Pipeline-integrity: Scaling the use of authenticated data structures up to the cloud

Pennino Diego; Pizzonia Maurizio; Griscioli Federico

首页> 外文期刊>Future generation computer systems >Pipeline-integrity: Scaling the use of authenticated data structures up to the cloud

【24h】

Pipeline-integrity: Scaling the use of authenticated data structures up to the cloud

机译：管道完整性：将经过身份验证的数据结构的使用扩展到云端

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

Public cloud storage services are widely adopted for their scalability and low cost. However, delegating the management of the storage has serious implications from the security point of view. We focus on integrity verification of query results based on the use of Authenticated Data Structures (ADS). An ADS enables efficient updates of a cryptographic digest, when data changes, and efficient query verification against this digest. Since, the digest can be updated (and usually signed) exclusively with the intervention of a trusted party, the adoption of this approach is source of a serious performance degradation, in particular when the trusted party is far from the server that stores the ADS.In this paper, we show a protocol for a key-value storage service that provides ADS-enabled integrity-protected queries and updates without impairing scalability, even in the presence of large network latencies between trusted clients and an untrusted server. Our solution complies with the principle of the cloud paradigm in which services should be able to arbitrarily scale with respect to number of clients, requests rates, and data size keeping response time limited. We formally prove that our approach is able to detect server misbehaviour in a setting whose consistency rules are only slightly weaker than those guaranteed by previous results. We provide experimental evidence for the feasibility and scalability of our approach. (C) 2019 Elsevier B.V. All rights reserved.

机译：公共云存储服务因其可扩展性和低成本而被广泛采用。但是，从安全角度来看，委派存储管理具有严重的意义。我们专注于基于身份验证数据结构（ADS）的查询结果的完整性验证。当数据更改时，ADS可以高效地更新密码摘要，并针对该摘要进行有效的查询验证。由于摘要只能在受信任方的干预下进行更新（通常是签名），因此采用此方法会严重降低性能，尤其是在受信任方远离存储ADS的服务器时。在本文中，我们展示了一种用于键值存储服务的协议，该协议可提供启用ADS的完整性受保护的查询和更新，而不会损害可伸缩性，即使在受信任的客户端和不受信任的服务器之间存在较大的网络延迟的情况下。我们的解决方案符合云范式的原则，在该范式中，服务应能够根据客户端数量，请求速率和数据大小任意扩展，从而使响应时间受到限制。我们正式证明了我们的方法能够在一致性规则仅比先前结果所保证的弱一些的情况下检测服务器的不良行为。我们为该方法的可行性和可扩展性提供实验证据。（C）2019 Elsevier B.V.保留所有权利。

著录项

来源
《Future generation computer systems》 |2019年第11期|618-647|共30页
作者
Pennino Diego; Pizzonia Maurizio; Griscioli Federico;
展开▼
作者单位

Univ Roma Tre Dipartimento Ingn Sez Informat & Automaz Via Vasca Navale 79 I-00146 Rome Italy;

展开▼
收录信息美国《科学引文索引》(SCI);美国《工程索引》(EI);
原文格式 PDF
正文语种 eng
中图分类
关键词
Authenticated data structures; Scalability; Cloud; Integrity; Pipeline; Fork-linearisability;

机译：认证数据结构;可扩展性;云;诚信管道;货叉线性度;

相似文献

外文文献
中文文献
专利

1. Efficient and Scalable Query Authentication for Cloud-Based Storage Systems with Multiple Data Sources [J] . Santosh Chandrasekhar, Mukesh Singhal Services Computing, IEEE Transactions on . 2017,第4期

机译：具有多个数据源的基于云的存储系统的高效且可扩展的查询身份验证
2. Provably secure authentication approach for data security in the cloud using hashing, encryption, and Chebyshev-based authentication [J] . Ahamad Danish, Akhtar Md Mobin, Hameed Shabi Alam, International journal of electronic security and digital forensics . 2021,第5期

机译：使用散列，加密和基于Chebyshev的身份验证，云中的数据安全性的证明安全身份验证方法
3. Scalable data management for map-reduce-based data-intensive applications: a view for cloud and hybrid infrastructures [J] . Gabriel Antoniu, Alexandru Costan, Julien Bigot, International Journal of Cloud Computing . 2013,第2a3期

机译：适用于基于地图缩减的数据密集型应用程序的可扩展数据管理：云和混合基础架构的视图
4. An Authentication Data Structure of Provable Data Possession with Dynamic Data Operation in Cloud Computing [C] . Hongyun Xu, Jiesi Jiang, Cheng Xu International workshops on security, privacy, and anonymity in computation, communication, and storage;International workshop on trust, security, and privacy for big data;International symposium on trust, security, and privacy for emerging applications;International workshop on network optimization and performance evaluation;International symposium on depandablity in sensor, cloud, and big data systems, and applications;Annual big data security, privacy, and trust workshop;International workshop on cloud storage service and computing . 2016

机译：云计算中具有动态数据操作的可证明数据拥有身份验证数据结构
5. Scalable parallel computing on clouds: Efficient and scalable architectures to perform pleasingly parallel, MapReduce and iterative data intensive computations on cloud environments. [D] . Gunarathne, Thilina. 2014

机译：云上的可伸缩并行计算：高效且可伸缩的架构，可在云环境上执行令人满意的并行，MapReduce和迭代式数据密集型计算。
6. Scalable Data Model for Traffic Congestion Avoidance in a Vehicle to Cloud Infrastructure [O] . Ioan Stan, Vasile Suciu, Rodica Potolea 2021

机译：用于云基础设施的车辆中交通拥堵避免的可扩展数据模型
7. LogBase: A Scalable Log-structured Database System in the Cloud [O] . Vo, Hoang Tam, Wang, Sheng, Agrawal, Divyakant, 2012

机译：LogBase：云中可扩展的日志结构数据库系统

Pipeline-integrity: Scaling the use of authenticated data structures up to the cloud

摘要

著录项

相似文献

相关主题

期刊订阅