An Adaptive Authenticated Data Structure With Privacy-Preserving for Big Data Stream in Cloud

Sun, Yuchao; Liu, Qian; Du, Xuehui

doi:10.1109/tifs.2020.2986879

Cited by 47 publications

(22 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In addition, the recent big data stream growth, which transfers huge quantities of data between thousands of servers [8,9], makes it more complicated for the spoofed address verification. us, how to ensure the integrity of big data streams in SDN-based data center networks without affecting normal communications SDNbased networks has taken a crucial role when performing policy-based communications in the SDN-based data center networks [10].…”

Section: Introductionmentioning

confidence: 99%

An Adaptive Authenticated Model for Big Data Stream SAVI in SDN-Based Data Center Networks

Zhou

Liu

2021

Security and Communication Networks

View full text Add to dashboard Cite

With the rapid development of data-driven and bandwidth-intensive applications in the Software Defined Networking (SDN) northbound interface, big data stream is dynamically generated with high growth rates in SDN-based data center networks. However, a significant issue faced in big data stream communication is how to verify its authenticity in an untrusted environment. The big data stream traffic has the characteristics of security sensitivity, data size randomness, and latency sensitivity, putting high strain on the SDN-based communication system during larger spoofing events in it. In addition, the SDN controller may be overloaded under big data stream verification conditions on account of the fast increase of bandwidth-intensive applications and quick response requirements. To solve these problems, we propose a two-phase adaptive authenticated model (TAAM) by introducing source address validation implementation- (SAVI-) based IP source address verification. The model realizes real-time data stream address validation and dynamically reduces the redundant verification process. A traffic adaptive SAVI that utilizes a robust localization method followed by the Sequential Probability Ratio Test (SPRT) has been proposed to ensure differentiated executions of the big data stream packets forwarding and the spoofing packets discarding. The TAAM model could filter out the unmatched packets with better packet forwarding efficiency and fundamental security characteristics. The experimental results demonstrate that spoofing attacks under big data streams can be directly mitigated by it. Compared with the latest methods, TAAM can achieve desirable network performance in terms of transmission quality, security guarantee, and response time. It drops 97% of the spoofing attack packets while consuming only 9% of the controller CPU utilization on average.

show abstract

Section: Introductionmentioning

confidence: 99%

An Adaptive Authenticated Model for Big Data Stream SAVI in SDN-Based Data Center Networks

Zhou

Liu

2021

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…While supporting dynamic data operations, privacy protection issues still need to be considered. Sun et al [27] proposed a privacy protection method in the cloud big data streaming environment. However, Li et al [28] proved that the scheme could not resist the untrusted CSP.…”

Section: B Related Workmentioning

confidence: 99%

Identity-Based Privacy Preserving Remote Data Integrity Checking With a Designated Verifier

2022

View full text Add to dashboard Cite

The remote data possession checking mechanism can effectively verify the integrity of outsourced data, which can usually be divided into public verification and private verification. The verifier of public verification can be any cloud user, while private verification can only be the data owner. However, in most practical situations, the data owner expects that only a specific verifier can perform integrity checking tasks and that verifier cannot gain any knowledge about the data. Yan et al. proposed a remote data possession checking scheme with the designated verifier, which can guarantee that only the designated verifier can check data integrity, whereas others cannot do it. However, this scheme relies on public key infrastructure technology and does not consider data privacy protection issues. To overcome these shortcomings, we propose an identity-based remote data possession checking scheme that satisfies the data owner's requirement to specify a unique verifier. Moreover, in this scheme, we use a random integer to blind data integrity proof to protect data privacy and use Merkle hash tree structure to achieve dynamic update of data. At the same time, our scheme can avoid the complex certificate management in public key infrastructure. We proved the safety of our scheme based on the discrete logarithm assumption and the computational Diffie-Hellman assumption. Theoretical analysis and experimental results show that our scheme is feasible and effective in practical applications. Identity-based cryptography, designated verifier, privacy protection, data dynamics. INDEX TERMS

show abstract

“…It means [92] shows that Privacy-Preserving public auditing protocol proposed by Liu et al [93] for regenerating-code-based cloud storage is not secure since the proxy delegated by data owner can forge authenticators for any data block. Li et al [94] commented on data auditing system called P-ATHAT proposed by Sun et al [95]. P-ATHAT consists of two schemes: Tree-based private auditing: User need to download the entire data to audit the data integrity.…”

Section: ) Lightweight and Privacy_preserving Public Auditing Using Iomentioning

confidence: 99%

Towards Lightweight Provable Data Possession for Cloud Storage Using Indistinguishability Obfuscation

Chaudhari

Swain

2022

IEEE Access

View full text Add to dashboard Cite

Cloud Computing has proved to be a boon for many individuals and organizations who cannot afford infrastructure and maintenance cost of resources. But the untrusted nature of Cloud Server (CS) brings many challenges related to security and trust. Public auditing is one process that enables users to delegate the integrity verification of outsourced data to external party such as Third-Party Auditor (TPA). Provable Data Possession (PDP) is one approach of auditing that can verify the integrity using cryptographic algorithms. Many PDP schemes are based on bilinear pairing and homomorphic authenticators that involves complex computations that leads to increased verification time. The lightweight auditing processes is a need today using modern cryptographic techniques. Indistinguishability Obfuscation (IO) is one of the modern but weaker primitive that, if used with one-way functions, provide multiple cryptographic constructs. Sahai and Waters proposed construction of cryptographic constructs using IO. Zhang et al. proposed lightweight public auditing scheme using these IO. But still there are many goals to achieve such as group support, collusion handling, privacy-preserving etc. using IO. In this paper, we are trying to explore these issues and lists future research directions in this field. INDEX TERMSPublic Auditing, Provable Data Possession, Homomorphic verifiable Tags, Indistinguishability Obfuscation. I. INTRODUCTION Evolution in the field of computer technology and Internetbased services open up the era of Cloud Computing. Highspeed processors with improved service computing architecture led to the development of large data centers.Flexible and increased network bandwidth enables a client to access or subscribe to data and services from remote data centers. This improved computing architecture helps many organizations or individuals to expand their businesses without any investment in infrastructure and maintenance costs. This paradigm mainly provides services in computing and storage. Multiple computing resources are easily assigned and released to cloud users based on their needs. Cloud datastore is one of the widely used services among cloud users. Cloud users can easily store and share information on cloud storage. Although it provides a promising platform, this paradigm has brought many security and performance issues with it. The main concern is that of integrity verification of outsourced data at remote

show abstract

An Adaptive Authenticated Data Structure With Privacy-Preserving for Big Data Stream in Cloud

Cited by 47 publications

References 40 publications

An Adaptive Authenticated Model for Big Data Stream SAVI in SDN-Based Data Center Networks

An Adaptive Authenticated Model for Big Data Stream SAVI in SDN-Based Data Center Networks

Identity-Based Privacy Preserving Remote Data Integrity Checking With a Designated Verifier

Towards Lightweight Provable Data Possession for Cloud Storage Using Indistinguishability Obfuscation

Contact Info

Product

Resources

About