Sunday, 14 July 2013

5 papers reviewed:
Divyakant Agrawal, Sudipto Das, and Amr El Abbadi. 2011. Big data and cloud computing: current state and future opportunities. In Proceedings of the 14th International Conference on Extending Database Technology (EDBT/ICDT '11), Anastasia Ailamaki, Sihem Amer-Yahia, Jignesh Pate, Tore Risch, Pierre Senellart, and Julia Stoyanovich (Eds.). ACM, New York, NY, USA, 530-533. DOI=10.1145/1951365.1951432

Key points:

  • Provides summary of the current state of big data
    • Provides study of big data and an in-depth analysis supporting update heavy applications
    • Provides study of big data supporting systems with ad-hoc analytics and decision support.
    • Key-Value stores very popular for big data and using tools such as Hadoop
  • Strengths/Weakness:
    • Provides summary of big data used in update heavy web applications and in analytics and decision support for competitive marketing.
    • Tutorial not extensive enough and not clear enough.

Christian Cachin, Kristiyan Haralambiev, Hsu-Chun Hsiao, and Alessandro Sorniotti. Policy-based secure deletion. Research Report RZ 3843, IBM Research, 2013.

Key points:

  • How to securely delete data from storage systems
    • Modern storage systems do not reliably destroy stored data and leave traces.
    • Users would like to control how data is deleted since storage systems usually still leave traces of data even after a deletion operation is called.
    • Introduces a secure deletion scheme from encryption and threshold secret sharing
    • Stored data is grouped into protection classes, and attributes control the selective erasure of data through a policy.
    • A set of attributes is given as arguments to the secure deletion scheme, the scheme then sets corresponding nodes in the graph to TRUE and at master key update, corresponding files will no longer be accessible.
    • Also presents a prototype implementation of secure deletion scheme.
  • Strengths/Weakness:
    • Useful way to delete a large number of files quickly.
    • Eventually, there will be a clutter of illegible data stored in storage systems making it slightly inefficient.
    • Also, an attacker may attempt brute force attacks to eventually decrypt the data.

Changqing Ji; Yu Li; Wenming Qiu; Awada, U.; Keqiu Li, "Big Data Processing in Cloud Computing Environments," Pervasive Systems, Algorithms and Networks (ISPAN), 2012 12th International Symposium on , vol., no., pp.17,23, 13-15 Dec. 2012
doi: 10.1109/I-SPAN.2012.9

Key points:

  • Effective management and analysis of large-scale data poses an interesting and critical challenge.
    • DBMS’s are not suitable for processing extremely large scale data.
    • A Big Data platform is needed.
    • Provides status of big data studies and related works which provides general view of big data management technologies and applications.
    • Provides overview of major approaches of big data such as MapReduce
    • Discusses open issues and challenges of processing big data in terms of three aspects, namely; big data storage, analysis and security.
  • Strengths/Weakness:
    • Provides good overview and definition of big data
    • Provides good up-to-date current research of big data
    • Slightly difficult to understand.

Zeeshan Pervez, Asad M. Khattak, Sungyoung Lee, Young-Koo Lee, Eui-Nam Huh: Oblivious access control policies for cloud based data sharing systems. Computing (2012) Journal Article: 1-24

Key points:

  • How to hide access control policies from the Cloud
    • Revealing ACP and access parameters to Cloud loses its efficacy
    • Important to design a system that can ensure end-to-end privacy, involving ACP, access parameters and outsourced data
    • A new access control mechanism called Oblivious Access Control Policy Evaluation (O-ACE) where ACP and access parameters are concealed from the cloud
    • O-ACE ensures end-to-end privacy using standard cryptographic primitives
    • O-ACE has been implemented in Google Cloud using Google App Engine.
    • Strengths/Weakness:
    • Many works do not focus on protecting ACP, and hence this is a useful and interesting paper.
    • Very easy to understand paper with good flow

Mohamed Meky, Amjad Ali: A Novel and Secure Data Sharing Model with Full Owner Control in the Cloud Environment. International Journal of Computer Science and Information Security Vol. 9 No. 6 (2011): 12 - 17

Key points:

  • How to provide data owner control over data in the Cloud in terms of confidentiality and integrity.
    • Security threats of unauthorised data access, compromised data integrity and confidentiality, less direct control of data by data owners over data stored in the Cloud.
    • A secure model that allows the data owner to have full control to grant or deny data sharing in the Cloud environment.
    • The model ensures confidentiality and integrity, and prevents Cloud providers from revealing data to unauthorised users.
    • The model can be implemented for several applications using a variety of data formats and any encryption algorithm.
  • Strengths/Weakness:
    • Data is kept secret from the Cloud provider and unauthorised users quite well.
    • Data integrity is also guaranteed quite well although other attacks such as forgery can still compromise integrity.
    • The data owner is required to store every users secrets and keys. This can become highly inefficient when data owners want to share data with millions of users.
    • Does not provide data owner the level of control of how their data is to be used and prevent copying, redistributing, etc.

ACM CCS '13 Conference Paper:
FGCS eHealth Journal paper:
  • Submitted new revision and waiting on outcome.
Book chapter:
  • Submitted camera-ready proof of paper and awaiting results.

No comments:

Post a Comment