Y. Zhu, H. Hu, G.J. Ahn, and M. Yu, “Cooperative Provable Data Possession for Integrity Verification in Multicloud storage,” IEEE Transactions on Parallel Distributed Systems, Vol. 23, No. 12, pp. 2231-2244, 2012.
[32]	Y. Zhu, S.B. Wang, G.J. Ahn, and D. Ma, “Secure Collaborative Integrity Verification for Hybrid Cloud Environments,” International Journal of Cooperative Information Systems, Vol. 21, No. 3, pp. 165-198, 2012.