Towards a Trusted Hadoop Storage Platform: Design Considerations of an AES Based Encryption Scheme with TPM Rooted Key Protections

机译：迈向受信任的Hadoop存储平台：具有TPM根密钥保护的基于AES的加密方案的设计考虑因素

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

This paper will examine the concept of combining trusted computing technologies with the Apache Hadoop Distributed File System (HDFS) in an effort to address concerns of data confidentiality and integrity. We discuss a motivation and address a set of common security concerns within HDFS through infrastructure and software involving data-at-rest encryption and integrity validation. To accomplish these goals, we make use of technology from the Trusted Computing Group (TCG), such as the pervasively available Trusted Platform Module (TPM). In addition, we discuss our design considerations in building an encryption framework for Hadoop in a trustworthy manner, and results of our experiments creating an encryption scheme for Hadoop utilizing hardware key protections and AES-NI for encryption acceleration. As part of this design we examine the recently implemented crypto framework for Hadoop and independently test the performance claims of AES-NI to mitigate performance overhead.

机译：本文将研究将可信计算技术与Apache Hadoop分布式文件系统（HDFS）相结合的概念，以解决对数据机密性和完整性的担忧。我们讨论了动机，并通过涉及静态数据加密和完整性验证的基础架构和软件解决了HDFS中的一系列常见安全问题。为了实现这些目标，我们利用了可信计算小组（TCG）的技术，例如普遍使用的可信平台模块（TPM）。另外，我们讨论了以可信赖的方式为Hadoop构建加密框架时的设计注意事项，以及我们的实验结果，这些实验为使用硬件密钥保护和AES-NI进行Hadoop加密加速的Hadoop创建了加密方案。作为此设计的一部分，我们检查了最近为Hadoop实施的加密框架，并独立测试AES-NI的性能要求以减轻性能开销。

著录项

来源
《IEEE 10th International Conference on Ubiquitous Intelligence and Computing; IEEE 10th International Conference on Autonomic and Trusted Computing》|2013年|444-451|共8页
会议地点 Sorrento Peninsula(IT)
作者
Cohen J.; Acharya S.;
展开▼
作者单位

Dept. of Comput. Inf. Sci., Towson Univ./Hewlett Packard Co., Towson, MD, USAc;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类
关键词
AES-NI; Encryption; HDFS; Hadoop; Trusted Computing;

机译：AES-NI;加密; HDFS; Hadoop;可信计算;;

相似文献

外文文献
中文文献
专利

1. Towards a trusted HDFS storage platform: Mitigating threats to Hadoop infrastructures using hardware-accelerated encryption with TPM-rooted key protection [J] . Jason C. Cohen, Subrata Acharya Information Security Technical Report . 2014,第3期

机译：迈向受信任的HDFS存储平台：使用硬件加速加密和基于TPM的密钥保护，减轻对Hadoop基础架构的威胁
2. Efficient ID-based TPM key loading scheme for trusted platform [J] . SONG Cheng, LIU Bing, HU Zheng-ming, 中国邮电高校学报（英文版） . 2010,第004期
3. Efficient ID-based TPM key loading scheme for trusted platform [J] . SONG Cheng, LIU Bing, HU Zheng-ming, 中国邮电高校学报：英文版 . 2010,第004期

机译：高效的基于ID的可信平台TPM密钥加载方案
4. Towards a Trusted Hadoop Storage Platform: Design Considerations of an AES Based Encryption Scheme with TPM Rooted Key Protections [C] . Cohen J., Acharya S. IEEE International Conference on Autonomic and Trusted Computing . 2013

机译：朝着受信任的Hadoop存储平台：使用TPM rooted密钥保护设计基于AES加密方案的考虑因素
5. Message authentication in an identity-based encryption scheme: 1-Key-Encrypt-Then-MAC. [D] . Amento, Brittanney Jaclyn. 2010

机译：基于身份的加密方案中的消息身份验证：1-Key-Encrypt-Then-MAC。
6. eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology [O] . Haonan Sun, Rongyu He, Yong Zhang, 2018

机译：eTPM：基于英特尔SGX技术的可信云平台飞地TPM方案
7. eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology [O] . Haonan Sun, Rongyu He, Yong Zhang, 2018

机译：ETPM：基于Intel SGX技术的可信云平台入围TPM方案

Towards a Trusted Hadoop Storage Platform: Design Considerations of an AES Based Encryption Scheme with TPM Rooted Key Protections

摘要

著录项

相似文献

相关主题

期刊订阅