skip to main content
research-article

Secure and Efficient Hybrid Data Deduplication in Edge Computing

Authors Info & Claims
Published:25 July 2022Publication History
Skip Abstract Section

Abstract

As an extension of cloud computing, edge computing introduces additional intermediate devices, called edge nodes near clients, providing computing services on behalf of the central cloud more efficiently. Although edge computing brings several benefits such as low latency and bandwidth savings on the edge side, rapid increase in the amount of data transmitted to the central cloud hinders efficient utilization of the storage system on the central cloud side especially when the data from edge devices are encrypted. To mitigate this issue in a privacy-preserving manner, data deduplication techniques for encrypted data have been extensively studied to enhance both the security and efficiency in the conventional cloud system with two different approaches. A server-side secure deduplication approach protects data privacy but impairs network efficiency by allowing duplicate uploads, while a client-side one improves network efficiency but suffers from potential information leakage due to its vulnerability to the side-channel attack. In this article, we propose a hybrid secure deduplication scheme for edge computing, which guarantees both advantages of the aforementioned two approaches. Specifically, our scheme guarantees data privacy by applying the server-side deduplication technique between the client and the edge nodes and maximizes network efficiency through the client-side deduplication technique between the edge nodes and the cloud. In addition, we devise a novel additively homomorphic encryption for efficient deduplication operations in the resource-limited edge nodes. Based on our experimental results, the proposed scheme reduces the communication costs by approximately 2.5 times for a storage server when the duplicate ratio is 50%, and the response time is reduced by about 2 times when the data size is 16 MB.

REFERENCES

  1. [1] [n.d.]. Amazon Elastic Compute Cloud (EC2). Retrieved from http://aws.amazon.com/ec2.Google ScholarGoogle Scholar
  2. [2] 1995. IEEE Standards for Local and Metropolitan Area Networks: Supplement—Media Access Control (MAC) Parameters, Physical Layer, Medium Attachment Units, and Repeater for 100Mb/s Operation, Type 100BASE-T (clauses 21-30). IEEE Std 802.3u-1995 (Supplement to ISO/IEC 8802-3: 1993; ANSI/IEEE Std 802.3, 1993 Edition), 1415. Google ScholarGoogle ScholarCross RefCross Ref
  3. [3] 2018. IEEE Standard for Ethernet. IEEE Std 802.3-2018 (Revision of IEEE Std 802.3-2015), 15600. Google ScholarGoogle ScholarCross RefCross Ref
  4. [4] Abdalla Michel and Pointcheval David. 2005. Simple password-based encrypted key exchange protocols. In Topics in Cryptology – CT-RSA 2005. Springer, Berlin, 191208. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. [5] Fardan Nadhem J. Al and Paterson Kenneth G.. 2013. Lucky thirteen: Breaking the TLS and DTLS record protocols. In Proceeeings of the IEEE Symposium on Security and Privacy. 526540. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. [6] Albrecht Martin R. and Paterson Kenneth G.. 2016. Lucky microseconds: A timing attack on amazon’s s2n implementation of TLS. In Advances in Cryptology – EUROCRYPT 2016. Springer, Berlin, 622643. Google ScholarGoogle ScholarCross RefCross Ref
  7. [7] Armknecht Frederik, Bohli Jens-Matthias, Karame Ghassan O., and Youssef Franck. 2015. Transparent data deduplication in the cloud. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS’15). ACM, New York, NY, 886900. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. [8] Aviram Nimrod, Schinzel Sebastian, Somorovsky Juraj, Heninger Nadia, Dankel Maik, Steube Jens, Valenta Luke, Adrian David, Halderman J. Alex, Dukhovni Viktor, Käsper Emilia, Cohney Shaanan, Engels Susanne, Paar Christof, and Shavitt Yuval. 2016. DROWN: Breaking TLS using SSLv2. In Proceedings of the 25th USENIX Security Symposium (USENIX Security’16). USENIX Association, 689706.Google ScholarGoogle Scholar
  9. [9] Bellare, Namprempre, Pointcheval, and Semanko. 2003. The one-more-RSA-inversion problems and the security of chaum’s blind signature scheme. J. Cryptol. 16, 3 (2003), 185215. Google ScholarGoogle ScholarCross RefCross Ref
  10. [10] Bellare Mihir and Keelveedhi Sriram. 2015. Interactive message-locked encryption and secure deduplication. In Public-Key Cryptography – PKC 2015. Springer, Berlin, 516538. Google ScholarGoogle ScholarCross RefCross Ref
  11. [11] Bellare Mihir, Keelveedhi Sriram, and Ristenpart Thomas. 2013. DupLESS: Server-aided encryption for deduplicated storage. In Proceedings of the 22nd USENIX Security Symposium (USENIX Security’13). USENIX Association, 179194.Google ScholarGoogle Scholar
  12. [12] Bellare Mihir, Keelveedhi Sriram, and Ristenpart Thomas. 2013. Message-locked encryption and secure deduplication. In Advances in Cryptology – EUROCRYPT 2013. Springer, Berlin, 296312. Google ScholarGoogle ScholarCross RefCross Ref
  13. [13] Bellovin, Merritt Steven Michael,, and Michael. 1992. Encrypted key exchange: Password-based protocols secure against dictionary attacks. In Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy. IEEE, 7284. Google ScholarGoogle ScholarCross RefCross Ref
  14. [14] Bhargavan Karthikeyan, Lavaud Antoine Delignat, Fournet Cédric, Pironti Alfredo, and Strub Pierre Yves. 2014. Triple handshakes and cookie cutters: Breaking and fixing authentication over TLS. In Proceedings of the IEEE Symposium on Security and Privacy. 98113. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. [15] Bitansky Nir and Canetti Ran. 2014. On strong simulation and composable point obfuscation. J. Cryptol. 27, 2 (2014), 317357.Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. [16] Bonomi Flavio, Milito Rodolfo, Zhu Jiang, and Addepalli Sateesh. 2012. Fog computing and its role in the internet of things. In Proceedings of the 1st Edition of the MCC Workshop on Mobile Cloud Computing (MCC’12). ACM, New York, NY, 1316. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. [17] Brumley Billy Bob and Tuveri Nicola. 2011. Remote timing attacks are still practical. In Computer Security – ESORICS 2011. Springer, Berlin, 355371. Google ScholarGoogle ScholarCross RefCross Ref
  18. [18] Castelluccia C., Mykletun E., and Tsudik G.. 2005. Efficient aggregation of encrypted data in wireless sensor networks. In Proceedings of the 2nd Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services. 109117. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. [19] Douceur J. R., Adya A., Bolosky W. J., Simon P., and Theimer M.. 2002. Reclaiming space from duplicate files in a serverless distributed file system. In Proceedings of the 22nd International Conference on Distributed Computing Systems. 617624. Google ScholarGoogle ScholarCross RefCross Ref
  20. [20] Duan Yitao. 2014. Distributed key generation for encrypted deduplication: Achieving the strongest privacy. In Proceedings of the 6th Edition of the ACM Workshop on Cloud Computing Security (CCSW’14). ACM, New York, NY, 5768. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. [21] Elgamal T.. 1985. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory 31, 4 (1985), 469472. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. [22] Gentry Craig. 2009. A Fully Homomorphic Encryption Scheme. Stanford University.Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. [23] Halevi Shai, Harnik Danny, Pinkas Benny, and Shulman-Peleg Alexandra. 2011. Proofs of ownership in remote storage systems. In Proceedings of the ACM Conference on Computer and Communications Security(CCS’11). Association for Computing Machinery, New York, NY, 491500. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. [24] Harnik Danny, Pinkas Benny, and Shulman-Peleg Alexandra. 2010. Side channels in cloud services: Deduplication in cloud storage. IEEE Secur. Priv. 8, 6 (2010), 4047. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. [25] Inc. Cisco Systems2015. Fog Computing and the Internet of Things: Extend the Cloud to Where the Things Are. Retrieved from https://www.cisco.com/c/dam/en_us/solutions/trends/iot/docs/computing-overview.pdf.Google ScholarGoogle Scholar
  26. [26] Jost Christine, Lam Ha, Maximov Alexander, and Smeets Ben. 2015. Encryption Performance Improvements of the Paillier Cryptosystem. Retrieved from https://ia.cr/2015/864.Google ScholarGoogle Scholar
  27. [27] Katz Jonathan and Lindell Yehuda. 2014. Introduction to Modern Cryptography. CRC Press, Boca Raton, FL.Google ScholarGoogle ScholarCross RefCross Ref
  28. [28] Koo Dongyoung, Shin Youngjoo, Yun Joobeom, and Hur Junbeom. 2016. A hybrid deduplication for secure and efficient data outsourcing in fog computing. In Proceedings of the IEEE International Conference on Cloud Computing Technology and Science (CloudCom’16). 285293. Google ScholarGoogle ScholarCross RefCross Ref
  29. [29] Li Jin, Li Tong, Liu Zheli, and Chen Xiaofeng. 2019. Secure deduplication system with active key update and its application in IoT. ACM Trans. Intell. Syst. Technol. 10, 6, Article 69 (October 2019), 21 pages. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. [30] Li Shanshan, Xu Chunxiang, and Zhang Yuan. 2019. CSED: Client-side encrypted deduplication scheme based on proofs of ownership for cloud storage. J. Inf. Secur. Appl. 46 (2019), 250258. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. [31] Liu Jian, Asokan N., and Pinkas Benny. 2015. Secure deduplication of encrypted data without additional independent servers. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS’15). ACM, New York, NY, 874885. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. [32] Meyer Dutch T. and Bolosky William J.. 2012. A study of practical deduplication. ACM Trans. Storage 7, 4, Article 14 (February 2012), 20 pages. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. [33] Moore Ciara, O’Neill Máire, O’Sullivan Elizabeth, Doröz Yarkın, and Sunar Berk. 2014. Practical homomorphic encryption: A survey. In Proceedings of the IEEE International Symposium on Circuits and Systems (ISCAS’14). 27922795. Google ScholarGoogle ScholarCross RefCross Ref
  34. [34] Mulazzani Martin, Schrittwieser Sebastian, Leithner Manuel, Huber Markus, and Weippl Edgar. 2011. Dark clouds on the horizon: Using cloud storage as attack vector and online slack space. In Proceedings of the 20th USENIX Security Symposium (USENIX Security’11). USENIX Association, San Francisco, CA.Google ScholarGoogle Scholar
  35. [35] Ni Jianbing, Zhang Kuan, Yu Yong, Lin Xiaodong, and Shen Xuemin Sherman. 2020. Providing task allocation and secure deduplication for mobile crowdsensing via fog computing. IEEE Trans. Depend. Sec. Comput. 17, 3 (2020), 581594. Google ScholarGoogle ScholarCross RefCross Ref
  36. [36] Paillier Pascal. 1999. Public-key cryptosystems based on composite degree residuosity classes. In Advances in Cryptology – EUROCRYPT’99”. Springer, Berlin, 223238. Google ScholarGoogle ScholarCross RefCross Ref
  37. [37] Puzio Pasquale, Molva Refik, Önen Melek, and Loureiro Sergio. 2013. ClouDedup: Secure deduplication with encrypted data for cloud storage. In Proceedings of the IEEE 5th International Conference on Cloud Computing Technology and Science, Vol. 1. 363370. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. [38] Stanek Jan, Sorniotti Alessandro, Androulaki Elli, and Kencl Lukas. 2014. A secure data deduplication scheme for cloud storage. In Financial Cryptography and Data Security. Springer, Berlin, 99118. Google ScholarGoogle ScholarCross RefCross Ref
  39. [39] Stojmenovic Ivan and Wen Sheng. 2014. The fog computing paradigm: Scenarios and security issues. In Proceedings of the Federated Conference on Computer Science and Information Systems. 18. Google ScholarGoogle ScholarCross RefCross Ref
  40. [40] Stojmenovic Ivan, Wen Sheng, Huang Xinyi, and Luan Hao. 2016. An overview of fog computing and its security issues. Concurr. Comput.: Pract. Exp. 28, 10 (2016), 29913005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. [41] Storer Mark W., Greenan Kevin, Long Darrell D. E., and Miller Ethan L.. 2008. Secure data deduplication. In Proceedings of the 4th ACM International Workshop on Storage Security and Survivability (StorageSS’08). ACM, New York, NY, 110. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. [42] Wang Liang, Wang Baocang, Song Wei, and Zhang Zhili. 2019. A key-sharing based secure deduplication scheme in cloud storage. Inf. Sci. 504 (2019), 4860. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. [43] Yang Xue, Lu Rongxing, Shao Jun, Tang Xiaohu, and Ghorbani Ali A.. 2022. Achieving efficient secure deduplication with user-defined access control in cloud. IEEE Trans. Depend. Sec. Comput. 19, 1 (2022), 591606. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. [44] Yi Shanhe, Hao Zijiang, Qin Zhengrui, and Li Qun. 2015. Fog computing: Platform and applications. In Proceedings of the 3rd IEEE Workshop on Hot Topics in Web Systems and Technologies (HotWeb’15). 7378. Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. [45] Zhang Yuan, Xu Chunxiang, Cheng Nan, and Shen Xuemin. 2019. Secure encrypted data deduplication for cloud storage against compromised key servers. In Proceedings of the IEEE Global Communications Conference (GLOBECOM’19). 16. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. [46] Zhang Yuan, Xu Chunxiang, Li Hongwei, Yang Kan, Zhou Jianying, and Lin Xiaodong. 2018. HealthDep: An efficient and secure deduplication scheme for cloud-assisted ehealth systems. IEEE Trans. Industr. Inf. 14, 9 (2018), 41014112. Google ScholarGoogle ScholarCross RefCross Ref
  47. [47] Zhang Ye, Xue Chun Jason, Wong Duncan S., Mamoulis Nikos, and Yiu Siu Ming. 2012. Acceleration of composite order bilinear pairing on graphics hardware. In Information and Communications Security. Springer, Berlin, 341348.Google ScholarGoogle Scholar
  48. [48] Zheng Yifeng, Yuan Xingliang, Wang Xinyu, Jiang Jinghua, Wang Cong, and Gui Xiaolin. 2017. Toward encrypted cloud media center with secure deduplication. IEEE Trans. Multimedia 19, 2 (2017), 251265. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Secure and Efficient Hybrid Data Deduplication in Edge Computing

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    • Published in

      cover image ACM Transactions on Internet Technology
      ACM Transactions on Internet Technology  Volume 22, Issue 3
      August 2022
      631 pages
      ISSN:1533-5399
      EISSN:1557-6051
      DOI:10.1145/3498359
      • Editor:
      • Ling Liu
      Issue’s Table of Contents

      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      • Published: 25 July 2022
      • Online AM: 14 May 2022
      • Accepted: 1 May 2022
      • Revised: 1 March 2022
      • Received: 1 December 2020
      Published in toit Volume 22, Issue 3

      Permissions

      Request permissions about this article.

      Request Permissions

      Check for updates

      Qualifiers

      • research-article
      • Refereed
    • Article Metrics

      • Downloads (Last 12 months)332
      • Downloads (Last 6 weeks)19

      Other Metrics

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Full Text

    View this article in Full Text.

    View Full Text

    HTML Format

    View this article in HTML Format .

    View HTML Format
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!