EStore: A User-Friendly Encrypted Storage Scheme for Distributed File Systems
Author:
Chen Yuxiang123ORCID, Dong Guishan13, Xu Chunxiang1, Hao Yao23, Zhao Yue23ORCID
Affiliation:
1. School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu 611731, China 2. Science and Technology on Communication Security Laboratory, Chengdu 610041, China 3. No. 30 Institute, China Electronics Technology Group Corporation, Chengdu 610041, China
Abstract
In this paper, we propose a user-friendly encrypted storage scheme named EStore, which is based on the Hadoop distributed file system. Users can make use of cloud-based distributed file systems to collaborate with each other. However, most data are processed and stored in plaintext, which is out of the owner’s control after it has been uploaded and shared. Meanwhile, simple encryption guarantees the confidentiality of uploaded data but reduces availability. Furthermore, it is difficult to deal with complex key management as there is the problem whereby a single key encrypts different files, thus increasing the risk of leakage. In order to solve the issues above, we put forward an encrypted storage model and a threat model, designed with corresponding system architecture to cope with these requirements. Further, we designed and implemented six sets of protocols to meet users’ requirements for security and use. EStore manages users and their keys through registration and authentication, and we developed a searchable encryption module and encryption/decryption module to support ciphertext retrieval and secure data outsourcing, which will only minimally increase the calculation overhead of the client and storage redundancy. Users are invulnerable compared to the original file system. Finally, we conducted a security analysis of the protocols to demonstrate that EStore is feasible and secure.
Funder
Sichuan Province’s Key Research and Development Plan “Research and Application of Ciphertext Computing for Multi-data Sources”
Subject
Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry
Reference47 articles.
1. Colombo, P., and Ferrari, E. (2018, January 13–15). Access control in the era of big data: State of the art and research directions. Proceedings of the 23rd ACM on Symposium on Access Control Models and Technologies, Indianapolis, IN, USA. 2. Gupta, M., Patwa, F., and Sandhu, R. (2017, January 21–23). POSTER: Access control model for the hadoop ecosystem. Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies, Indianapolis, IN, USA. 3. Next-generation big data federation access control: A reference model;Awaysheh;Future Gener. Comput. Syst.,2020 4. Ugobame, U.U., Schneider, K.A., and Hosseinzadeh, K.S. (August, January 30). Blockchain access control ecosystem for big data security. Proceedings of the 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data, Halifax, NS, Canada. 5. Overview on security issues and solutions of Hadoop big data platform;Chen;Comput. Syst. Appl.,2018
|
|