Carp: A cost-aware relaxed protocol for encrypted data stores. (August 2020)
- Record Type:
- Journal Article
- Title:
- Carp: A cost-aware relaxed protocol for encrypted data stores. (August 2020)
- Main Title:
- Carp: A cost-aware relaxed protocol for encrypted data stores
- Authors:
- Chen, Longbin
Chen, Li-Chiou
Nassar, Nader - Abstract:
- Abstract: Distributed data stores are critical to the success of applications in cloud. Massive volumes of user data are stored and processed with the support of underlying distributed data stores. With large amounts of data stored remotely in the cloud, security becomes a major concern. Authentication and access control are provided by cloud storage providers. But even with proper authentication and access control policies, storage systems are still vulnerable to attackers who have direct access to storage devices such as disks. Encryption makes it computational difficult to retrieve the original data even when the attackers have the access to the disks. However, there are many challenges in designing an encrypted distributed data store that is highly secure and cost-aware. In this paper, we show that security flexibility and cost efficiency can be achieved at the same time. We present Carp, a cost- aware relaxed protocol for encrypted data stores. Carp is a heuristic solution instead of an optimal one. The key idea is to reduce additional encryption operations for frequently accessed data. It is achieved by allowing data objects stay unencrypted for a short time period after the data are accessed. Reducing encryption operations eventually means reducing the computational cost and power consumption in the data store. Unlike conventional encrypted file systems which store data encryption keys on disks, we present a hybrid design of key generation and caching. Data encryptionAbstract: Distributed data stores are critical to the success of applications in cloud. Massive volumes of user data are stored and processed with the support of underlying distributed data stores. With large amounts of data stored remotely in the cloud, security becomes a major concern. Authentication and access control are provided by cloud storage providers. But even with proper authentication and access control policies, storage systems are still vulnerable to attackers who have direct access to storage devices such as disks. Encryption makes it computational difficult to retrieve the original data even when the attackers have the access to the disks. However, there are many challenges in designing an encrypted distributed data store that is highly secure and cost-aware. In this paper, we show that security flexibility and cost efficiency can be achieved at the same time. We present Carp, a cost- aware relaxed protocol for encrypted data stores. Carp is a heuristic solution instead of an optimal one. The key idea is to reduce additional encryption operations for frequently accessed data. It is achieved by allowing data objects stay unencrypted for a short time period after the data are accessed. Reducing encryption operations eventually means reducing the computational cost and power consumption in the data store. Unlike conventional encrypted file systems which store data encryption keys on disks, we present a hybrid design of key generation and caching. Data encryption keys are generated for individual objects or a group of them using cryptographic hashing. We develop a prototype data store and conduct experiments. The experimental results show that Carp can reduce up to 20% encryption operations with high-level security. … (more)
- Is Part Of:
- Journal of information security and applications. Volume 53(2020)
- Journal:
- Journal of information security and applications
- Issue:
- Volume 53(2020)
- Issue Display:
- Volume 53, Issue 2020 (2020)
- Year:
- 2020
- Volume:
- 53
- Issue:
- 2020
- Issue Sort Value:
- 2020-0053-2020-0000
- Page Start:
- Page End:
- Publication Date:
- 2020-08
- Subjects:
- Distributed data store -- Data encryption -- Cost efficiency
Computer security -- Periodicals
Information technology -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/ ↗
- DOI:
- 10.1016/j.jisa.2020.102501 ↗
- Languages:
- English
- ISSNs:
- 2214-2126
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 13392.xml