SECURITY-AWARE DATA MANAGEMENT AND PERFORMANCE OPTIMIZATION STRATEGIES FOR CLOUD STORAGE SYSTEMS

Abstract

The emergence of information technology have changed the scale and scope of information systems that generate a huge amount of data everyday, opening the area of big data processing and analytics. Public clouds have become an attractive candidate to meet not only the ever- growing data storage demands but also the heavy and large-scale computation requirements of big data applications. However, moving data to public clouds for storing and processing raises new challenges that cloud users may have not experienced when they manage the data in their own local servers. The performance issue such as the delay in data retrieval or processing is one of the most important issues since it directly affects the users experience on the quality of services offered by cloud providers. The security issue, particularly the data privacy, is also hindering the migration of data to public clouds. However, it is very difficult to achieve the above challenges due to the complexity in architecture of cloud infrastructures, heterogeneity of cloud resources, and the multi- tenant characteristic of cloud environment. Thus, new tools and models are needed to adapt to the diversity of cloud infrastructures and usage. Focusing on divisible loads, which are widely used in many large-scale and data intensive applications such as monitoring systems, health care systems and smart home, etc., this thesis applies Divisible Load Theory to propose novel data management solutions including scheduling strategies for data processing and data placement strategies, considering the security requirement. Two scheduling strategies: a static scheduling strategy (SSS) and a dynamic scheduling strategy (DSS) have been designed for divisible load scheduling in multi-cloud systems such that the total data processing time is minimized. The proposed strategies take into account the topology and capacity of the system network and the heterogeneity of computing nodes. While SSS considers an ideal scenario where node availability is known prior to the scheduling, DSS relaxes this assumption and predicts node availability based on historical logging information. Furthermore, the thesis proposes a novel data placement algorithm, namely availability and security-aware data placement algorithm for cloud storage systems (A- SEDuLOUS) that minimizes the total data retrieval time and satisfies the security requirement by applying the graph theory. In addition, the thesis also considers other alternative approaches such as encryption techniques to protect data privacy when storing and processing data on public clouds. The performance studies presented in this thesis were mainly carried out by numerical simulations to demonstrate the effectiveness of the proposed strategies. We additionally consider a real genomic application, which imposes both the performance and security issues, to demonstrate the practicality of the proposed approaches. We designed an entire secure framework for genomic computation on public clouds to exploit the parallel processing on multiple computing nodes so as to improve the performance. We concretized the framework and proposed a 3-encryption-scheme model for genomic sequence mapping (3EGSM) by combining key-hash function, homomorphic encryption and order-preserving encryption. The model not only protects genomic sequences, the intermediate and final computation results but also eliminates as much as possible the heavy computation requirement of fully homomorphic encryption. The simulation and experimental results assess the validity of the proposed strategies against baseline strategies. The results also provide useful insights on their applicability in realistic scenarios.