Next Article in Journal
Experimental Study and Thermodynamic Analysis of Hydrogen Production through a Two-Step Chemical Regenerative Coal Gasification
Previous Article in Journal
Effect of Multiple Factors on Identification and Diagnosis of Skidding Damage in Rolling Bearings under Time-Varying Slip Conditions
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Applied Sciences
Volume 9
Issue 15
10.3390/app9153034
Review Report
applsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

Lightweight Accountable Privacy-Preserving Protocol Allowing the Cloud Client to Audit the Third-Party Auditor for Malicious Activities

Appl. Sci. 2019, 9(15), 3034; https://doi.org/10.3390/app9153034
by Mohamed Ben Haj Frej 1,*, Julius Dichter 1 and Navarun Gupta 2
Reviewer 1: Anonymous
Reviewer 2: Anonymous
Appl. Sci. 2019, 9(15), 3034; https://doi.org/10.3390/app9153034
Submission received: 15 July 2019 / Revised: 19 July 2019 / Accepted: 20 July 2019 / Published: 27 July 2019
(This article belongs to the Section Computing and Artificial Intelligence)

Round 1

Reviewer 1 Report

This third review includes the comments done in previous version so in my opinion, it’s ready to go. Just some minor comments are now included; they will be listed as found in the text.

Line 83 (Related Work section): The sentence “The chosen state-of-the-art work consists of dynamicity, KeyGen, SigGen, GenProof and VerifyProof features. As, our proposed TPA-driven lightweight accountable privacy preserving approach is also based on the homogeneity including additional features such as Key Update, Substantiation and Validation” is unclear. Rewrite it.

Line 160 (Related Work section): The sentence “However, In the proposed approach, homomorphic non-linear authenticator is used which leads to additional overhead. Since, Non-linear authentication process has its weaknesses resulting from the fact that it first generates a random real number. Based on the generated random real number, binary random sequences are generated; Which results into communication overhead.” is unclear. Rewrite it.

Line 248: replace “:” by “.”, just after the word “cloud” and before the word “However”.

Table 3 (Discussion section): There are a couple of “trusted” starting by capital letter when they shouldn’t (lines PPPAs and SEPPPA). Correct them.


Author Response

Original Manuscript ID: applsci-561847

 Type of Manuscript: Article

Title: “Light-weight Accountable Privacy-Preserving Protocol Allowing the Cloud Client to Audit the Third-Party Auditor for Malicious Activities”

Authors: Mohamed Ben Haj Frej *, Julius Dichter, Navarun Gupta

 To: MDPI Applied Sciences Reviewer

Re: Response to reviewer

Dear respected reviewer,

Thank you for allowing re-submission of our manuscript, with an opportunity to address your comments.

We are uploading (a) our point-by-point response to the comments (below) (response to the reviewer), (b) an updated manuscript with highlighting colors indicating changes, and (c) a clean updated manuscript without highlights (PDF main document).

Best regards,

Mohamed Ben Haj Frej et al.

 


Author Response File: Author Response.pdf

Reviewer 2 Report

Authors addressed the concerns. I have no further comments.

Author Response

Dear respected reviewer, thank you for your time and consideration for reviewing our paper on another round.

Best regards,

Mohamed Ben Haj Frej et al.


This manuscript is a resubmission of an earlier submission. The following is a list of the peer review reports and author responses from that submission.


Round 1

Reviewer 1 Report

The authors were trying to provide a privacy preserving protocol to audit TPA in the cloud environment. This work carefully reviewed a few related work, such as SPS, PPA, PPPAS, and SEPPPA and proposed a lightweight version of the proctol LAPP.


However, authors must address the following concerns:

1) Crypto work needs to provide provable security. Theoretically prove of the work is missing from current version.

2) What's the work factor of algorithms?

3) Some technical details are missing, such as the creation and distribution of the random shared keys.


Section 2, problem definition was not clear. And privacy preserving is not even mention in this section.


From the writing perspective, I found the introduction of the algorithms redundant and often not consistent. Each algorithm was illustrated using algo, flowchart, and text (in bullet points). I appreciated that multiple representations were used. However, none of the representations were clear enough. I would suggest to cut the flow chart out and explain more in depth in text to articulate the algorithm.

Some graphs are out of proportion, such as Figure 2 and Table 2.

Simulations seem to be superficial. It probably can be replaced (or enhanced) with Complexity analyses, such O(N), O (N*logN), and etc.


Some minor editing are needed. For example, line 32, should be light-weight 'ACCOUNTABLE' privacy preserving,  

Author Response

Original Manuscript ID: applsci-513427

Type of Manuscript: Article

Title: “Light-weight Accountable Privacy-Preserving Protocol Allowing the Cloud Client to Audit the Third-Party Auditor for Malicious Activities”

Authors: Mohamed Ben Haj Frej *, Julius Dichter, Navarun Gupta

 

To: MDPI Applied Sciences Editor

Re: Response to reviewer

Dear Reviewer,

Thank you for allowing resubmission of our manuscript, with an opportunity to address your comments.

We are uploading (a) our point-by-point response to the comments (below) (response to reviewers), (b) an updated manuscript with highlighting colors indicating changes, and (c) a clean updated manuscript without highlights (PDF main document).

Best regards,

Mohamed Ben Haj Frej et al.


Author Response File: Author Response.pdf

Reviewer 2 Report

The work defines a protocol of a so-called light-weight protocol that provides third party auditing services between the client and the provider of cloud services. The topic is relevant in today’s environment, where security is a key concern for these services, and it is being studied by others, for example https://doi.org/10.1587/transinf.2016EDL8079 or http://jestec.taylors.edu.my/Vol%2013%20issue%2012%20December%202018/13_12_27.pdf.

The work done by the authors may be good but there are relevant errors in the writing of their paper that deserve a thorough review, or rather a re-writing. The re-writing is suggested so they can better explain their work and adhere to the instructions that this Journal provides, with the standard content (Introduction, Materials and Methods, Results, Discussion, Conclusions). This content might be in the current version of the paper but it deserves a review by the authors in order to make it clear; some suggestions:

·        The problem definition section could be part of the introduction. Or the paper’s contribution should go after the problem definition.

·        The section Related Work is broken down in 2 sub-sections without any further explanation, i.e., explain why this section is divided into 2 sub-sections.

·        Section 3.2 Summary-Simulation Test Beds could be clearer if not mixing the two (i.e., mixing summary with the simulation test beds).

·        The authors do not explain why they have selected the 4 cases or schemes from section 3.1 and not others. And when they are evaluating these schemes, they fail to provide explanations to their evaluations (e.g., why do the authors believe that the PPA may result into hidden server failures, or why do they SPS increases communication overhead?).

·        Understanding that the authors’ contribution is a new protocol based on an algorithm that they have developed, there should be an explanation on their methodology for developing such contributions, since these contributions are going to be communicated to an academical audience.

·        The Results and Discussion sections have been merged into one (section 6, the one named Simulation Setup and Parameters). It is recommended to separate them, avoiding the current mix of results (pure empirical data) and comments of interpretations of those results.

There are errors in the paper, it should be thoroughly reviewed by the authors. Some examples:

·        Line 221, probable duplication (line 220 has as content “4.1.2. Algorithm 2 – The Key Validation Process to Avoid the Malicious Role of the TPA” while line 221 has as content “3.1.2. Algorithm 2 – The Key Validation Process to Avoid the Malicious Role of the TPA”).

·        Line 307 is mention equation (4) but the paper misses this equation, while there are 2 equations (3).

·        When describing the content of the first equation (3), they don’t describe Tpr, but describe the not used PU(Dci).

·        Line 401 mentions a Figure 4 that is not in the paper, while there are two Figures 3 (probably the second one, the one right after line 402 is Figure 4, but then the wording is wrong).

·        There is no Figure 5 (we can find Figures 1, 2, 3, 3, 6, 7 and 8).

Please take a deep review of the work, reshape it, rewrite it, fix the mistakes in the writing, and only after this deep dive that will take the authors some time, resend it for consideration.


Author Response

Original Manuscript ID: applsci-513427

Type of Manuscript: Article

Title: “Light-weight Accountable Privacy-Preserving Protocol Allowing the Cloud Client to Audit the Third-Party Auditor for Malicious Activities”

Authors: Mohamed Ben Haj Frej *, Julius Dichter, Navarun Gupta

 

To: MDPI Applied Sciences Editor

Re: Response to reviewer

Dear Reviewer,

Thank you for allowing resubmission of our manuscript, with an opportunity to address your comments.

We are uploading (a) our point-by-point response to the comments (below) (response to reviewers), (b) an updated manuscript with highlighting colors indicating changes, and (c) a clean updated manuscript without highlights (PDF main document).

Best regards,

Mohamed Ben Haj Frej et al.


Author Response File: Author Response.pdf

Round 2

Reviewer 1 Report

Thank you for addressing those comments in this revision.

Please make sure all the equations are nicely presented in the PDF file.

Equation 13, 17, 18, 19 are kindly of fuzzy.

Author Response

Original Manuscript ID: applsci-513427

Type of Manuscript: Article

Title: “Light-weight Accountable Privacy-Preserving Protocol Allowing the Cloud Client to Audit the Third-Party Auditor for Malicious Activities”

Authors: Mohamed Ben Haj Frej *, Julius Dichter, Navarun Gupta

 

To: MDPI Applied Sciences Editor

Re: Response to reviewer

Dear respected reviewer,

Thank you for allowing re-submission of our manuscript, with an opportunity to address your comments.

We are uploading (a) our point-by-point response to the comments (below) (response to reviewers), (b) an updated manuscript with highlighting colors indicating changes, and (c) a clean updated manuscript without highlights (PDF main document).

Best regards,

Mohamed Ben Haj Frej et al.

 


Author Response File: Author Response.pdf

Reviewer 2 Report

The work has been deeply reviewed by the authors, as recommended in the previous revision. Still, there are some comments that were on that revision that are still missing, plus some new ones coming from a second full revision that has now been done. Some are minors, other are major. No distinction will be done based on this perception; they will be listed as found in the text.

Line 23 (Abstract section): be consistent on acronyms, place them all after the full text (i.e., replace “ TPA (third party auditor)” by “third party auditor (TPA)”).

Lines 45, 46. Same comment as above, in this case for CIA AAA.

Line 50. Missing acronym description for IT.

Line 63. Section 2 Problem Identification should disappear. Include its content in Section 1 Introduction, so that it can really be an introduction to the work that is being described. This comment implies the move of Lines 57-62 to just before current Section 3 Related Work.

Line 60. No explanation on why Section 5 has been added. Please explain this in the Introduction.

Line 64. No need of describing again the meaning of acronym CC.

Line 80. Section 3 Related work talks of 4 related works while line 76 only mentions 3 (references 9-11). Also, we are still missing the explanation on why these 4 have been chosen and not others (i.e., the authors do not explain why they have selected the 4 cases or schemes and not others).

Line 87. Why have the authors included this line? If their aim was to say that Section 3.1 is talking about the work from reference 12, just say it rather than including that text “Secure Public Auditing Cloud Storage Enabling Data Dynamics in the Standard Model”.

Line 111. Same comment as above, now for reference 9.

Line 92. Rewrite the sentence, it is not clear as written “The SecCloud protocol has been to assure the following objectives

Line 105. Where are the simulation results that the authors claim to have when the say “… and our simulation results”?

Line 141. Replace “(“ by “:” right after the text “The proposed scheme is based on the following algorithms”.

Line 242. The authors talk of their purpose of “..our proposed method is to introduce a light-weight…”. Describe how the authors came to reach the protocol described in this section (i.e., was it a trial-and-error approach? Or there was some initial thought or work that made them start developing that protocol as described in this section?)

Line 453. Section 5. Add an intro explaining the purpose of this section and why it is now here.

Line 600. Subsection 6.3 Discussion should by a Section in itself. And it should contain a table as Table 1 from line 172, including now the comparison of the 5 related works with the authors LAPP


Author Response

Original Manuscript ID: applsci-513427

Type of Manuscript: Article

Title: “Light-weight Accountable Privacy-Preserving Protocol Allowing the Cloud Client to Audit the Third-Party Auditor for Malicious Activities”

Authors: Mohamed Ben Haj Frej *, Julius Dichter, Navarun Gupta

 

To: MDPI Applied Sciences Editor

Re: Response to reviewer

Dear respected reviewer,

Thank you for allowing re-submission of our manuscript, with an opportunity to address your comments.

We are uploading (a) our point-by-point response to the comments (below) (response to reviewers), (b) an updated manuscript with highlighting colors indicating changes, and (c) a clean updated manuscript without highlights (PDF main document).

Best regards,

Mohamed Ben Haj Frej et al.

 


Author Response File: Author Response.pdf

Back to TopTop