The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.01 - January-March (2010 vol.7)
pp: 50-64
Manghui Tu , UT Dallas, Richardson
Peng Li , UT Dallas, Richardson
I-Ling Yen , UT Dallas, Richardson
Bhavani Thuraisingham , UT Dallas, Richardson
Latifur Khan , UT Dallas, Richardson
ABSTRACT
Secret sharing and erasure coding-based approaches have been used in distributed storage systems to ensure the confidentiality, integrity, and availability of critical information. To achieve performance goals in data accesses, these data fragmentation approaches can be combined with dynamic replication. In this paper, we consider data partitioning (both secret sharing and erasure coding) and dynamic replication in data grids, in which security and data access performance are critical issues. More specifically, we investigate the problem of optimal allocation of sensitive data objects that are partitioned by using secret sharing scheme or erasure coding scheme and/or replicated. The grid topology we consider consists of two layers. In the upper layer, multiple clusters form a network topology that can be represented by a general graph. The topology within each cluster is represented by a tree graph. We decompose the share replica allocation problem into two subproblems: the Optimal Intercluster Resident Set Problem (OIRSP) that determines which clusters need share replicas and the Optimal Intracluster Share Allocation Problem (OISAP) that determines the number of share replicas needed in a cluster and their placements. We develop two heuristic algorithms for the two subproblems. Experimental studies show that the heuristic algorithms achieve good performance in reducing communication cost and are close to optimal solutions.
INDEX TERMS
Secure data, secret sharing, erasure coding, replication, data grids.
CITATION
Manghui Tu, Peng Li, I-Ling Yen, Bhavani Thuraisingham, Latifur Khan, "Secure Data Objects Replication in Data Grid", IEEE Transactions on Dependable and Secure Computing, vol.7, no. 1, pp. 50-64, January-March 2010, doi:10.1109/TDSC.2008.19
REFERENCES
[1] S. Arora, P. Raghavan, and S. Rao, "Approximation Schemes for Euclidean $k\hbox{-}{\rm Medians}$ and Related Problems," Proc. 30th ACM Symp. Theory of Computing (STOC), 1998.
[2] M. Baker, R. Buyya, and D. Laforenza, "Grids and Grid Technology for Wide-Area Distributed Computing," Software-Practice and Experience, 2002.
[3] A. Chervenak, E. Deelman, I. Foster, L. Guy, W. Hoschek, C. Kesselman, P. Kunszt, M. Ripeanu, B. Schwartzkopf, H. Stockinger, and B. Tierney, "Giggle: A Framework for Constructing Scalable Replica Location Services," Proc. ACM/IEEE Conf. Supercomputing (SC), 2002.
[4] Y. Deswarte, L. Blain, and J.C. Fabre, "Intrusion Tolerance in Distributed Computing Systems," Proc. IEEE Symp. Research in Security and Privacy, 1991.
[5] http://csepi.utdallas.eduepc_center.htm, 2008.
[6] I. Foster and A. Lamnitche, "On Death, Taxes, and Convergence of Peer-to-Peer and Grid Computing," Proc. Second Int'l Workshop Peer-to-Peer Systems (IPTPS), 2003.
[7] http://www.ccrl-nece.de/gemssreports.shtml , 2008.
[8] Global Information Grid, Wikipedia.
[9] www.globus.org, 2008.
[10] J. Gray, P. Helland, P. O'Neil, and D. Shasha, "The Dangers of Replication and a Solution," Proc. ACM SIGMOD, 1996.
[11] C. Jin, Q. Chen, and S. Jamin, "INET: Internet Topology Generator," Technical Report CSE-TR-433-00, EECS Dept., Univ. of Michigan, 2000.
[12] K. Kalpakis, K. Dasgupta, and O. Wolfson, "Optimal Placement of Replicas in Trees with Read, Write, and Storage Costs," IEEE Trans. Parallel and Distributed Systems, vol. 12, no. 6, 2001.
[13] O. Kariv and S.L. Hakimi, "An Algorithmic Approach to Location Problems—II: The p-medians," SIAM J. Applied Math., vol. 37, no. 3, 1979.
[14] H. Krawczyk, "Distributed Fingerprints and Secure Information Dispersal," Proc. 12th Ann. ACM Symp. Principles of Distributed Computing (PODC), 1993.
[15] H. Krawczyk, "Secret Sharing Made Short," Proc. 13th Ann. Int'l Cryptology Conf. (Crypto), 1993.
[16] J. Kubitowicz, D. Bindel, Y. Chen, S. Czerwinski, P. Eaton, D. Geels, R. Gummadi, S. Rhea, H. Weatherspoon, W. Weimer, C. Wells, and B. Zhao, "OceanStore: An Architecture for Global-Scale Persistent Storage," Proc. Ninth Int'l Conf. Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2000.
[17] S. Lakshmanan, M. Ahamad, and H. Venkateswaran, "Responsive Security for Stored Data," IEEE Trans. Parallel and Distributed Systems, vol. 14, no. 9, 2003.
[18] J.H. Lala, Foundations of the Intrusion Tolerant Systems OASIS. IEEE CS, ISBN 076952057X.
[19] V. Matossian and M. Parashar, "Enabling Peer-to-Peer Interactions for Scientific Applications on the Grid," Proc. Ninth Int'l Euro-Par Conf. (Euro-Par), 2003.
[20] A. Mei, L.V. Mancini, and S. Jajodia, "Secure Dynamic Fragment and Replica Allocation in Large-Scale Distributed File Systems," IEEE Trans. Parallel and Distributed Systems, vol. 14, no. 9, 2003.
[21] N. Nagaratnam, P. Janson, J. Dayka, A. Nadalin, F. Siebenlist, V. Welch, I. Foster, and S. Tuecke, The Security Architecture for Open Grid Services, Version 1, 2002.
[22] www.gloriad.org/gloriad/projectsproject000053.html , 2008.
[23] V. Paxson, "End-to-End Routing Behavior in the Internet," IEEE/ACM Trans. Networking, vol. 5, no. 5, pp. 601-615, 1997.
[24] M. Rabin, "Efficient Dispersal of Information for Security, Load Balancing, and Fault Tolerance," J. ACM, vol. 36, no. 2, 1989.
[25] K. Ranganathan and I. Foster, "Identifying Dynamic Replication Strategies for a High Performance Data Grid," Proc. Second Int'l Workshop Grid Computing, 2001.
[26] M. Reiter and P. Rohatgi, "Homeland Security," IEEE Internet Computing, 2004.
[27] A. Samar and H. Stockinger, "Grid Data Management Pilot (GDMP): A Tool for Wide Area Replication," Proc. IASTED Int'l Conf. Applied Informatics (AI), 2001.
[28] A. Shamir, "How to Share a Secret," Comm. ACM, vol. 22, 1979.
[29] G. Singh, S. Bharathi, A. Chervenak, E. Deelman, C. Kesselman, M. Manohar, S. Patil, and L. Pearlman, "A Metadata Catalog Service for Data Intensive Applications," Proc. ACM/IEEE Conf. Supercomputing (SC), 2003.
[30] H. Stockinger, "Distributed Database Management Systems and the Data Grids," Proc. 18th IEEE Symp. Mass Storage Systems, 2001.
[31] B.M. Thuraisingham and J.A. Maurer, "Information Survivability for Evolvable and Adaptable Real-Time Command and Control Systems," IEEE Trans. Knowledge and Data Eng., vol. 11, no. 1, Jan. 1999.
[32] M. Tu, "A Data Management Framework for Secure and Dependable Data Grid," PhD dissertation, Univ. of Texas at Dallas, http://www.utdallas.edu/~tumh2000/refThesis-Tu.pdf , July 2006.
[33] http://www.whitehouse.gov/reportskatrina-lessons-learned /, 2008.
[34] O. Wolfson and A. Milo, "The Multicast Policy and its Relationship to Replicated Data Placement," ACM Trans. Database Systems, vol. 16, no. 1, 1991.
[35] O. Wolfson, S. Jajodia, and Y. Huang, "An Adaptive Data Replication Algorithm," ACM Trans. Database Systems, vol. 22, no. 2, 1997.
[36] T. Wu, M. Malkin, and D. Boneh, "Building Intrusion Tolerant Applications," Proc. DARPA Information Survivability Conf. and Exposition (DISCEX), 2000.
[37] J. Wylie, M. Bakkaloglu, V. Pandurangan, M. Bigrigg, S. Oguz, K. Tew, C. Williams, G. Ganger, and P. Khosla, "Selecting the Right Data Distribution Scheme for a Survivable Storage System," Technical Report CMU-CS-01-120, Carnegie Mellon Univ., 2000.
[38] L. Xiao, I. Yen, Y. Zhang, and F. Bastani, "Evaluating Dependable Distributed Storage Systems," Proc. Int'l Conf. Parallel and Distributed Processing Techniques and Applications (PDPTA), 2007.
24 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool