DROPS: Division and Replication of Data in Cloud for Optimal Performance and Security

Outsourcing data to a third-party administrative control, as is done in cloud computing, gives rise to security concerns. The data compromise may occur due to attacks by other users and nodes within the cloud. Therefore, high security measures are required to protect data within the cloud. However, the employed security strategy must also take into account the optimization of the data retrieval time. In this paper, we propose division and replication of data in the cloud for optimal performance and security (DROPS) that collectively approaches the security and performance issues. In the DROPS methodology, we divide a file into fragments, and replicate the fragmented data over the cloud nodes. Each of the nodes stores only a single fragment of a particular data file that ensures that even in case of a successful attack, no meaningful information is revealed to the attacker. Moreover, the nodes storing the fragments, are separated with certain distance by means of graph T-coloring to prohibit an attacker of guessing the locations of the fragments. Furthermore, the DROPS methodology does not rely on the traditional cryptographic techniques for the data security; thereby relieving the system of computationally expensive methodologies. We show that the probability to locate and compromise all of the nodes storing the fragments of a single file is extremely low. We also compare the performance of the DROPS methodology with 10 other schemes. The higher level of security with slight performance overhead was observed.

[1]  Mazliza Othman,et al.  A Survey of Mobile Cloud Computing Application Models , 2014, IEEE Communications Surveys & Tutorials.

[2]  Peng Li,et al.  On the optimal placement of secure data objects over Internet , 2005, 19th IEEE International Parallel and Distributed Processing Symposium.

[3]  Dimitrios Zissis,et al.  Addressing cloud computing security issues , 2012, Future Gener. Comput. Syst..

[4]  Albert Y. Zomaya,et al.  On the Characterization of the Structural Robustness of Data Center Networks , 2013, IEEE Transactions on Cloud Computing.

[5]  M. Kanchana,et al.  Secure Dynamic Fragment and Replica Allocation in Large-Scale Distributed File Systems , 2015 .

[6]  Wayne A. Jansen,et al.  Cloud Hooks: Security and Privacy Issues in Cloud Computing , 2011, 2011 44th Hawaii International Conference on System Sciences.

[7]  Ishfaq Ahmad,et al.  Static and adaptive distributed data replication using genetic algorithms , 2004, J. Parallel Distributed Comput..

[8]  Yang Tang,et al.  Secure Overlay Cloud Storage with Access Control and Assured Deletion , 2012, IEEE Transactions on Dependable and Secure Computing.

[9]  Stergios V. Anastasiadis,et al.  Virtualization-aware access control for multitenant filesystems , 2014, 2014 30th Symposium on Mass Storage Systems and Technologies (MSST).

[10]  Pradeep K. Khosla,et al.  Selecting the Right Data Distribution Scheme for a Survivable Storage System (CMU-CS-01-120) , 2001 .

[11]  Guiran Chang,et al.  Surveying and Analyzing Security, Privacy and Trust Issues in Cloud Computing Environments , 2011 .

[12]  Michael D. Hogan,et al.  NIST Cloud Computing Standards Roadmap , 2013 .

[13]  Bernd Grobauer,et al.  Understanding Cloud Computing Vulnerabilities , 2011, IEEE Security & Privacy.

[14]  Miss Laiha Mat Kiah,et al.  Enhanced dynamic credential generation scheme for protection of user identity in mobile-cloud computing , 2013, The Journal of Supercomputing.

[15]  Albert Y. Zomaya,et al.  Energy-efficient data replication in cloud computing datacenters , 2013, GLOBECOM Workshops.

[16]  Athanasios V. Vasilakos,et al.  Security in cloud computing: Opportunities and challenges , 2015, Inf. Sci..

[17]  Athanasios V. Vasilakos,et al.  SeDaSC: Secure Data Sharing in Clouds , 2017, IEEE Systems Journal.

[18]  Mark Newman,et al.  Networks: An Introduction , 2010 .

[19]  Lili Qiu,et al.  On the placement of Web server replicas , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[20]  Albert Y. Zomaya,et al.  Quantitative comparisons of the state‐of‐the‐art data center architectures , 2013, Concurr. Comput. Pract. Exp..

[21]  Samee Ullah Khan,et al.  Future Generation Computer Systems ( ) – Future Generation Computer Systems towards Secure Mobile Cloud Computing: a Survey , 2022 .

[22]  Ari Juels,et al.  New approaches to security and availability for cloud data , 2013, CACM.

[23]  Eduardo B. Fernández,et al.  An analysis of security issues for cloud computing , 2013, Journal of Internet Services and Applications.

[24]  Yves Deswarte,et al.  Intrusion tolerance in distributed computing systems , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[25]  Ishfaq Ahmad,et al.  Comparison and analysis of ten static heuristics-based Internet data replication techniques , 2008, J. Parallel Distributed Comput..

[26]  Giorgos Kappes,et al.  Dike : Virtualization-aware Access Control for Multitenant Filesystems , 2013 .

[27]  U KhanSamee,et al.  Towards secure mobile cloud computing , 2013 .

[28]  W. K. Hale Frequency assignment: Theory and applications , 1980, Proceedings of the IEEE.

[29]  Lori M. Kaufman,et al.  Data Security in the World of Cloud Computing , 2009, IEEE Security & Privacy.