当前位置:
X-MOL 学术
›
IEEE Trans. Dependable Secure Comput.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Security-Aware Data Allocation in Multicloud Scenarios
IEEE Transactions on Dependable and Secure Computing ( IF 7.0 ) Pub Date : 2019-11-19 , DOI: 10.1109/tdsc.2019.2953068 Sabrina De Capitani di Vimercati , Sara Foresti , Giovanni Livraga , Vincenzo Piuri , Pierangela Samarati
IEEE Transactions on Dependable and Secure Computing ( IF 7.0 ) Pub Date : 2019-11-19 , DOI: 10.1109/tdsc.2019.2953068 Sabrina De Capitani di Vimercati , Sara Foresti , Giovanni Livraga , Vincenzo Piuri , Pierangela Samarati
When moving large and heterogeneous data collections to the cloud, a key requirement concerns the selection of the most suitable (set of) cloud service(s) for outsourcing. Not only can different resources have different characteristics and requirements, but different cloud providers can also offer different services and security guarantees, and can have different costs. Selecting a single service for outsourcing an entire data collection can result in a non-optimal solution, as a single service satisfying, at reasonable costs, all the requirements specified by the data owner might not exist. Selecting a set of services could instead ensure the satisfaction of the requirements, possibly with economic advantages. In this article, we address this problem and present a flexible and expressive, yet simple model for supporting data owners in identifying a proper allocation of their resources to a set of cloud services. Our model allows data owners to specify in an easy and intuitive way protection requirements operating at the granularity level of single resource (or class thereof), and representing the minimum security guarantees that a cloud service must offer to store resources. Resources can be outsourced in plaintext or encrypted form, depending on their requirements and on what is the most convenient allocation. Data owners can then also specify global allocation requirements that apply to the overall allocation, to reduce the burden on their side and to avoid excessive fragmentation of the resource collection. We solve the problem of finding an allocation that satisfies both the protection and the global allocation requirements, while minimizing economic costs, by formulating it as a binary programming problem, thus allowing the use of existing techniques for its efficient solution.
中文翻译:
多云场景中的安全感知数据分配
将大型异构数据集合移动到云时,一个关键要求涉及选择最适合外包的(一组)云服务。不仅不同的资源可以有不同的特点和要求,而且不同的云提供商也可以提供不同的服务和安全保障,并且可以有不同的成本。选择单一服务外包整个数据收集可能会导致非最佳解决方案,因为单一服务以合理的成本满足数据所有者指定的所有要求可能不存在。选择一组服务可以确保满足要求,可能具有经济优势。在这篇文章中,我们解决了这个问题,并提出了一个灵活而富有表现力的,支持数据所有者确定将其资源正确分配到一组云服务的简单模型。我们的模型允许数据所有者以简单直观的方式指定在单个资源(或其类别)的粒度级别运行的保护要求,并表示云服务必须提供的最低安全保证来存储资源。资源可以以明文或加密形式外包,具体取决于它们的要求和最方便的分配方式。然后,数据所有者还可以指定适用于整体分配的全局分配要求,以减轻他们的负担并避免资源集合的过度碎片化。我们解决了找到既满足保护又满足全局分配要求的分配问题,
更新日期:2019-11-19
中文翻译:
多云场景中的安全感知数据分配
将大型异构数据集合移动到云时,一个关键要求涉及选择最适合外包的(一组)云服务。不仅不同的资源可以有不同的特点和要求,而且不同的云提供商也可以提供不同的服务和安全保障,并且可以有不同的成本。选择单一服务外包整个数据收集可能会导致非最佳解决方案,因为单一服务以合理的成本满足数据所有者指定的所有要求可能不存在。选择一组服务可以确保满足要求,可能具有经济优势。在这篇文章中,我们解决了这个问题,并提出了一个灵活而富有表现力的,支持数据所有者确定将其资源正确分配到一组云服务的简单模型。我们的模型允许数据所有者以简单直观的方式指定在单个资源(或其类别)的粒度级别运行的保护要求,并表示云服务必须提供的最低安全保证来存储资源。资源可以以明文或加密形式外包,具体取决于它们的要求和最方便的分配方式。然后,数据所有者还可以指定适用于整体分配的全局分配要求,以减轻他们的负担并避免资源集合的过度碎片化。我们解决了找到既满足保护又满足全局分配要求的分配问题,
京公网安备 11010802027423号