Elsevier

Future Generation Computer Systems

Volume 90, January 2019, Pages 307-316
Future Generation Computer Systems

Secure distributed adaptive bin packing algorithm for cloud storage

https://doi.org/10.1016/j.future.2018.08.013Get rights and content

Highlights

  • Proposed a distributed cloud storage allocation architecture for fair utilization of resources.

  • An adaptive bin packing algorithm is utilized for storage allocation.

  • Designed an integrated end to end security framework for data at rest in cloud storage.

Abstract

Cloud computing delivers highly scalable and flexible computing and storage resources on pay-per-use policy. Cloud Computing’s services for computation and storage are getting increasingly popular and many organizations are now moving their data from in-house data centers to the Cloud Storage Providers (CSPs). However, increasing user base and remote storage of data introduces challenges like inefficient usage of resources and insider threat to data at rest in the cloud storage. Time varying workload and data intensive applications are vulnerable to encounter such challenges while using cloud computing services. The consolidation of virtual machines to minimize the total number of active servers is a promising solution to conserve the energy but it requires efficient resource management strategies. Additionally, the encryption strategies and third party auditors to maintain data integrity are still in their developing stage and therefore the data at rest is still a concern for the cloud storage users. In this paper, we designed a distributed storage allocation architecture for fair utilization of storage resources and we also design an integrated end to end security framework for data at rest in cloud storage to eliminate insider threats.

Introduction

Cloud computing today is a mature technology which has empowered the IT industry by diminishing the surcharge by introducing the concept of paying only for the usage and nothing more. It has drastically reduced the computing costs because today the users have to pay only for the service or infrastructure they have utilized. Likewise, Cloud Storage is an online virtual distributed storage provisioned by the cloud computing vendors. This storage could be accessed via a web service interface or a web based user interface. Some of the popular cloud storage providers are Amazon S3, Google Cloud Storage, Dropbox and others. The cloud storage system architecture constitutes of several storage servers interconnected to form a large pool of storage resources. A front end server or node manager co-ordinates the services between the cloud users and the storage servers [1].

The connection between the cloud users and the front end server is maintained secure by several encryption strategies and secure connections [2]. Through these methods, the users can be assured that the data in motion is secure. On the other side, multi-tenant data storage architecture poses a threat to the data at rest.

Secondly, to maintain and manage the storage is a significant task by the CSP’s [3]. In order to meet the demands and maintain the Service Level Agreement (SLA) with the clients, the CSP has to allocate the storage to the Virtual Machines (VMs) as requested. But the traditional storage allocation procedures misuse the storage by inefficient utilization. Lot of storage space would be wasted if there were no virtualization techniques [4]. But the bottleneck in the migration of virtual machines is the small overhead caused during the migration of the disk images. There are several migration techniques developed for computational multi-dimensional resources like CPU, Network Bandwidth and Memory, but to the best of our knowledge there is no specific technique applied for the storage management.

In this paper, we address the two basic concerns of the cloud storage i.e. the security of the data and the utilization of storage. Our technique promotes efficient utilization of resource and avoids resource wastage. Experimental results provide significant justification to our objective of reducing the number of storage units i.e. bins and additionally secures the data from insider threats in the storage servers. The data is split into chunks by a splitter module, which protects data from insider threat and the distribution of the chunks across the storage server improves the performance by eventually reducing the time taken to process the chunks which is of lesser size than the original data and therefore it moves to the storage locations in much short time.

The rest of the paper is organized as follows. Section 2 mention the related work, while the proposed methodology is presented in Section 3. Thereafter, we present the proposed algorithm in Section 4, followed by the experimental setup, Results and Evaluation in Section 5. At the end of the study, we conclude the study in Section 6.

Section snippets

Related work

To fulfill the missing fairness in the shared storage systems, Shue et al. [5] proposed a cloud-based system to balance the varying workload in a multi-tenant system. The approach followed was to distribute the workload across the virtual machines to enhance the system performance and to bag high utilization. In [6] the author introduced an integrated data encryption architecture constituting two factor identity verification process promising a multi-level identity encryption. Whereas, Zerfos

Proposed methodology

In a cloud architecture, cloud storage is a service model in which data is upheld, organized and made available to the data owners and dedicated users across the network upon request or triggered action. We design a classification approach for storage allocation for the virtual disks associated to the VMs. We also present a Distributed Adaptive Bin Packing Algorithm to prove the proposed concept. The designed algorithm achieves better resource utilization and reduces the time taken to deposit

Description of algorithms

Multi-tenant cloud architecture is the layout followed by cloud service providers to avoid wastage of resources and make more profit. The multi-tenant cloud architecture basically stores data of multiple users on a single storage server to increase the utilization of the storage resource and to make better profit instead of allocating individual storage to each client and ending up with under-utilized storage resource.

We compare our proposed algorithm with First Fit and Best Fit resource

Experimental setup, results and evaluation

To demonstrate our distributed cloud storage architecture, we simulate a cloud data center in Cloudsim toolkit created in C# environment. This toolkit is available in a GitHub repository. The core idea of our simulation lies in the development of core classes and general purpose classes to perform the desired operations in our architecture. We explain the simulation through a component diagram as shown in the Fig. 6. The overall simulation package is a typical collection of classes created to

Conclusion

Allocation of virtual disk space to multiple clients, which is also known as virtual machine in Cloud data center is a significant approach to manage and fully utilize resources. We come across various encryption strategies implemented to protect the data confidentiality and privacy. However, we realize that placement of data is equally significant in achieving better security. Another major concern from the perspective of cloud users is that the users have no control and knowledge about the

Acknowledgment

The authors extend their appreciation to the Deanship of Scientific Research at King Saud University, Saudi Arabiafor funding this work through research group no (RGP-1437-35).

Irfan Mohiuddin received his M.Sc. in Computer Science from King Saud University, Riyadh-Saudi Arabia, where he is currently working as a Researcher while pursuing his Ph.D. degree in Computer Science. His research interests include Cloud Computing, Networking, Resource Allocation, Internet of Things and Security.

References (51)

  • BatistaB.G. et al.

    Performance evaluation of resource management in cloud computing environments

    PloS One

    (2015)
  • X. Li, Multi-tenancy based access control in cloud, in: 2010 International Conference on Computational Intelligence and...
  • D. Shue, M.J. Freedman, A. Shaikh, Performance isolation and fairness for multi-tenant cloud storage, in: Proc. of the...
  • RabinM.O.

    Efficient dispersal of information for security, load balancing, and fault tolerance

    J. Assoc. Comput. Mach.

    (1989)
  • ShamirA.

    How to share a secret

    Commun. ACM

    (1979)
  • NejadM.M. et al.

    Truthful greedy mechanisms for dynamic virtual machine provisioning and allocation in clouds

    IEEE Trans. Parallel Distrib. Syst.

    (2015)
  • ZiaA. et al.

    Identifying key challenges in performance issues in cloud computing

    Int. J. Mod. Educ. Comput. Sci. (IJMECS)

    (2012)
  • G. Oddi, M. Panfili, A. Pietrabissa, L. Zuccaro, V. Suraci, A resource allocation algorithm of multi-cloud resources...
  • An-pingX. et al.

    Energy efficientmultiresource allocation of virtual machine based on PSO in cloud data center

    Math. Probl. Eng.

    (2014)
  • LiC. et al.

    Efficient resource allocation for optimizing objectives of cloud users, IaaS provider and SaaS provider in cloud environment

    J. Sumpercomput.

    (2013)
  • XuX. et al.

    A game theory approach to fair and efficient resource allocation in cloud computing

    Math. Probl. Eng.

    (2014)
  • ParikhK. et al.

    Virtual machine allocation policy in cloud computing using CloudSim in Java

    Int. J. Grid Distrib. Comput.

    (2015)
  • PanB.L. et al.

    Task scheduling and resource allocation of cloud computing based on QoS

    Adv. Mater. Res.

    (2014)
  • PapagianniC. et al.

    On the optimal allocation of virtual resources in cloud computing networks

    IEEE Trans. Comput.

    (2013)
  • S. Goutam, A.K. Yadav, Preemptable priority based dynamic resource allocation in cloud computing with fault tolerance,...

    • Cited by (25)

    • A study on container virtualization for guarantee quality of service in Cloud-of-Things

      2019, Future Generation Computer Systems
      Citation Excerpt :

      Moreover, we also plan to study deployment orchestration of distributed IoTaaS including several interconnected containarized micro-services each one running on different IoT devices spread over the Internet (such as in case of global IoTaaS) or over the Intranet (such as in the case of an IoTaaS acting in a smart city [28]). In the end, since security is one of the main challenges regarding a distributed system including several IoT devices [29,30] installed in different places of a smart city, we plan to investigate security considering containarized IoTaaS deployment orchestration based on Blockchain technology. There is no conflict of interest for this article.

    • MGPV: A novel and efficient scheme for secure data sharing among mobile users in the public cloud

      2019, Future Generation Computer Systems
      Citation Excerpt :

      Thus, web services when integrated with cloud services complement each other and emerge as a more powerful paradigm to solve the document storage and retrieval purposes. Since the present day android powered mobile phones come with more than 2 GB of RAM and 2 GHz of computational capability, access to web services and storage applications in the cloud have become very handy [10–14]. Hence, if a web service is available, a manager (cloud user) shall upload the business related documents to the public cloud not only for easy storage and retrieval purposes, but for their sharing among other users as well [15].

    • Workload aware VM consolidation method in edge/cloud computing for IoT applications

      2019, Journal of Parallel and Distributed Computing
      Citation Excerpt :

      However, the reshuffling of the VMs can be expensive due to reasons like the migration cost when being used in the VM consolidation. Similar to the GA, the initial VM layout is considered as the initial solution and the following steps are applied [1,4,7,14,18,20]. For the resource allocation and migration of VMs from highly loaded physical servers, we formulate the SA into four components as follows.

    • On-Chain and Off-Chain Data Management for Blockchain-Internet of Things: A Multi-Agent Deep Reinforcement Learning Approach

      2024, Journal of Grid Computing

    • RSA security in cloud computing: A distributed model for integrated GNFS with Black Wiedemann algorithm for integer factorization

      2023, AIP Conference Proceedings

    • FASTSync: A FAST Delta Sync Scheme for Encrypted Cloud Storage in High-bandwidth Network Environments

      2023, ACM Transactions on Storage
    View all citing articles on Scopus

    Irfan Mohiuddin received his M.Sc. in Computer Science from King Saud University, Riyadh-Saudi Arabia, where he is currently working as a Researcher while pursuing his Ph.D. degree in Computer Science. His research interests include Cloud Computing, Networking, Resource Allocation, Internet of Things and Security.

    Ahmad Almogren has received PhD degree in computer sciences from Southern Methodist University, Dallas, Texas, USA in 2002. Previously, he worked as an assistant professor of computer science and a member of the scientific council at Riyadh College of Technology. He also served as the dean of the college of computer and information sciences and the head of the council of academic accreditation at Al Yamamah University. Presently, he works as an associate professor and the vice dean for the development and quality at the college of computer and information sciences at King Saud University in Saudi Arabia. He has served as a guest editor for several computer journals. His research areas of interest include mobile and pervasive computing, computer security, sensor and cognitive network, and data consistency.

    Muhammad Al-Qurishi received the master’s degree in information systems from King Saud University, Riyadh, Saudi Arabia, where he is currently pursuing the Ph.D. degree with the Information Systems Department, College of Computer and Information Sciences. He has published several papers in refereed IEEE/ACM/Springer journals and conferences. His research interests include online social networks, social media analysis and mining, human–computer interaction, and health technology.

    Mohammad Mehedi Hassan is currently an Associate Professor of Information Systems Department in the College of Computer and Information Sciences (CCIS), King Saud University (KSU), Riyadh, Kingdom of Saudi Arabia. He received his Ph.D. degree in Computer Engineering from Kyung Hee University, South Korea in February 2011. He received Best Paper Award from CloudComp conference at China in 2014. He also received Excellence in Research Award from CCIS, KSU in 2015 and 2016 respectively. He has published over 100+ research papers in the journals and conferences of international repute. He has served as, chair, and Technical Program Committee member in numerous international conferences/workshops like IEEE HPCC, ACM BodyNets, IEEE ICME, IEEE ScalCom, ACM Multimedia, ICA3PP, IEEE ICC, TPMC, IDCS, etc. He has also played role of the guest editor of several international ISI-indexed journals. His research areas of interest are cloud federation, multimedia cloud, sensor-cloud, Internet of things, Big data, mobile cloud, cloud security, IPTV, sensor network, 5G network, social network, publish/subscribe system and recommender system. He is a member of IEEE.

    Iehab A. Al Rassan received his Ph.D. degree in Computer Science, Software and Systems from The George Washington University, Washington DC, United States of America. He is currently an Associate Professor in Department of Computer Science, College of Computer and Information Science, King Saud University, Riyadh-Saudi Arabia. His research interests include Cloud Computing, Networking, Distributed Systems, Internet Technologies, Web Services, Security, String Matching and Mobile Computing.

    Giancarlo Fortino is currently a Professor of Computer Engineering (since 2006) at the Dept. of Informatics, Modeling, Electronics and Systems (DIMES) of the University of Calabria (Unical), Rende (CS), Italy. He holds the ”Italian National Habilitation” for Full Professorship. He has been a visiting researcher at the International Computer Science Institute, Berkeley (CA), USA, in 1997 and 1999, and visiting professor at Queensland Univ. of Technology, Brisbane, Australia, in 2009. He was nominated Guest Professor in Computer Engineering of Wuhan Univ. of Technology (WUT) on April, 18 2012. His research interests include distributed computing, wireless sensor networks, software agents, cloud computing, Internet of Things systems. He authored over 230 publications in journals, conferences and books. He is the founding editor of the Springer Book Series on Internet of Things: Technology, Communications and Computing and serves in the editorial board of IEEE Transactions on Affective Computing, Journal of Networks and Computer Applications, Engineering Applications of Artificial Intelligence, Information Fusion, Multi Agent and GRID Systems, etc. He is co-founder and CEO of SenSysCal S.r.l., a spinoff of Unical, focused on innovative sensor-based systems for e-health and demotics. He is IEEE Senior member.

    View full text
    © 2018 Elsevier B.V. All rights reserved.