Mchain: A Blockchain-Based VM Measurements Secure Storage Approach in IaaS Cloud With Enhanced Integrity and Controllability

Virtual machine (VM) measurements data in IaaS cloud play a crucial role in integrity evaluation and decision making. Hence, the secure storage for these data has attracted more attention recently. This paper proposes a novel approach, named Mchain, to enhance the integrity and controllability of the secure storage. Especially, to enhance the integrity, a two-layer blockchain network is introduced. In the first layer, after the production, the data packages are first verified by leveraging a correspondence between a package and a policy, and a one-to-one relation among a VM, a user, and a node. After that, we propose a consensus achievement algorithm to construct a semi-finished block on a candidate block arranged by data packages. Meanwhile, the semi-finished block is distributed to all nodes, which can provide a certain integrity. In the second-layer, tamper-resistant metadata is generated by performing PoW tasks on the semi-finished block, resulting in strong integrity. Further, to enhance the controllability, a revisable user-defined policy-based encryption method with KP-ABE is proposed. It helps to flexibly control the scope of authorized verifiers. The experimental results on six scenarios with simulated data set show that the proposed approach is appealing in integrity and controllability, and the time overhead of data storage.