Security and Privacy Aspects in MapReduce on Clouds: A Survey

MapReduce is a programming system for distributed processing large-scale data in an efficient and fault tolerant manner on a private, public, or hybrid cloud. MapReduce is extensively used daily around the world as an efficient distributed computation tool for a large class of problems, e.g., search, clustering, log analysis, different types of join operations, matrix multiplication, pattern matching, and analysis of social networks. Security and privacy of data and MapReduce computations are essential concerns when a MapReduce computation is executed in public or hybrid clouds. In order to execute a MapReduce job in public and hybrid clouds, authentication of mappers-reducers, confidentiality of data-computations, integrity of data-computations, and correctness-freshness of the outputs are required. Satisfying these requirements shield the operation from several types of attacks on data and MapReduce computations. In this paper, we investigate and discuss security and privacy challenges and requirements, considering a variety of adversarial capabilities, and characteristics in the scope of MapReduce. We also provide a review of existing security and privacy protocols for MapReduce and discuss their overhead issues.Comment: Accepted in Elsevier Computer Science Revie

Slack Squeeze Coded Computing for Adaptive Straggler Mitigation

While performing distributed computations in today's cloud-based platforms, execution speed variations among compute nodes can significantly reduce the performance and create bottlenecks like stragglers. Coded computation techniques leverage coding theory to inject computational redundancy and mitigate stragglers in distributed computations. In this paper, we propose a dynamic workload distribution strategy for coded computation called Slack Squeeze Coded Computation ($S^2C^2$). $S^2C^2$ squeezes the compute slack (i.e., overhead) that is built into the coded computing frameworks by efficiently assigning work for all fast and slow nodes according to their speeds and without needing to re-distribute data. We implement an LSTM-based speed prediction algorithm to predict speeds of compute nodes. We evaluate $S^2C^2$ on linear algebraic algorithms, gradient descent, graph ranking, and graph filtering algorithms. We demonstrate 19% to 39% reduction in total computation latency using $S^2C^2$ compared to job replication and coded computation. We further show how $S^2C^2$ can be applied beyond matrix-vector multiplication.Comment: 13 pages, SC 201

Model of solutions for data security in Cloud Computing

The aim of this paper is to develop a model to ensure data stored in the cloud. Model based on situations that arise in a business environment. The model also includes individual participants and their data operations. Implementation of the model is transferred using UML. The model is divided into 7 modules. Each module is apparent from the terms of data security and described specific situations when working with data. Based on this model it is possible to convert the implementation of cloud into enterprise environments with respect to data security in the firm

Secured Data Consistency and Storage Way in Untrusted Cloud using Server Management Algorithm

It is very challenging part to keep safely all required data that are needed in many applications for user in cloud. Storing our data in cloud may not be fully trustworthy. Since client doesn't have copy of all stored data, he has to depend on Cloud Service Provider. But dynamic data operations, Read-Solomon and verification token construction methods don't tell us about total storage capacity of server allocated space before and after the data addition in cloud. So we have to introduce a new proposed system of efficient storage measurement and space comparison algorithm with time management for measuring the total allocated storage area before and after the data insertion in cloud. So by using our proposed scheme, the value or weight of stored data before and after is measured by client with specified time in cloud storage area with accuracy. And here we also have proposed the multi-server restore point in server failure condition. If there occurs any server failure, by using this scheme the data can be recovered automatically in cloud server. Our proposed scheme efficiently checks space for the in-outsourced data to maintain integrity. Here the TPA necessarily doesn't have the delegation to audit user's data.Comment: 6 pages,3 figures. I am the only author of this title and related information; International Journal of Computer Applications (0975 - 8887) Volume 31- No.6, October 201

LT Codes For Efficient and Reliable Distributed Storage Systems Revisited

LT codes and digital fountain techniques have received significant attention from both academics and industry in the past few years. There have also been extensive interests in applying LT code techniques to distributed storage systems such as cloud data storage in recent years. However, Plank and Thomason's experimental results show that LDPC code performs well only asymptotically when the number of data fragments increases and it has the worst performance for small number of data fragments (e.g., less than 100). In their INFOCOM 2012 paper, Cao, Yu, Yang, Lou, and Hou proposed to use exhaustive search approach to find a deterministic LT code that could be used to decode the original data content correctly in distributed storage systems. However, by Plank and Thomason's experimental results, it is not clear whether the exhaustive search approach will work efficiently or even correctly. This paper carries out the theoretical analysis on the feasibility and performance issues for applying LT codes to distributed storage systems. By employing the underlying ideas of efficient Belief Propagation (BP) decoding process in LT codes, this paper introduces two classes of codes called flat BP-XOR codes and array BP-XOR codes (which can be considered as a deterministic version of LT codes). We will show the equivalence between the edge-colored graph model and degree-one-and-two encoding symbols based array BP-XOR codes. Using this equivalence result, we are able to design general array BP-XOR codes using graph based results. Similarly, based on this equivalence result, we are able to get new results for edge-colored graph models using results from array BP-XOR codes

Vehicle as a Resource (VaaR)

Intelligent vehicles are considered key enablers for intelligent transportation systems. They are equipped with resources/components to enable services for vehicle occupants, other vehicles on the road, and third party recipients. In-vehicle sensors, communication modules, and on-board units with computing and storage capabilities allow the intelligent vehicle to work as a mobile service provider of sensing, data storage, computing, cloud, data relaying, infotainment, and localization services. In this paper, we introduce the concept of Vehicle as a Resource (VaaR) and shed light on the services a vehicle can potentially provide on the road or parked. We anticipate that an intelligent vehicle can be a significant service provider in a variety of situations, including emergency scenarios

Data protection by means of fragmentation in various different distributed storage systems - a survey

This paper analyzes various distributed storage systems that use data fragmentation and dispersal as a way of protection.Existing solutions have been organized into two categories: bitwise and structurewise. Systems from the bitwise category are operating on unstructured data and in a uniform environment. Those having structured input data with predefined confidentiality level and disposing of a heterogeneous environment in terms of machine trustworthiness were classified as structurewise. Furthermore, we outline high-level requirements and desirable architecture traits of an eficient data fragmentation system, which will address performance (including latency), availability, resilience and scalability.Comment: arXiv admin note: text overlap with arXiv:1512.0295

Applications of Blockchain Technology beyond Cryptocurrency

Blockchain (BC), the technology behind the Bitcoin crypto-currency system, is considered to be both alluring and critical for ensuring enhanced security and (in some implementations, non-traceable) privacy for diverse applications in many other domains including in the Internet of Things (IoT) eco-system. Intensive research is currently being conducted in both academia and industry applying the Blockchain technology in multifarious applications. Proof-of-Work (PoW), a cryptographic puzzle, plays a vital role in ensuring BC security by maintaining a digital ledger of transactions, which is considered to be incorruptible. Furthermore, BC uses a changeable Public Key (PK) to record the users' identity, which provides an extra layer of privacy. Not only in cryptocurrency has the successful adoption of BC been implemented but also in multifaceted non-monetary systems such as in: distributed storage systems, proof-of-location, healthcare, decentralized voting and so forth. Recent research articles and projects/applications were surveyed to assess the implementation of BC for enhanced security, to identify associated challenges and to propose solutions for BC enabled enhanced security systems

Enhancing Byzantine fault tolerance using MD5 checksum and delay variation in Cloud services

Cloud computing management are beyond typical human narratives. However if a virtual system is not effectively designed to tolerate Byzantine faults, it could lead to a faultily executed mission rather than a cloud crash. The cloud could recover from the crash but it could not recover from the loss of credibility. Moreover no amount of replication or fault handling measures can be helpful in facing a Byzantine fault unless the virtual system is designed to detect, tolerate and eliminate such faults. However research efforts that are made to address Byzantine faults have not provided convincing solutions vastly due to their limited capabilities in detecting the Byzantine faults. As a result, in this paper the Cloud system is modeled as a discrete system to determine the virtual system behavior at varying time intervals. A delay variation variable as a measure of deviation for the expected processing delay associated with the virtual nodes takes values from the set of P {low, normal, high, extreme}. Similarly, a check sum error variable which is even computed for intra nodes that have no attachment to TCP/IP stack takes values from the set of P {no error, error}. These conditions are then represented by the occurrence of faulty events that cause specific component mode transition from fail safe to fail-stop or byzantine prone.Comment: 22 page

Initial Service Provider DevOps concept, capabilities and proposed tools

This report presents a first sketch of the Service Provider DevOps concept including four major management processes to support the roles of both service and VNF developers as well as the operator in a more agile manner. The sketch is based on lessons learned from a study of management and operational practices in the industry and recent related work with respect to management of SDN and cloud. Finally, the report identifies requirements for realizing SP-DevOps within an combined cloud and transport network environment as outlined by the UNIFY NFV architecture.Comment: Deliverable D4.1 of the EU FP7 UNIFY project (ICT-619609)-"Initial requirements for the SP-DevOps concept, Universal Node capabilities and proposed tools". Original Deliverable published at https://www.fp7-unify.eu/files/fp7-unify-eu-docs/Results/Deliverables/UNIFY_D4.1%20Initial%20requirements%20for%20the%20SP-DevOps%20concept,%20universal%20node%20capabilities%20and%20proposed%20tools.pd