机构地区:[1]College of Computer Science, Faculty of Information Technology, Beijing University of Technology, Beijing, China [2]Beijing Key Laboratory of Trusted Computing, Beijing, China [3]National Engineering Laboratory for Critical Technologies of Information Security Classified Protection, Beijing, China
出 处:《China Communications》2018年第2期122-137,共16页中国通信(英文版)
基 金:partially supported by grants from the China 863 High-tech Program (Grant No. 2015AA016002);the Specialized Research Fund for the Doctoral Program of Higher Education (Grant No. 20131103120001);the National Key Research and Development Program of China (Grant No. 2016YFB0800204);the National Science Foundation of China (No. 61502017);the Scientific Research Common Program of Beijing Municipal Commission of Education (KM201710005024)
摘 要:Cloud computing is very useful for big data owner who doesn't want to manage IT infrastructure and big data technique details. However, it is hard for big data owner to trust multi-layer outsourced big data system in cloud environment and to verify which outsourced service leads to the problem. Similarly, the cloud service provider cannot simply trust the data computation applications. At last,the verification data itself may also leak the sensitive information from the cloud service provider and data owner. We propose a new three-level definition of the verification, threat model, corresponding trusted policies based on different roles for outsourced big data system in cloud. We also provide two policy enforcement methods for building trusted data computation environment by measuring both the Map Reduce application and its behaviors based on trusted computing and aspect-oriented programming. To prevent sensitive information leakage from verification process,we provide a privacy-preserved verification method. Finally, we implement the TPTVer, a Trusted third Party based Trusted Verifier as a proof of concept system. Our evaluation and analysis show that TPTVer can provide trusted verification for multi-layered outsourced big data system in the cloud with low overhead.Cloud computing is very useful for big data owner who doesn't want to manage IT infrastructure and big data technique de- tails. However, it is hard for big data owner to trust multi-layer outsourced big data system in cloud environment and to verify which outsourced service leads to the problem. Simi- larly, the cloud service provider cannot simply trust the data computation applications. At last, the verification data itself may also leak the sensitive information from the cloud service provider and data owner. We propose a new three-level definition of the verification, threat model, corresponding trusted policies based on different roles for outsourced big data system in cloud. We also provide two policy enforcement methods for building trusted data computation environment by measuring both the MapReduce application and its behaviors based on trusted computing and aspect-ori- ented programming. To prevent sensitive in- formation leakage from verification process, we provide a privacy-preserved verification method. Finally, we implement the TPTVer, a Trusted third Party based Trusted Verifier as a proof of concept system. Our evaluation and analysis show that TPTVer can provide trusted verification for multi-layered outsourced big data system in the cloud with low overhead.
关 键 词:big data security outsourced ser-vice security MapReduce behavior trustedverification trusted third party
分 类 号:TP311.13[自动化与计算机技术—计算机软件与理论] TP393.1[自动化与计算机技术—计算机科学与技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
