ACA-SDS: Adaptive Crypto Acceleration for Secure Data Storage in Big Data

In the era of big data, the demand for secure data storage is rapidly increasing. To accelerate the complex encryption computation, both specific instructions and hardware accelerators are adopted in a large number of scenarios. However, the hardware accelerators are not so effective especially for small volume data due to the induced invocation costs, while the AES-NI (Intel®advanced encryption standard new instructions) is not so energy efficiency for big data. To satisfy the diversity performance/energy requirements for intensive data encryptions, a collaborative solution is proposed in this paper. We proposed a feasible hardware-software co-design methodology based on the stack file system eCryptfs, with quick assist technology, which is named adaptive crypto acceleration for secure data storage (ACA-SDS). ACA-SDS is able to choose the optimal encryption solution dynamically according to file operation modes and request characters. Adjustable parameters, such as <inline-formula> <tex-math notation="LaTeX">$\alpha $ </tex-math></inline-formula>, <inline-formula> <tex-math notation="LaTeX">$\beta $ </tex-math></inline-formula>, and M are provided in our scheme to provide a better adaptability and tradeoff choices for encryption computation. Our evaluation shows that ACA-SDS can get 15%–25% performance improvement for big-data blocks compared with only software or hardware accelerations. Furthermore, our methodology provides a wide range of practical design concepts for the further research in this field.

[1]  Thouraya Bouabana-Tebibel,et al.  Parallel search over encrypted data under attribute based encryption on the Cloud Computing , 2015, Comput. Secur..

[2]  Dong Wang,et al.  Optimizing VNF live migration via para-virtualization driver and QuickAssist technology , 2017, 2017 IEEE International Conference on Communications (ICC).

[3]  Giuseppe Cattaneo,et al.  Design and Implementation of a Transparent Cryptographic File System for Unix , 2007 .

[4]  José Francisco Martínez Trinidad,et al.  A fast hardware software platform for computing irreducible testors , 2015, Expert Syst. Appl..

[5]  Kay Römer,et al.  The design space of wireless sensor networks , 2004, IEEE Wireless Communications.

[6]  Issam W. Damaj,et al.  Parallel Hardware for Faster Morphological Analysis , 2018, J. King Saud Univ. Comput. Inf. Sci..

[7]  R. Cowart,et al.  An Implementation and Experimental Evaluation of Hardware Accelerated Ciphers in All-Programmable SoCs , 2017, ACM Southeast Regional Conference.

[8]  Ramesh C. Jain,et al.  ACM SIGMM retreat report on future directions in multimedia research , 2005, TOMCCAP.

[9]  Inna Pivkina,et al.  Proactively applied encryption in multipath networks , 2016, Comput. Secur..

[10]  Tharam S. Dillon,et al.  Cloud Computing: Issues and Challenges , 2010, 2010 24th IEEE International Conference on Advanced Information Networking and Applications.

[11]  Jacob R. Lorch,et al.  Farsite: federated, available, and reliable storage for an incompletely trusted environment , 2002, OSDI '02.

[12]  He Lian-yue Design and implementation of multi-user encryption file system based on eCryptfs , 2010 .

[13]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[14]  Jiali Feng,et al.  Symmetric cryptographic algorithm based on polarization identity and implementation on file encryption , 2010, 2010 3rd International Congress on Image and Signal Processing.

[15]  Alok N. Choudhary,et al.  Flexible software protection using hardware/software codesign techniques , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[16]  Qian Wang,et al.  Plutus: Scalable Secure File Sharing on Untrusted Storage , 2003, FAST.

[17]  Shahaboddin Shamshirband,et al.  A Cloud-Manager-Based Re-Encryption Scheme for Mobile Users in Cloud Environment: a Hybrid Approach , 2015, Journal of Grid Computing.

[18]  Giulio Sandini,et al.  The iCub humanoid robot: An open-systems platform for research in cognitive development , 2010, Neural Networks.

[19]  Tack-Don Han,et al.  T&I engine: traversal and intersection engine for hardware accelerated ray tracing , 2011, SA '11.

[20]  Laxmikant V. Kalé,et al.  Scalable molecular dynamics with NAMD , 2005, J. Comput. Chem..

[21]  Matt Blaze,et al.  A cryptographic file system for UNIX , 1993, CCS '93.

[22]  Rajat Moona,et al.  TransCrypt: an Enterprise Encrypting File System over NFS , 2009 .

[23]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[24]  John L. Salmon,et al.  Effectiveness of an Immersive Virtual Environment for Collaboration With Gesture Support Using Low-Cost Hardware , 2018 .

[25]  Xue Shuai,et al.  QAT: Evaluation of a dedicated hardware accelerator for high performance web service , 2018, 2018 20th International Conference on Advanced Communication Technology (ICACT).

[26]  JongWon Kim,et al.  The global lambda visualization facility: An international ultra-high-definition wide-area visualization collaboratory , 2006, Future Gener. Comput. Syst..

[27]  Hiroaki Kunieda,et al.  CPU core generation for hardware-software codesign , 1996, Proceedings of APCCAS'96 - Asia Pacific Conference on Circuits and Systems.

[28]  Xiaobo Li,et al.  Partial encryption of compressed images and videos , 2000, IEEE Trans. Signal Process..

[29]  Jim D. Garside,et al.  Modernization of teaching in embedded systems design-an international collaborative project , 2006, IEEE Transactions on Education.

[30]  Shunji Kimura,et al.  Hardware acceleration technique for radio resource scheduling in 5G mobile systems , 2017 .

[31]  Jiwu Shu,et al.  Shield: A stackable secure storage system for file sharing in public storage , 2014, J. Parallel Distributed Comput..

[32]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[33]  Mark D. Hill,et al.  21st century computer architecture , 2014, PPoPP '14.

[34]  Theocharis Theocharides,et al.  FPGA-based hardware acceleration for local complexity analysis of massive genomic data , 2013, Integr..