DocumentCode :
3575144
Title :
A Secure Two-Phase Data Deduplication Scheme
Author :
Meye, Pierre ; Raipin, Philippe ; Tronel, Frederic ; Anceaume, Emmanuelle
Author_Institution :
Orange Labs., Orange, France
fYear :
2014
Firstpage :
802
Lastpage :
809
Abstract :
Data grows at the impressive rate of 50% per year, and 75% of the digital world is a copy! Although keeping multiple copies of data is necessary to guarantee their availability and long term durability, in many situations the amount of data redundancy is immoderate. By keeping a single copy of repeated data, data deduplication is considered as one of the most promising solutions to reduce the storage costs, and improve users experience by saving network bandwidth and reducing backup time. However, this solution must now solve many security issues to be completely satisfying. In this paper we target the attacks from malicious clients that are based on the manipulation of data identifiers and those based on backup time and network traffic observation. We present a deduplication scheme mixing an intraand an inter-user deduplication in order to build a storage system that is secure against the aforementioned type of attacks by controlling the correspondence between files and their identifiers, and making the inter-user deduplication unnoticeable to clients using deduplication proxies. Our method provides global storage space savings, per-client bandwidth network savings between clients and deduplication proxies, and global network bandwidth savings between deduplication proxies and the storage server. The evaluation of our solution compared to a classic system shows that the overhead introduced by our scheme is mostly due to data encryption which is necessary to ensure confidentiality.
Keywords :
client-server systems; cryptography; storage management; telecommunication traffic; backup time; data confidentiality; data identifier manipulation; data redundancy; data security; deduplication proxies; global network bandwidth savings; global storage space savings; interuser deduplication; intrauser deduplication; malicious clients; network bandwidth; network traffic observation; per-client bandwidth network savings; secure two-phase data deduplication scheme; storage cost reduction; storage server; storage system security; Bandwidth; Cloud computing; Delays; Encryption; Servers; Cloud storage; data confidentiality; data deduplication;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
High Performance Computing and Communications, 2014 IEEE 6th Intl Symp on Cyberspace Safety and Security, 2014 IEEE 11th Intl Conf on Embedded Software and Syst (HPCC,CSS,ICESS), 2014 IEEE Intl Conf on
Print_ISBN :
978-1-4799-6122-1
Type :
conf
DOI :
10.1109/HPCC.2014.134
Filename :
7056835
Link To Document :
بازگشت