DLSeF

Applications in risk-critical domains such as emergency management and industrial control systems need near-real-time stream data processing in large-scale sensing networks. The key problem is how to ensure online end-to-end security (e.g., confidentiality, integrity, and authenticity) of data streams for such applications. We refer to this as an online security verification problem. Existing data security solutions cannot be applied in such applications as they cannot deal with data streams with high-volume and high-velocity data in real time. They introduce a significant buffering delay during security verification, resulting in a requirement for a large buffer size for the stream processing server. To address this problem, we propose a Dynamic Key-Length-Based Security Framework (DLSeF) based on a shared key derived from synchronized prime numbers; the key is dynamically updated at short intervals to thwart potential attacks to ensure end-to-end security. Theoretical analyses and experimental results of the DLSeF framework show that it can significantly improve the efficiency of processing stream data by reducing the security verification time and buffer usage without compromising security.

[1]  Simon Heron,et al.  Encryption: Advanced Encryption Standard (AES) , 2009 .

[2]  Jinjun Chen,et al.  A dynamic prime number based efficient security mechanism for big sensing data streams , 2017, J. Comput. Syst. Sci..

[3]  Helmut Krcmar,et al.  Big Data , 2014, Wirtschaftsinf..

[4]  Todd M. Austin,et al.  Architectural support for fast symmetric-key cryptography , 2000, SIGP.

[5]  Jennifer Widom,et al.  STREAM: The Stanford Stream Data Manager , 2003, IEEE Data Eng. Bull..

[6]  Elke A. Rundensteiner,et al.  D-CAPE: distributed and self-tuned continuous query processing , 2005, CIKM '05.

[7]  Michael Stonebraker,et al.  The 8 requirements of real-time stream processing , 2005, SGMD.

[8]  Marco Pistoia,et al.  Enterprise Java 2 Security: Building Secure and Robust J2EE Applications , 2004 .

[9]  Samih Abdul-Nabi,et al.  On Formula to Compute Primes and the n th Prime , 2012 .

[10]  James M. Tien,et al.  Big Data: Unleashing information , 2013, 2013 10th International Conference on Service Systems and Service Management.

[11]  Günter Schäfer,et al.  Sensor Network Security , 2005, Embedded Systems Handbook.

[12]  Ki-Woong Park,et al.  Computationally Efficient PKI-Based Single Sign-On Protocol, PKASSO for Mobile Devices , 2008, IEEE Transactions on Computers.

[13]  J. Manyika Big data: The next frontier for innovation, competition, and productivity , 2011 .

[14]  Peter Kruus,et al.  CONSTRAINTS AND APPROACHES FOR DISTRIBUTED SENSOR NETWORK SECURITY , 2000 .

[15]  Jennifer Widom,et al.  STREAM: the stanford stream data manager (demonstration description) , 2003, SIGMOD '03.

[16]  Michael Stonebraker,et al.  Monitoring Streams - A New Class of Data Management Applications , 2002, VLDB.

[17]  Joan Daemen,et al.  AES - The Advanced Encryption Standard , 2002 .

[18]  Balachandra Reddy Kandukuri,et al.  Cloud Security Issues , 2009, 2009 IEEE International Conference on Services Computing.

[19]  John Zic,et al.  A mobile and portable trusted computing platform , 2011, EURASIP J. Wirel. Commun. Netw..

[20]  Mukesh Singhal,et al.  The Role of Cloud Computing Architecture in Big Data , 2015 .

[21]  Dirk Fox,et al.  Advanced Encryption Standard (AES) , 1999, Datenschutz und Datensicherheit.

[22]  B. P. S. Sahoo,et al.  Cloud Computing Features, Issues, and Challenges: A Big Picture , 2015, 2015 International Conference on Computational Intelligence and Networks.

[23]  Dursun Delen,et al.  Leveraging the capabilities of service-oriented decision support systems: Putting analytics and big data in cloud , 2013, Decis. Support Syst..

[24]  Dimitrios Zissis,et al.  Addressing cloud computing security issues , 2012, Future Gener. Comput. Syst..

[25]  Claudio Soriente,et al.  StreamCloud: An Elastic and Scalable Data Streaming System , 2012, IEEE Transactions on Parallel and Distributed Systems.

[26]  Rajiv Ranjan,et al.  Streaming Big Data Processing in Datacenter Clouds , 2014, IEEE Cloud Computing.

[27]  David E. Culler,et al.  SPINS: Security Protocols for Sensor Networks , 2001, MobiCom '01.

[28]  Jinjun Chen,et al.  HKE‐BC: hierarchical key exchange for secure scheduling and auditing of big data in cloud computing , 2016, Concurr. Comput. Pract. Exp..

[29]  J. S. Saini,et al.  Adaptive Query Processing , 2006 .

[30]  Elisa Bertino,et al.  FENCE: Continuous access control enforcement in dynamic data stream environments , 2010, 2010 IEEE 26th International Conference on Data Engineering (ICDE 2010).

[31]  Mohamed F. Younis,et al.  An energy-aware QoS routing protocol for wireless sensor networks , 2003, 23rd International Conference on Distributed Computing Systems Workshops, 2003. Proceedings..

[32]  Stanley B. Zdonik,et al.  Staying FIT: Efficient Load Shedding Techniques for Distributed Stream Processing , 2007, VLDB.

[33]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[34]  Wendi B. Heinzelman,et al.  Negotiation-Based Protocols for Disseminating Information in Wireless Sensor Networks , 2002, Wirel. Networks.

[35]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[36]  Jinjun Chen,et al.  DPBSV -- An Efficient and Secure Scheme for Big Sensing Data Stream , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[37]  ParkKyu Ho,et al.  Computationally Efficient PKI-Based Single Sign-On Protocol, PKASSO for Mobile Devices , 2008 .

[38]  Erik Brynjolfsson,et al.  Big data: the management revolution. , 2012, Harvard business review.

[39]  O. Khan,et al.  ACM Transactions on Embedded Computing Systems continued on back cover , 2018 .

[40]  Stéphane Bressan,et al.  ASSIST: access controlled ship identification streams , 2011, Trans. Large Scale Data Knowl. Centered Syst..

[41]  Jinjun Chen,et al.  A Dynamic Key Length Based Approach for Real-Time Security Verification of Big Sensing Data Stream , 2015, WISE.

[42]  Frederick Reiss,et al.  TelegraphCQ: continuous dataflow processing , 2003, SIGMOD '03.

[43]  Toyotaro Suzumura,et al.  Automatic optimization of stream programs via source program operator graph transformations , 2013, Distributed and Parallel Databases.

[44]  Elisa Bertino,et al.  StreamShield: a stream-centric approach towards security and privacy in data stream environments , 2009, SIGMOD Conference.

[45]  Kang Yen,et al.  Sensor network security: a survey , 2009, IEEE Communications Surveys & Tutorials.

[46]  Albert Bifet,et al.  Mining Big Data in Real Time , 2013, Informatica.

[47]  Marco Pistoia,et al.  Enterprise Java security : Building secure J2EE applications , 2004 .

[48]  Weisong Shi,et al.  Wireless Sensor Network Security: A Survey , 2006 .

[49]  Wei Cheng,et al.  ARTSense: Anonymous reputation and trust in participatory sensing , 2013, 2013 Proceedings IEEE INFOCOM.