Pub Date : 2013-12-02DOI: 10.1109/CloudCom.2013.85
M. Tsai, J. Chou, Jye Chen
VM consolidation has been shown as a promising technique for saving energy costs of a data center. It relies on VM migration to move user applications or jobs onto fewer numbers of physical servers during off peak hour. However, VM migration is a costly operation that could cause several concerns, such as performance degradation and system instability. Most existing works were proposed to minimize the migration cost for dynamic consolidation which migrates VM at the runtime when SLA violation or resource under-utilization is detected. In contrast, this paper aims to proactively prevent VM migration for semi-static VM consolidation by proposing a deadline driven VM placement strategy based on the awareness of the server turn-off time and job execution time. We evaluate our approach using a real HPC cluster trace as well as a set of synthetic generated workloads. The results show our approach can significantly reduce the number of migrations by 70% on the real trace. We also demonstrate that our approach can be resilient to different workload patterns by achieving consistent improvement around 50% over all the synthetic workloads.
{"title":"Prevent VM Migration in Virtualized Clusters via Deadline Driven Placement Policy","authors":"M. Tsai, J. Chou, Jye Chen","doi":"10.1109/CloudCom.2013.85","DOIUrl":"https://doi.org/10.1109/CloudCom.2013.85","url":null,"abstract":"VM consolidation has been shown as a promising technique for saving energy costs of a data center. It relies on VM migration to move user applications or jobs onto fewer numbers of physical servers during off peak hour. However, VM migration is a costly operation that could cause several concerns, such as performance degradation and system instability. Most existing works were proposed to minimize the migration cost for dynamic consolidation which migrates VM at the runtime when SLA violation or resource under-utilization is detected. In contrast, this paper aims to proactively prevent VM migration for semi-static VM consolidation by proposing a deadline driven VM placement strategy based on the awareness of the server turn-off time and job execution time. We evaluate our approach using a real HPC cluster trace as well as a set of synthetic generated workloads. The results show our approach can significantly reduce the number of migrations by 70% on the real trace. We also demonstrate that our approach can be resilient to different workload patterns by achieving consistent improvement around 50% over all the synthetic workloads.","PeriodicalId":198053,"journal":{"name":"2013 IEEE 5th International Conference on Cloud Computing Technology and Science","volume":"75 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124423609","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2013-12-02DOI: 10.1109/CloudCom.2013.26
V. Sharma, Aravindan Santharam
Platform as a Service Clouds typically lack direct support for application state management, and traditional state management techniques like clustering are not applicable as PaaS platforms offer little support for changing the underlying platform configuration. In this paper we build upon our earlier work where we proposed a session-state management architecture for Cloud called ReLoC, that uses loosely-coupled services and platform agnostic scalable messaging technology to propagate and save session states. Here, we present an actual implementation of the ReLoC onto a PaaS platform and an empirical evaluation of the original hypotheses of scalability and resilience of the proposed application architecture. We also present the challenges faced in implementing ReLoC on Heroku. The results indicate that ReLoC indeed allows applications to scale well and mitigates failures in individual application instances while maintaining state and hiding such failures from the users. The results also indicate that the performance degradation due to use of ReLoC is minimal and it is thus a promising approach for resilient user state management on PaaS Clouds.
{"title":"Implementing a Resilient Application Architecture for State Management on a PaaS Cloud","authors":"V. Sharma, Aravindan Santharam","doi":"10.1109/CloudCom.2013.26","DOIUrl":"https://doi.org/10.1109/CloudCom.2013.26","url":null,"abstract":"Platform as a Service Clouds typically lack direct support for application state management, and traditional state management techniques like clustering are not applicable as PaaS platforms offer little support for changing the underlying platform configuration. In this paper we build upon our earlier work where we proposed a session-state management architecture for Cloud called ReLoC, that uses loosely-coupled services and platform agnostic scalable messaging technology to propagate and save session states. Here, we present an actual implementation of the ReLoC onto a PaaS platform and an empirical evaluation of the original hypotheses of scalability and resilience of the proposed application architecture. We also present the challenges faced in implementing ReLoC on Heroku. The results indicate that ReLoC indeed allows applications to scale well and mitigates failures in individual application instances while maintaining state and hiding such failures from the users. The results also indicate that the performance degradation due to use of ReLoC is minimal and it is thus a promising approach for resilient user state management on PaaS Clouds.","PeriodicalId":198053,"journal":{"name":"2013 IEEE 5th International Conference on Cloud Computing Technology and Science","volume":"55 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125975735","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2013-12-02DOI: 10.1109/CloudCom.2013.69
J. O’Loughlin, Lee Gillam
The increasing number of Public Clouds, the large and varied range of VMs they offer, and the provider specific terminology used for describing performance characteristics, makes price/performance comparisons difficult. Large performance variation can lead to Clouds being described as 'unreliable' and 'unpredictable'. The aim of this paper is to offer a basis for making probability-based performance predictions in Public (Infrastructure) Clouds, with Amazon's EC2 as our focus. We demonstrate how CPU model determines instance performance, show associations between instance classes and sets of CPU models, and determine class-to-model performance characteristics. We suggest that by knowing the proportion of CPU models backing specific instances, and in absence of provider knowledge or ability to specify model or performance, we can estimate the likelihood of a user obtaining particular models in respect to a request, and that this can be used to gauge likely price/performance.
{"title":"Towards Performance Prediction for Public Infrastructure Clouds: An EC2 Case Study","authors":"J. O’Loughlin, Lee Gillam","doi":"10.1109/CloudCom.2013.69","DOIUrl":"https://doi.org/10.1109/CloudCom.2013.69","url":null,"abstract":"The increasing number of Public Clouds, the large and varied range of VMs they offer, and the provider specific terminology used for describing performance characteristics, makes price/performance comparisons difficult. Large performance variation can lead to Clouds being described as 'unreliable' and 'unpredictable'. The aim of this paper is to offer a basis for making probability-based performance predictions in Public (Infrastructure) Clouds, with Amazon's EC2 as our focus. We demonstrate how CPU model determines instance performance, show associations between instance classes and sets of CPU models, and determine class-to-model performance characteristics. We suggest that by knowing the proportion of CPU models backing specific instances, and in absence of provider knowledge or ability to specify model or performance, we can estimate the likelihood of a user obtaining particular models in respect to a request, and that this can be used to gauge likely price/performance.","PeriodicalId":198053,"journal":{"name":"2013 IEEE 5th International Conference on Cloud Computing Technology and Science","volume":"87 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126186585","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2013-12-02DOI: 10.1109/CloudCom.2013.78
Mohamed Mohamed, Djamel Belaïd, S. Tata
Monitoring and reconfiguration are critical issues in Cloud environments. Monitoring allows to detect violations and specific events, while reconfiguration allows to activate corrective mechanisms or runtime modifications. In this paper we propose an extension for Open Cloud Computing Interface (OCCI) to enable monitoring and reconfiguration. The extension describes the needed elements to manage (i.e., to monitor and reconfigure) cloud resources on demand. The definition entails the introduction of new OCCI Resources, Links and Mixins. We define on the one hand new types needed to monitor metrics based on a previously established SLA. On the other hand we define the needed types to reconfigure our managed resources when needed. The newly added elements are OCCI entities defined as generic Kinds, that are specialized using OCCI Mixins. Using these elements, the user is provided with a monitoring and reconfiguration infrastructure on demand. We propose herein, a real use case based on HTTP rendering showing how to establish and link the described elements of the infrastructure.
{"title":"Monitoring and Reconfiguration for OCCI Resources","authors":"Mohamed Mohamed, Djamel Belaïd, S. Tata","doi":"10.1109/CloudCom.2013.78","DOIUrl":"https://doi.org/10.1109/CloudCom.2013.78","url":null,"abstract":"Monitoring and reconfiguration are critical issues in Cloud environments. Monitoring allows to detect violations and specific events, while reconfiguration allows to activate corrective mechanisms or runtime modifications. In this paper we propose an extension for Open Cloud Computing Interface (OCCI) to enable monitoring and reconfiguration. The extension describes the needed elements to manage (i.e., to monitor and reconfigure) cloud resources on demand. The definition entails the introduction of new OCCI Resources, Links and Mixins. We define on the one hand new types needed to monitor metrics based on a previously established SLA. On the other hand we define the needed types to reconfigure our managed resources when needed. The newly added elements are OCCI entities defined as generic Kinds, that are specialized using OCCI Mixins. Using these elements, the user is provided with a monitoring and reconfiguration infrastructure on demand. We propose herein, a real use case based on HTTP rendering showing how to establish and link the described elements of the infrastructure.","PeriodicalId":198053,"journal":{"name":"2013 IEEE 5th International Conference on Cloud Computing Technology and Science","volume":"130 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129405694","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2013-12-02DOI: 10.1109/CloudCom.2013.95
S. Barouti, D. Alhadidi, M. Debbabi
Database outsourcing has gained importance in the past few years due to the emergence of the cloud computing. In Database-as-a-Service (DaaS), which is a category of cloud computing services, the database owner outsources both databases and querying services to a cloud server and clients issue queries over the database to the cloud server. In this context, privacy is a primary challenge and it is necessary to fulfill main privacy requirements of database owners and clients. This paper presents protocols for executing keyword search and aggregate SQL queries that preserve the privacy of both the client and the database owner. Client privacy is preserved such that the database owner and the cloud server cannot infer the constants contained in the query predicates. Database owner privacy is preserved such that the client cannot obtain any additional information beyond the query result. The primitives that are utilized in designing these protocols include symmetric private information retrieval and private integer comparison. We experimentally evaluate the performance of the proposed protocols and report on the experimental results.
{"title":"Symmetrically-Private Database Search in Cloud Computing","authors":"S. Barouti, D. Alhadidi, M. Debbabi","doi":"10.1109/CloudCom.2013.95","DOIUrl":"https://doi.org/10.1109/CloudCom.2013.95","url":null,"abstract":"Database outsourcing has gained importance in the past few years due to the emergence of the cloud computing. In Database-as-a-Service (DaaS), which is a category of cloud computing services, the database owner outsources both databases and querying services to a cloud server and clients issue queries over the database to the cloud server. In this context, privacy is a primary challenge and it is necessary to fulfill main privacy requirements of database owners and clients. This paper presents protocols for executing keyword search and aggregate SQL queries that preserve the privacy of both the client and the database owner. Client privacy is preserved such that the database owner and the cloud server cannot infer the constants contained in the query predicates. Database owner privacy is preserved such that the client cannot obtain any additional information beyond the query result. The primitives that are utilized in designing these protocols include symmetric private information retrieval and private integer comparison. We experimentally evaluate the performance of the proposed protocols and report on the experimental results.","PeriodicalId":198053,"journal":{"name":"2013 IEEE 5th International Conference on Cloud Computing Technology and Science","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129129161","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2013-12-02DOI: 10.1109/CloudCom.2013.149
Tobias Wüchner, Steffen Müller, R. Fischer
Cloud storage federation improves service availability and reduces vendor lock-in risks of single-provider cloud storage solutions. Federation therefore distributes and replicates data among different cloud storage providers. Missing controls on data location and distribution however introduce security and compliance issues. This paper proposes a novel approach of using data-driven usage control to preserve compliance constraints in cloud storage federation. Based on common compliance regulations and laws we provide a brief categorization of compliance problems into spatial, temporal, and qualitative requirements. In addition, we show how usage control policies can be employed to constrain federation according to these categories. To demonstrate the feasibility of our approach we evaluate security and performance of our prototypical implementation.
{"title":"Compliance-Preserving Cloud Storage Federation Based on Data-Driven Usage Control","authors":"Tobias Wüchner, Steffen Müller, R. Fischer","doi":"10.1109/CloudCom.2013.149","DOIUrl":"https://doi.org/10.1109/CloudCom.2013.149","url":null,"abstract":"Cloud storage federation improves service availability and reduces vendor lock-in risks of single-provider cloud storage solutions. Federation therefore distributes and replicates data among different cloud storage providers. Missing controls on data location and distribution however introduce security and compliance issues. This paper proposes a novel approach of using data-driven usage control to preserve compliance constraints in cloud storage federation. Based on common compliance regulations and laws we provide a brief categorization of compliance problems into spatial, temporal, and qualitative requirements. In addition, we show how usage control policies can be employed to constrain federation according to these categories. To demonstrate the feasibility of our approach we evaluate security and performance of our prototypical implementation.","PeriodicalId":198053,"journal":{"name":"2013 IEEE 5th International Conference on Cloud Computing Technology and Science","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132439036","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2013-12-02DOI: 10.1109/CloudCom.2013.64
Rasheed Hussain, Fizza Abbas, Junggab Son, Donghyun Kim, Sangjin Kim, Heekuck Oh
Inspired by the dramatic evolution of VANE clouds, this paper proposes a new VANET-cloud service called VWaaS (Vehicle Witnesses as a Service) in which vehicles moving on the road serve as anonymous witnesses of designated events such as a terrorist attack or a deadly accident. When confronted the events, a group of vehicles with mounted cameras collaborate with roadside stationary cameras to take pictures of the site of interest (SoI) around them, and send the pictures to the cloud infrastructure anonymously. The pictures are sent to the cloud in a way that the privacy of the senders can be protected, and kept by the cloud for future investigation. However, for the case that the pictures are used as an evidence of court trial, we made the privacy protection to be conditional and thus can be revoked by authorized entity(s) if necessary.
{"title":"Vehicle Witnesses as a Service: Leveraging Vehicles as Witnesses on the Road in VANET Clouds","authors":"Rasheed Hussain, Fizza Abbas, Junggab Son, Donghyun Kim, Sangjin Kim, Heekuck Oh","doi":"10.1109/CloudCom.2013.64","DOIUrl":"https://doi.org/10.1109/CloudCom.2013.64","url":null,"abstract":"Inspired by the dramatic evolution of VANE clouds, this paper proposes a new VANET-cloud service called VWaaS (Vehicle Witnesses as a Service) in which vehicles moving on the road serve as anonymous witnesses of designated events such as a terrorist attack or a deadly accident. When confronted the events, a group of vehicles with mounted cameras collaborate with roadside stationary cameras to take pictures of the site of interest (SoI) around them, and send the pictures to the cloud infrastructure anonymously. The pictures are sent to the cloud in a way that the privacy of the senders can be protected, and kept by the cloud for future investigation. However, for the case that the pictures are used as an evidence of court trial, we made the privacy protection to be conditional and thus can be revoked by authorized entity(s) if necessary.","PeriodicalId":198053,"journal":{"name":"2013 IEEE 5th International Conference on Cloud Computing Technology and Science","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126703024","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2013-12-02DOI: 10.1109/CloudCom.2013.168
Josef Spillner, A. Schill
Distributed data storage is a topic of growing importance due to the mounting pressure to find the right balance between capacity, cost, privacy and other non-functional properties. Compared to central storage on physical media, on the network or in a cloud storage service, advanced data distribution techniques offer additional safety, security and performance. On the downside, these advantages come with a much higher complexity regarding the choice and configuration of where to store which parts of the data, and subsequent verification of where which data had been stored. Often, the storage targets must be configured individually while a centrally and locally accessible configuration interface with an appropriate propagation and verification mechanism would be more suitable. The complexity is further increased by additional data pre-processing tasks which are selectively applied to some of the targets. Compression, encryption and deduplication are typically present in pre-processing. With Storage Flows, we propose a new concept to manage distributed storage flows through systematic orchestration. The flows connect clients flexibly with intermediate data pre-processing tasks and finally the storage targets. We show that Storage Flows can be formalised and demonstrate their practical usefulness with implemented configuration and verification tools.
{"title":"Orchestration of Distributed Storage Targets through Storage Flows","authors":"Josef Spillner, A. Schill","doi":"10.1109/CloudCom.2013.168","DOIUrl":"https://doi.org/10.1109/CloudCom.2013.168","url":null,"abstract":"Distributed data storage is a topic of growing importance due to the mounting pressure to find the right balance between capacity, cost, privacy and other non-functional properties. Compared to central storage on physical media, on the network or in a cloud storage service, advanced data distribution techniques offer additional safety, security and performance. On the downside, these advantages come with a much higher complexity regarding the choice and configuration of where to store which parts of the data, and subsequent verification of where which data had been stored. Often, the storage targets must be configured individually while a centrally and locally accessible configuration interface with an appropriate propagation and verification mechanism would be more suitable. The complexity is further increased by additional data pre-processing tasks which are selectively applied to some of the targets. Compression, encryption and deduplication are typically present in pre-processing. With Storage Flows, we propose a new concept to manage distributed storage flows through systematic orchestration. The flows connect clients flexibly with intermediate data pre-processing tasks and finally the storage targets. We show that Storage Flows can be formalised and demonstrate their practical usefulness with implemented configuration and verification tools.","PeriodicalId":198053,"journal":{"name":"2013 IEEE 5th International Conference on Cloud Computing Technology and Science","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125912392","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2013-12-02DOI: 10.1109/CloudCom.2013.21
Changyeon Jo, Bernhard Egger
Live migration of virtual machines (VM) from one physical host to another is a key enabler for virtual desktop clouds (VDC). The prevalent algorithm, pre-copy, suffers from long migration times and a high data transfer volume for non-idle VMs which hinders effective use of live migration in VDC environments. In this paper, we present an optimization to the pre-copy method which is able to cut the total migration time in half. The key idea is to load memory pages duplicated on non-volatile storage directly and in parallel from the attached storage device. To keep the downtime short, outstanding data is fetched by a background process after the VM has been restarted on the target host. The proposed method has been implemented in the Xen hyper visor. A thorough performance analysis of the technique demonstrates that the proposed method significantly improves the performance of live migration: the total migration time is reduced up to 90% for certain benchmarks and by 50% on average at an equal or shorter downtime of the migrated VM with no or only minimal side-effects on co-located VMs.
{"title":"Optimizing Live Migration for Virtual Desktop Clouds","authors":"Changyeon Jo, Bernhard Egger","doi":"10.1109/CloudCom.2013.21","DOIUrl":"https://doi.org/10.1109/CloudCom.2013.21","url":null,"abstract":"Live migration of virtual machines (VM) from one physical host to another is a key enabler for virtual desktop clouds (VDC). The prevalent algorithm, pre-copy, suffers from long migration times and a high data transfer volume for non-idle VMs which hinders effective use of live migration in VDC environments. In this paper, we present an optimization to the pre-copy method which is able to cut the total migration time in half. The key idea is to load memory pages duplicated on non-volatile storage directly and in parallel from the attached storage device. To keep the downtime short, outstanding data is fetched by a background process after the VM has been restarted on the target host. The proposed method has been implemented in the Xen hyper visor. A thorough performance analysis of the technique demonstrates that the proposed method significantly improves the performance of live migration: the total migration time is reduced up to 90% for certain benchmarks and by 50% on average at an equal or shorter downtime of the migrated VM with no or only minimal side-effects on co-located VMs.","PeriodicalId":198053,"journal":{"name":"2013 IEEE 5th International Conference on Cloud Computing Technology and Science","volume":"372 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121745633","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2013-12-02DOI: 10.1109/CloudCom.2013.54
P. Puzio, R. Molva, Melek Önen, Sergio Loureiro
With the continuous and exponential increase of the number of users and the size of their data, data deduplication becomes more and more a necessity for cloud storage providers. By storing a unique copy of duplicate data, cloud providers greatly reduce their storage and data transfer costs. The advantages of deduplication unfortunately come with a high cost in terms of new security and privacy challenges. We propose ClouDedup, a secure and efficient storage service which assures block-level deduplication and data confidentiality at the same time. Although based on convergent encryption, ClouDedup remains secure thanks to the definition of a component that implements an additional encryption operation and an access control mechanism. Furthermore, as the requirement for deduplication at block-level raises an issue with respect to key management, we suggest to include a new component in order to implement the key management for each block together with the actual deduplication operation. We show that the overhead introduced by these new components is minimal and does not impact the overall storage and computational costs.
{"title":"ClouDedup: Secure Deduplication with Encrypted Data for Cloud Storage","authors":"P. Puzio, R. Molva, Melek Önen, Sergio Loureiro","doi":"10.1109/CloudCom.2013.54","DOIUrl":"https://doi.org/10.1109/CloudCom.2013.54","url":null,"abstract":"With the continuous and exponential increase of the number of users and the size of their data, data deduplication becomes more and more a necessity for cloud storage providers. By storing a unique copy of duplicate data, cloud providers greatly reduce their storage and data transfer costs. The advantages of deduplication unfortunately come with a high cost in terms of new security and privacy challenges. We propose ClouDedup, a secure and efficient storage service which assures block-level deduplication and data confidentiality at the same time. Although based on convergent encryption, ClouDedup remains secure thanks to the definition of a component that implements an additional encryption operation and an access control mechanism. Furthermore, as the requirement for deduplication at block-level raises an issue with respect to key management, we suggest to include a new component in order to implement the key management for each block together with the actual deduplication operation. We show that the overhead introduced by these new components is minimal and does not impact the overall storage and computational costs.","PeriodicalId":198053,"journal":{"name":"2013 IEEE 5th International Conference on Cloud Computing Technology and Science","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125096455","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: