在使用者與服務提供者之間保持雙向的不可否認性在雲端儲存服務上是非常重要的。根據這個問題，其中一種解決方法是紀錄雙方的行為當作證據，並為這些證據加上電子簽章，以便未來有爭議時，可以相互檢視。對於每個服務的請求，使用者和服務提供者必須交換儲存的證據，這些記錄下來的證據將會在未來稽核使用者儲存在雲端儲存空間的資料之時，驗證之前所有存取的行為是否正確。
利用鏈結雜湊的資料結構將存取資料的行為記錄成證據並將他們儲存在服務提供者端，可以有效的保證資料寫入的循序性及資料讀取的最新性。但是，單一使用者在不同的裝置上交錯的讀取或是寫入資料的情況下，原始的鏈結雜湊是不足夠的。在本篇論文中，我們首先證明，單一使用者在不同的裝置上交錯的讀取或是寫入資料的情況下，原始的鏈結雜湊的資料結構沒有辦法抵禦服務提供者所發動的回復式攻擊，除非客戶端必須儲存所有的證據或是存在一種方法，可以將每次存取資料的運算證據廣播給所有的客戶端的裝置。
為了解決這個問題，我們提出了一個架構，即使客戶端的裝置不用交換任何的證據，也可以保證使用者和服務提供者的雙向不可否認性，在這個架構下，每個客戶端裝置只需要儲存他們最後一個存取資料的運算所產生的證據，伺服器端則需要儲存所有運算的證據。然而，一段時間後，雲端儲存服務的伺服器會累積大量的證據，造成伺服器的負擔。因此，我們還利用雜湊樹(hash tree)，或稱為馬可樹(Merkle tree)建構資料系統的骨架，以便消除累積的證據。
再者，我們利用java程式語言實作了上述提出的概念，以證明這個方法是可行的，雲端儲存服務的提供者可以在他們的服務層級協議中，利用這個架構來保證與使用者的不可否認性。

Obtaining mutual nonrepudiation between the user and service provider is crucial in cloud storage. One of the solutions for mutual nonrepudiation is based on logging attestations, which are signed messages. For every request, clients and service provider exchange attestations. These attestations will be used in an auditing protocol to verify their behavior. The chain-hashing scheme chains attestations and stores them in service provider for supporting write-serializability and read freshness of files. However, the chain-hashing scheme is inefficient when files in an account can be accessed by multiple client devices interchangeably.
In this paper we first show that the chain-hashing scheme cannot resist roll-back attack from service provider unless client devices keep all the attestations or there exists a way to broadcast the last attestation to all the client devices.
We propose a scheme that can guarantee mutual nonrepudiation between the user and service provider without requiring the client devices to exchange any messages, and each client device only has to store the last attestation it received. We also propose how to apply the hash tree to remove accumulated attestations. The results from related experiments demonstrate the feasibility of the proposed scheme. A service provider of cloud storage can use the proposed scheme to provide a mutual nonrepudiation guarantee in their service-level agreement.

[1] “Google Drive,” https://drive.google.com/start#home.
[2] “Dropbox,” https://www.dropbox.com/home.
[3] “SugarSync,” https://www.sugarsync.com/.
[4] “Microsoft SkyDrive,” http://skydrive.live.com/.
[5] “Box,” http://www.box.net.
[6] AMAZON. “Amazon S3 Service Level Agreement, ”. http://aws.amazon.com/s3-sla/.
[7] MICROSOFT CORPORATION. “Windows Azure Pricing and Service Agreement,” http://www.microsoft.com/windowsazure/pricng/.
[8] Seny Kamara and Kristin Lauter. “Cryptographic Cloud Storage,” in Financial Cryptography Workshops, pp. 136-149, January 2010.
[9] J. Feng, Y. Chen, D. Summerville, W.S. Ku, and Z. Su. “Enhancing cloud storage security against roll-back attacks with a new fair multi-party non-repudiation protocol,” in IEEE Consumer Communications and Networking Conference (CCNC), pp.521-522,January 2011.

[10] Alexander Shraer, Idit Keidar, Christian Cachin, Yan Michalevsky, Asaf Cidon, and Dani Shaket, “Venus: Verification for untrusted cloud storage,” ACM CCSW 2010.
[11] Raluca Ada Popa, Jacob R. Lorch, David Molnar, Helen J. Wang, and Li Zhuang “Enabling Security in Cloud Storage SLAs with CloudProof,” in USENIX Annual Technical Conference, June 2011
[12] R. C. Merkle. “A digital signature based on a conventional encryption function,” in A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology, pp. 369-378, 1988
[13] M. Kallahalla, E. Riedel, R. Swaminathan, Q. Wang, and K. Fu, “Plutus: Scalable Secure File Sharing on Untrusted Storage,” In USENIX FAST (2003).
[14] A. Adya, W. Bolosky, M. Castro, G. Cermak, R. Chaiken, J. Douceur, J. Howell, J. Lorch, M. Theimer, and R. Wattenhofer, “FARSITE: Federated, Available, and Eliable Storage for an Incompletely Trusted Environment,” In OSDI, pages 1–14, December 2002.
[15] J. Kubiatowicz, D. Bindel, Y. Chen, S. Czerwinski, P. Eaton, D. Geels, R. Gummadi, S. Rhea, H. Weatherspoon, W. Weimer, C. Wells, and B. Zhao. “Oceanstore: An Architecture for Global-scale Persistent Storage,” In ASPLOS, December 2000.
[16] G. Ganger, P. Khosla, M. Bakkaloglu, M. Bigrigg, G. Goodson, S. Oguz, V. Pandurangan, C. Soules, J. Strunk, and J. Wylie. Survivable storage systems. In DARPA Information Survivability Conference and Exposition, IEEE, volume 2, pages 184–195, June 2001.
[17] P. Druschel and A. Rowstron. Storage management and caching in PAST, a large-scale, persistent peerto-peer storage utility. In SOSP, 2001.
[18] J. Strunk, G. Goodson, M. Scheinholtz, C. Soules, and G. Ganger, “Self-securing storage: protecting data in compromised systems,” In OSDI, October 2000.
[19] Eu-Jin Goh, Hovav Shacham, Nagendra Modadugu, and Dan Boneh, “Sirius: securing remote unstrusted storage,” In NDSS (2003).
[20] Jinyuan Li, Maxwell Krohn, David Mazie`res, and Dennis Shasha, “SUNDR: Secure untrusted data repository,” In OSDI (2004).
[21] C. Cachin, A. Shelat, and A. Shraer. Efficient fork-linearizable access to untrusted shared memory. In Proc. 26th ACM Symposium on Principles of Distributed Computing (PODC), pages 129–138, 2007.
[22] M. Majuntke, D. Dobre, M. Serafini, and N. Suri. Abortable fork-linearizable storage. In T. F. Abdelzaher, M. Raynal, and N. Santoro, editors, Proc. 13th Conference on Principles of Distributed Systems (OPODIS), volume 5923 of Lecture Notes in Computer Science, pages 255–269, 2009.
[23] C. Cachin and M. Geisler. Integrity protection for revision control. In M. Abdalla and D. Pointcheval, editors, Proc. Applied Cryptography and Network Security (ACNS), volume 5536 of Lecture Notes in Computer Science, pages 382–399, 2009.
[24] Jun Feng, Yu Chen, Douglas H. Summerville: “A fair multi-party non-repudiation scheme for storage clouds,” in Collaboration Technologies and Systems (CTS), pp. 457-465, May 2011
[25] The Apache Software Foundation, “Welcome to Apache Hadoop!” http://hadoop.apache.org/.