Abstract
As an extension of cloud computing, edge computing introduces additional intermediate devices, called edge nodes near clients, providing computing services on behalf of the central cloud more efficiently. Although edge computing brings several benefits such as low latency and bandwidth savings on the edge side, rapid increase in the amount of data transmitted to the central cloud hinders efficient utilization of the storage system on the central cloud side especially when the data from edge devices are encrypted. To mitigate this issue in a privacy-preserving manner, data deduplication techniques for encrypted data have been extensively studied to enhance both the security and efficiency in the conventional cloud system with two different approaches. A server-side secure deduplication approach protects data privacy but impairs network efficiency by allowing duplicate uploads, while a client-side one improves network efficiency but suffers from potential information leakage due to its vulnerability to the side-channel attack. In this article, we propose a hybrid secure deduplication scheme for edge computing, which guarantees both advantages of the aforementioned two approaches. Specifically, our scheme guarantees data privacy by applying the server-side deduplication technique between the client and the edge nodes and maximizes network efficiency through the client-side deduplication technique between the edge nodes and the cloud. In addition, we devise a novel additively homomorphic encryption for efficient deduplication operations in the resource-limited edge nodes. Based on our experimental results, the proposed scheme reduces the communication costs by approximately 2.5 times for a storage server when the duplicate ratio is 50%, and the response time is reduced by about 2 times when the data size is 16 MB.
- [1] [n.d.]. Amazon Elastic Compute Cloud (EC2). Retrieved from http://aws.amazon.com/ec2.Google Scholar
- [2] 1995. IEEE Standards for Local and Metropolitan Area Networks: Supplement—Media Access Control (MAC) Parameters, Physical Layer, Medium Attachment Units, and Repeater for 100Mb/s Operation, Type 100BASE-T (clauses 21-30). IEEE Std 802.3u-1995 (Supplement to ISO/IEC 8802-3: 1993; ANSI/IEEE Std 802.3, 1993 Edition), 1–415. Google Scholar
Cross Ref
- [3] 2018. IEEE Standard for Ethernet. IEEE Std 802.3-2018 (Revision of IEEE Std 802.3-2015), 1–5600. Google Scholar
Cross Ref
- [4] . 2005. Simple password-based encrypted key exchange protocols. In Topics in Cryptology – CT-RSA 2005. Springer, Berlin, 191–208. Google Scholar
Digital Library
- [5] . 2013. Lucky thirteen: Breaking the TLS and DTLS record protocols. In Proceeeings of the IEEE Symposium on Security and Privacy. 526–540. Google Scholar
Digital Library
- [6] . 2016. Lucky microseconds: A timing attack on amazon’s s2n implementation of TLS. In Advances in Cryptology – EUROCRYPT 2016. Springer, Berlin, 622–643. Google Scholar
Cross Ref
- [7] . 2015. Transparent data deduplication in the cloud. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS’15). ACM, New York, NY, 886–900. Google Scholar
Digital Library
- [8] . 2016. DROWN: Breaking TLS using SSLv2. In Proceedings of the 25th USENIX Security Symposium (USENIX Security’16). USENIX Association, 689–706.Google Scholar
- [9] . 2003. The one-more-RSA-inversion problems and the security of chaum’s blind signature scheme. J. Cryptol. 16, 3 (2003), 185–215. Google Scholar
Cross Ref
- [10] . 2015. Interactive message-locked encryption and secure deduplication. In Public-Key Cryptography – PKC 2015. Springer, Berlin, 516–538. Google Scholar
Cross Ref
- [11] . 2013. DupLESS: Server-aided encryption for deduplicated storage. In Proceedings of the 22nd USENIX Security Symposium (USENIX Security’13). USENIX Association, 179–194.Google Scholar
- [12] . 2013. Message-locked encryption and secure deduplication. In Advances in Cryptology – EUROCRYPT 2013. Springer, Berlin, 296–312. Google Scholar
Cross Ref
- [13] . 1992. Encrypted key exchange: Password-based protocols secure against dictionary attacks. In Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy. IEEE, 72–84. Google Scholar
Cross Ref
- [14] . 2014. Triple handshakes and cookie cutters: Breaking and fixing authentication over TLS. In Proceedings of the IEEE Symposium on Security and Privacy. 98–113. Google Scholar
Digital Library
- [15] . 2014. On strong simulation and composable point obfuscation. J. Cryptol. 27, 2 (2014), 317–357.Google Scholar
Digital Library
- [16] . 2012. Fog computing and its role in the internet of things. In Proceedings of the 1st Edition of the MCC Workshop on Mobile Cloud Computing (MCC’12). ACM, New York, NY, 13–16. Google Scholar
Digital Library
- [17] . 2011. Remote timing attacks are still practical. In Computer Security – ESORICS 2011. Springer, Berlin, 355–371. Google Scholar
Cross Ref
- [18] . 2005. Efficient aggregation of encrypted data in wireless sensor networks. In Proceedings of the 2nd Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services. 109–117. Google Scholar
Digital Library
- [19] . 2002. Reclaiming space from duplicate files in a serverless distributed file system. In Proceedings of the 22nd International Conference on Distributed Computing Systems. 617–624. Google Scholar
Cross Ref
- [20] . 2014. Distributed key generation for encrypted deduplication: Achieving the strongest privacy. In Proceedings of the 6th Edition of the ACM Workshop on Cloud Computing Security (CCSW’14). ACM, New York, NY, 57–68. Google Scholar
Digital Library
- [21] . 1985. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory 31, 4 (1985), 469–472. Google Scholar
Digital Library
- [22] . 2009. A Fully Homomorphic Encryption Scheme. Stanford University.Google Scholar
Digital Library
- [23] . 2011. Proofs of ownership in remote storage systems. In Proceedings of the ACM Conference on Computer and Communications Security(CCS’11). Association for Computing Machinery, New York, NY, 491–500. Google Scholar
Digital Library
- [24] . 2010. Side channels in cloud services: Deduplication in cloud storage. IEEE Secur. Priv. 8, 6 (2010), 40–47. Google Scholar
Digital Library
- [25] 2015. Fog Computing and the Internet of Things: Extend the Cloud to Where the Things Are. Retrieved from https://www.cisco.com/c/dam/en_us/solutions/trends/iot/docs/computing-overview.pdf.Google Scholar
- [26] . 2015. Encryption Performance Improvements of the Paillier Cryptosystem. Retrieved from https://ia.cr/2015/864.Google Scholar
- [27] . 2014. Introduction to Modern Cryptography. CRC Press, Boca Raton, FL.Google Scholar
Cross Ref
- [28] . 2016. A hybrid deduplication for secure and efficient data outsourcing in fog computing. In Proceedings of the IEEE International Conference on Cloud Computing Technology and Science (CloudCom’16). 285–293. Google Scholar
Cross Ref
- [29] . 2019. Secure deduplication system with active key update and its application in IoT. ACM Trans. Intell. Syst. Technol. 10, 6, Article
69 (October 2019), 21 pages. Google ScholarDigital Library
- [30] . 2019. CSED: Client-side encrypted deduplication scheme based on proofs of ownership for cloud storage. J. Inf. Secur. Appl. 46 (2019), 250–258. Google Scholar
Digital Library
- [31] . 2015. Secure deduplication of encrypted data without additional independent servers. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS’15). ACM, New York, NY, 874–885. Google Scholar
Digital Library
- [32] . 2012. A study of practical deduplication. ACM Trans. Storage 7, 4, Article
14 (February 2012), 20 pages. Google ScholarDigital Library
- [33] . 2014. Practical homomorphic encryption: A survey. In Proceedings of the IEEE International Symposium on Circuits and Systems (ISCAS’14). 2792–2795. Google Scholar
Cross Ref
- [34] . 2011. Dark clouds on the horizon: Using cloud storage as attack vector and online slack space. In Proceedings of the 20th USENIX Security Symposium (USENIX Security’11). USENIX Association, San Francisco, CA.Google Scholar
- [35] . 2020. Providing task allocation and secure deduplication for mobile crowdsensing via fog computing. IEEE Trans. Depend. Sec. Comput. 17, 3 (2020), 581–594. Google Scholar
Cross Ref
- [36] . 1999. Public-key cryptosystems based on composite degree residuosity classes. In Advances in Cryptology – EUROCRYPT’99”. Springer, Berlin, 223–238. Google Scholar
Cross Ref
- [37] . 2013. ClouDedup: Secure deduplication with encrypted data for cloud storage. In Proceedings of the IEEE 5th International Conference on Cloud Computing Technology and Science, Vol. 1. 363–370. Google Scholar
Digital Library
- [38] . 2014. A secure data deduplication scheme for cloud storage. In Financial Cryptography and Data Security. Springer, Berlin, 99–118. Google Scholar
Cross Ref
- [39] . 2014. The fog computing paradigm: Scenarios and security issues. In Proceedings of the Federated Conference on Computer Science and Information Systems. 1–8. Google Scholar
Cross Ref
- [40] . 2016. An overview of fog computing and its security issues. Concurr. Comput.: Pract. Exp. 28, 10 (2016), 2991–3005. Google Scholar
Digital Library
- [41] . 2008. Secure data deduplication. In Proceedings of the 4th ACM International Workshop on Storage Security and Survivability (StorageSS’08). ACM, New York, NY, 1–10. Google Scholar
Digital Library
- [42] . 2019. A key-sharing based secure deduplication scheme in cloud storage. Inf. Sci. 504 (2019), 48–60. Google Scholar
Digital Library
- [43] . 2022. Achieving efficient secure deduplication with user-defined access control in cloud. IEEE Trans. Depend. Sec. Comput. 19, 1 (2022), 591–606. Google Scholar
Digital Library
- [44] . 2015. Fog computing: Platform and applications. In Proceedings of the 3rd IEEE Workshop on Hot Topics in Web Systems and Technologies (HotWeb’15). 73–78. Google Scholar
Digital Library
- [45] . 2019. Secure encrypted data deduplication for cloud storage against compromised key servers. In Proceedings of the IEEE Global Communications Conference (GLOBECOM’19). 1–6. Google Scholar
Digital Library
- [46] . 2018. HealthDep: An efficient and secure deduplication scheme for cloud-assisted ehealth systems. IEEE Trans. Industr. Inf. 14, 9 (2018), 4101–4112. Google Scholar
Cross Ref
- [47] . 2012. Acceleration of composite order bilinear pairing on graphics hardware. In Information and Communications Security. Springer, Berlin, 341–348.Google Scholar
- [48] . 2017. Toward encrypted cloud media center with secure deduplication. IEEE Trans. Multimedia 19, 2 (2017), 251–265. Google Scholar
Digital Library
Index Terms
Secure and Efficient Hybrid Data Deduplication in Edge Computing
Recommendations
A secure data deduplication framework for cloud environments
PST '12: Proceedings of the 2012 Tenth Annual International Conference on Privacy, Security and Trust (PST)Cloud computing has empowered the individual user by providing seemingly unlimited storage space and availability and accessibility of data anytime and anywhere. Cloud service providers are able to maximize data storage space by incorporating data ...
Deviceless edge computing: extending serverless computing to the edge of the network
SYSTOR '17: Proceedings of the 10th ACM International Systems and Storage ConferenceThe serverless paradigm has been rapidly adopted by developers of cloud-native applications, mainly because it relieves them from the burden of provisioning, scaling and operating the underlying infrastructure. In this paper, we propose a novel ...
Edge computing: A survey
AbstractIn recent years, the Edge computing paradigm has gained considerable popularity in academic and industrial circles. It serves as a key enabler for many future technologies like 5G, Internet of Things (IoT), augmented reality and ...
Highlights- A comprehensive survey on edge computing, i.e., Fog, Mobile-edge and Cloudlet.
- ...






Comments