Secure distributed adaptive bin packing algorithm for cloud storage
Introduction
Cloud computing today is a mature technology which has empowered the IT industry by diminishing the surcharge by introducing the concept of paying only for the usage and nothing more. It has drastically reduced the computing costs because today the users have to pay only for the service or infrastructure they have utilized. Likewise, Cloud Storage is an online virtual distributed storage provisioned by the cloud computing vendors. This storage could be accessed via a web service interface or a web based user interface. Some of the popular cloud storage providers are Amazon S3, Google Cloud Storage, Dropbox and others. The cloud storage system architecture constitutes of several storage servers interconnected to form a large pool of storage resources. A front end server or node manager co-ordinates the services between the cloud users and the storage servers [1].
The connection between the cloud users and the front end server is maintained secure by several encryption strategies and secure connections [2]. Through these methods, the users can be assured that the data in motion is secure. On the other side, multi-tenant data storage architecture poses a threat to the data at rest.
Secondly, to maintain and manage the storage is a significant task by the CSP’s [3]. In order to meet the demands and maintain the Service Level Agreement (SLA) with the clients, the CSP has to allocate the storage to the Virtual Machines (VMs) as requested. But the traditional storage allocation procedures misuse the storage by inefficient utilization. Lot of storage space would be wasted if there were no virtualization techniques [4]. But the bottleneck in the migration of virtual machines is the small overhead caused during the migration of the disk images. There are several migration techniques developed for computational multi-dimensional resources like CPU, Network Bandwidth and Memory, but to the best of our knowledge there is no specific technique applied for the storage management.
In this paper, we address the two basic concerns of the cloud storage i.e. the security of the data and the utilization of storage. Our technique promotes efficient utilization of resource and avoids resource wastage. Experimental results provide significant justification to our objective of reducing the number of storage units i.e. bins and additionally secures the data from insider threats in the storage servers. The data is split into chunks by a splitter module, which protects data from insider threat and the distribution of the chunks across the storage server improves the performance by eventually reducing the time taken to process the chunks which is of lesser size than the original data and therefore it moves to the storage locations in much short time.
The rest of the paper is organized as follows. Section 2 mention the related work, while the proposed methodology is presented in Section 3. Thereafter, we present the proposed algorithm in Section 4, followed by the experimental setup, Results and Evaluation in Section 5. At the end of the study, we conclude the study in Section 6.
Section snippets
Related work
To fulfill the missing fairness in the shared storage systems, Shue et al. [5] proposed a cloud-based system to balance the varying workload in a multi-tenant system. The approach followed was to distribute the workload across the virtual machines to enhance the system performance and to bag high utilization. In [6] the author introduced an integrated data encryption architecture constituting two factor identity verification process promising a multi-level identity encryption. Whereas, Zerfos
Proposed methodology
In a cloud architecture, cloud storage is a service model in which data is upheld, organized and made available to the data owners and dedicated users across the network upon request or triggered action. We design a classification approach for storage allocation for the virtual disks associated to the VMs. We also present a Distributed Adaptive Bin Packing Algorithm to prove the proposed concept. The designed algorithm achieves better resource utilization and reduces the time taken to deposit
Description of algorithms
Multi-tenant cloud architecture is the layout followed by cloud service providers to avoid wastage of resources and make more profit. The multi-tenant cloud architecture basically stores data of multiple users on a single storage server to increase the utilization of the storage resource and to make better profit instead of allocating individual storage to each client and ending up with under-utilized storage resource.
We compare our proposed algorithm with First Fit and Best Fit resource
Experimental setup, results and evaluation
To demonstrate our distributed cloud storage architecture, we simulate a cloud data center in Cloudsim toolkit created in C# environment. This toolkit is available in a GitHub repository. The core idea of our simulation lies in the development of core classes and general purpose classes to perform the desired operations in our architecture. We explain the simulation through a component diagram as shown in the Fig. 6. The overall simulation package is a typical collection of classes created to
Conclusion
Allocation of virtual disk space to multiple clients, which is also known as virtual machine in Cloud data center is a significant approach to manage and fully utilize resources. We come across various encryption strategies implemented to protect the data confidentiality and privacy. However, we realize that placement of data is equally significant in achieving better security. Another major concern from the perspective of cloud users is that the users have no control and knowledge about the
Acknowledgment
The authors extend their appreciation to the Deanship of Scientific Research at King Saud University, Saudi Arabiafor funding this work through research group no (RGP-1437-35).
Irfan Mohiuddin received his M.Sc. in Computer Science from King Saud University, Riyadh-Saudi Arabia, where he is currently working as a Researcher while pursuing his Ph.D. degree in Computer Science. His research interests include Cloud Computing, Networking, Resource Allocation, Internet of Things and Security.
References (51)
- et al.
A survey of virtual machine placement techniques in a cloud data center
Procedia Comput. Sci.
(2016) - et al.
Energy-aware resource allocation heuristics for efficient management of data centers for cloud computing
Future Gener. Comput. Syst.
(2012) - et al.
Addressing cloud computing security issues
Future Gener. Comput. Syst.
(2012) - et al.
Proactive user-centric secure data scheme using attribute-based semantic access controls for mobile clouds in financial industry
Future Gener. Comput. Syst.
(2018) - et al.
Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks
J. Netw. Comput. Appl.
(2018) - et al.
Multi-key privacy-preserving deep learning in cloud computing
Future Gener. Comput. Syst.
(2017) Identity-based encryption with outsourced equality test in cloud computing
Inform. Sci.
(2016)- et al.
Abiometric-baseduser authentication for wireless sensor networks
Wuhan Univ. J. Nat. Sci.
(2010) - Amazon Web Services and AWS Whitepapers, Amazon Virtual Private Cloud, Amazon, Jul 2014. [Online]. Available:...
- et al.
A secure cloud computing architecture using homomorphic encryption
Int. J. Adv. Comput. Sci. Appl.
(2016)
Performance evaluation of resource management in cloud computing environments
PloS One
Efficient dispersal of information for security, load balancing, and fault tolerance
J. Assoc. Comput. Mach.
How to share a secret
Commun. ACM
Truthful greedy mechanisms for dynamic virtual machine provisioning and allocation in clouds
IEEE Trans. Parallel Distrib. Syst.
Identifying key challenges in performance issues in cloud computing
Int. J. Mod. Educ. Comput. Sci. (IJMECS)
Energy efficientmultiresource allocation of virtual machine based on PSO in cloud data center
Math. Probl. Eng.
Efficient resource allocation for optimizing objectives of cloud users, IaaS provider and SaaS provider in cloud environment
J. Sumpercomput.
A game theory approach to fair and efficient resource allocation in cloud computing
Math. Probl. Eng.
Virtual machine allocation policy in cloud computing using CloudSim in Java
Int. J. Grid Distrib. Comput.
Task scheduling and resource allocation of cloud computing based on QoS
Adv. Mater. Res.
On the optimal allocation of virtual resources in cloud computing networks
IEEE Trans. Comput.
Cited by (25)
A study on container virtualization for guarantee quality of service in Cloud-of-Things
2019, Future Generation Computer SystemsCitation Excerpt :Moreover, we also plan to study deployment orchestration of distributed IoTaaS including several interconnected containarized micro-services each one running on different IoT devices spread over the Internet (such as in case of global IoTaaS) or over the Intranet (such as in the case of an IoTaaS acting in a smart city [28]). In the end, since security is one of the main challenges regarding a distributed system including several IoT devices [29,30] installed in different places of a smart city, we plan to investigate security considering containarized IoTaaS deployment orchestration based on Blockchain technology. There is no conflict of interest for this article.
MGPV: A novel and efficient scheme for secure data sharing among mobile users in the public cloud
2019, Future Generation Computer SystemsCitation Excerpt :Thus, web services when integrated with cloud services complement each other and emerge as a more powerful paradigm to solve the document storage and retrieval purposes. Since the present day android powered mobile phones come with more than 2 GB of RAM and 2 GHz of computational capability, access to web services and storage applications in the cloud have become very handy [10–14]. Hence, if a web service is available, a manager (cloud user) shall upload the business related documents to the public cloud not only for easy storage and retrieval purposes, but for their sharing among other users as well [15].
Workload aware VM consolidation method in edge/cloud computing for IoT applications
2019, Journal of Parallel and Distributed ComputingCitation Excerpt :However, the reshuffling of the VMs can be expensive due to reasons like the migration cost when being used in the VM consolidation. Similar to the GA, the initial VM layout is considered as the initial solution and the following steps are applied [1,4,7,14,18,20]. For the resource allocation and migration of VMs from highly loaded physical servers, we formulate the SA into four components as follows.
On-Chain and Off-Chain Data Management for Blockchain-Internet of Things: A Multi-Agent Deep Reinforcement Learning Approach
2024, Journal of Grid ComputingFASTSync: A FAST Delta Sync Scheme for Encrypted Cloud Storage in High-bandwidth Network Environments
2023, ACM Transactions on Storage
Irfan Mohiuddin received his M.Sc. in Computer Science from King Saud University, Riyadh-Saudi Arabia, where he is currently working as a Researcher while pursuing his Ph.D. degree in Computer Science. His research interests include Cloud Computing, Networking, Resource Allocation, Internet of Things and Security.
Ahmad Almogren has received PhD degree in computer sciences from Southern Methodist University, Dallas, Texas, USA in 2002. Previously, he worked as an assistant professor of computer science and a member of the scientific council at Riyadh College of Technology. He also served as the dean of the college of computer and information sciences and the head of the council of academic accreditation at Al Yamamah University. Presently, he works as an associate professor and the vice dean for the development and quality at the college of computer and information sciences at King Saud University in Saudi Arabia. He has served as a guest editor for several computer journals. His research areas of interest include mobile and pervasive computing, computer security, sensor and cognitive network, and data consistency.
Muhammad Al-Qurishi received the master’s degree in information systems from King Saud University, Riyadh, Saudi Arabia, where he is currently pursuing the Ph.D. degree with the Information Systems Department, College of Computer and Information Sciences. He has published several papers in refereed IEEE/ACM/Springer journals and conferences. His research interests include online social networks, social media analysis and mining, human–computer interaction, and health technology.
Mohammad Mehedi Hassan is currently an Associate Professor of Information Systems Department in the College of Computer and Information Sciences (CCIS), King Saud University (KSU), Riyadh, Kingdom of Saudi Arabia. He received his Ph.D. degree in Computer Engineering from Kyung Hee University, South Korea in February 2011. He received Best Paper Award from CloudComp conference at China in 2014. He also received Excellence in Research Award from CCIS, KSU in 2015 and 2016 respectively. He has published over 100+ research papers in the journals and conferences of international repute. He has served as, chair, and Technical Program Committee member in numerous international conferences/workshops like IEEE HPCC, ACM BodyNets, IEEE ICME, IEEE ScalCom, ACM Multimedia, ICA3PP, IEEE ICC, TPMC, IDCS, etc. He has also played role of the guest editor of several international ISI-indexed journals. His research areas of interest are cloud federation, multimedia cloud, sensor-cloud, Internet of things, Big data, mobile cloud, cloud security, IPTV, sensor network, 5G network, social network, publish/subscribe system and recommender system. He is a member of IEEE.
Iehab A. Al Rassan received his Ph.D. degree in Computer Science, Software and Systems from The George Washington University, Washington DC, United States of America. He is currently an Associate Professor in Department of Computer Science, College of Computer and Information Science, King Saud University, Riyadh-Saudi Arabia. His research interests include Cloud Computing, Networking, Distributed Systems, Internet Technologies, Web Services, Security, String Matching and Mobile Computing.
Giancarlo Fortino is currently a Professor of Computer Engineering (since 2006) at the Dept. of Informatics, Modeling, Electronics and Systems (DIMES) of the University of Calabria (Unical), Rende (CS), Italy. He holds the ”Italian National Habilitation” for Full Professorship. He has been a visiting researcher at the International Computer Science Institute, Berkeley (CA), USA, in 1997 and 1999, and visiting professor at Queensland Univ. of Technology, Brisbane, Australia, in 2009. He was nominated Guest Professor in Computer Engineering of Wuhan Univ. of Technology (WUT) on April, 18 2012. His research interests include distributed computing, wireless sensor networks, software agents, cloud computing, Internet of Things systems. He authored over 230 publications in journals, conferences and books. He is the founding editor of the Springer Book Series on Internet of Things: Technology, Communications and Computing and serves in the editorial board of IEEE Transactions on Affective Computing, Journal of Networks and Computer Applications, Engineering Applications of Artificial Intelligence, Information Fusion, Multi Agent and GRID Systems, etc. He is co-founder and CEO of SenSysCal S.r.l., a spinoff of Unical, focused on innovative sensor-based systems for e-health and demotics. He is IEEE Senior member.