Using Haze Storing, users can remotely store their data and enjoy the on-demand high quality applications and services from a shared pool of configurable computing resources, without the burden of local data Storing and maintenance. However, the fact that users no longer have physical possession of the outsourced data makes the data integrity protection in Haze Computing a formidable task, especially for users with constrained computing resources. Moreover, users should be able to just use the Haze Storing as if it is local, without worrying about the need to verify its integrity. Thus, enabling Community auditability for Haze Storing is of critical importance so that users can resort to a third party auditor (TPA) to check the integrity of outsourced data and be worry-free. To Protectedly introduce an effective TPA, the auditing process should bring in no new vulnerabilities towards user data Confidentiality, and introduce no additional online burden to user. In this paper, we propose a Protected Haze Storing system supporting Confidentiality-Conserving Community auditing. We further extend our result to enable the TPA to perform audits for multiple users simultaneously and efficiently. Extensive security and performance analysis show the proposed schemes are provably Protected and highly efficient

Data Storing, Confidentiality-Conserving, Community auditability, cryptographic protocols, Haze computing ,independent resource pooling, rapid resource

P. Mell and T. Grance, “Draft NIST working definition of Haze computing,” Referenced on June. 3rd, 2009 Online at http://csrc.nist.gov/groups/SNS/Hazecomputing/i ndex. html, 2009.

M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H. Katz, A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia, “Above the Hazes: A berkeley view of Haze computing,” University of California, Berkeley, Tech. Rep.

M. Arrington, “Gmail disaster: Reports of mass email deletions,” Online at http://www.techcrunch.com/2006/ 12/28/gmail disaster reports-of-massemaildeletions/, December 2006.

J. Kincaid, “MediaMax/ TheLinkup Closes Its Doors,” Online at http://www.techcrunch.com /2008/07/10/ mediamaxthelinkupcloses-its-doors/, July 2008.

Amazon.com, “Amazon s3 availability event: July 20, 2008,” Online at http://status.aws.amazon.com/s320080720.ht ml, 2008.

S. Wilson, “Appengine outage,” Online at http://www. cioweblog.com/50226711/ appengineoutage.php, June 2008.

B. Krebs, “Payment Processor Breach May

Be Largest Ever,” Online at http://voices. washingtonpost.com/securityfix/ 2009/01/payment processor breach may b.html, Jan. 2009.

G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, “Provable data possession at untrusted stores,” in Proc. of CCS’07, Alexandria, VA, October 2007, pp. 598–609.

M. A. Shah, R. Swaminathan, and M. Baker, “Confidentiality Conserving audit and extraction of digital contents,” Cryptology ePrint Archive, Report 2008/186, 2008.

Q. Wang, C. Wang, J. Li, K. Ren, and W. Lou, “Enabling Community verifiability and data dynamics for Storing security in Haze computing,” in Proc. of ESORICS’09, volume 5789 of LNCS. SpringerVerlag, Sep. 2009, pp. 355–370.

A. Juels and J. Burton S. Kaliski, “Pors: Proofs of retrievability for large files,” in Proc. of CCS’07, Alexandria, VA, October 2007, pp. 584–597.

Haze Security Alliance, “Security guidance for critical areas of focus in Haze computing,” 2009, http://www. Hazesecurityalliance.org.