Research progress on big data security technology

Xingyuan CHEN; Yuanzhao GAO; Huilin TANG; Xuehui DU

doi:10.1360/N112019-00077

SCIENTIA SINICA Informationis

Download PDF

SCIENTIA SINICA Informationis, Volume 50 , Issue 1 : 25-66(2020) https://doi.org/10.1360/N112019-00077

Research progress on big data security technology

Xingyuan CHEN ^1,2,*, Yuanzhao GAO ^1,2, Huilin TANG ¹, Xuehui DU ¹

More info

ReceivedApr 18, 2019
AcceptedJun 27, 2019
PublishedJan 8, 2020

Previous Table of Contents Next

Rating

iFLYTEK Translation

Abstract

Funded by

国家重点研发计划(2018YFB0803603)

科技创新特区(18-H863-01-ZT-005-017-01)

security technology framework

References

[1] Computer Emergency Rediness Team. 2017 security report--data breach. Qihoo 360 Technology Co. Ltd., 2018. Google Scholar

[2] Li X L, Gong H G. A survey on big data systems. Sci Sin Inform, 2015, 45: 1--44. Google Scholar

[3] Alshboul Y, Wang Y. Big data lifecycle: Threats and security model. In: Proceedings of the 21st Americas Conference on Information Systems, Fajardo, 2015. 3623--3629. Google Scholar

[4] Mehmood A, Natgunanathan I, Xiang Y. Protection of Big Data Privacy. IEEE Access, 2016, 4: 1821-1834 CrossRef Google Scholar

[5] Fang B X, Jia Y, Li A P, et al. Privacy preservation in big data: a survey. Big Data Research, 2016, 2: 1--18. Google Scholar

[6] National Information Security Standardization Technical Committee. Information Security Technology -- Big Data Security Management Guide (Draft for Comments). 2017. Google Scholar

[7] Anant B, Yu C, Adam F, et al. Expanded top ten big data security and privacy challenges. Cloud Security Alliance Big Data Working Group, 2013. Google Scholar

[8] Chang W L, Roy A, Underwood M, et al. NIST big data interoperability framework: volume 4, security and privacy. National Institute of Standards and Technology, 2015. Google Scholar

[9] Wang J M, Chen X S, Liu X G, et al. Big data security standardization white paper (2017). National Information Security Standardization Technical Committee SWG-BDS, 2017. Google Scholar

[10] Tankard C. Big data security. Network Security, 2012, 2012(7): 5-8 CrossRef Google Scholar

[11] Matturdi B, Zhou X, Li S. Big Data security and privacy: A review. China Commun, 2014, 11: 135-145 CrossRef Google Scholar

[12] Bertino E, Ferrari E. Big data security and privacy. In: A Comprehensive Guide Through the Italian Database Research Over the Last 25 Years. Berlin: Springer, 2018. 425--439. Google Scholar

[13] Walshe R, Boyd D. Big Data Reference Architecture - Part 3: Reference Architecture (2nd Working Draft). ISO/IEC JTC1 WG9, 2016. Google Scholar

[14] Mei H, Gao L, Dai H, et al. Information Technology - Big Data - Technical Reference Model. National Information Technoloty Standardization Technical Committee, 2017. Google Scholar

[15] Liang F, Yu W, An D. A Survey on Big Data Market: Pricing, Trading and Protection. IEEE Access, 2018, 6: 15132-15154 CrossRef Google Scholar

[16] Chen J C, Xue Y Z. Bootstrapping a blockchain based ecosystem for big data exchange. In: Proceedings of the 2017 IEEE International Congress on Big Data, Hawaii, 2017. 460--463. Google Scholar

[17] Liang J, Han W, Guo Z. DESC: enabling secure data exchange based on smart contracts. Sci China Inf Sci, 2018, 61: 049102 CrossRef Google Scholar

[18] Nakamoto S. Bitcoin: a peer-to-peer electronic cash system. 2008. Google Scholar

[19] Missier P, Bajoudah S, Capossele A, et al. Mind my value: a decentralized infrastructure for fair and trusted IoT data trading. In: Proceedings of the 7th International Conference on the Internet of Things, Linz, 2017. 15. Google Scholar

[20] Nasonov D, Visheratin A A, Boukhanovsky A. Blockchain-based transaction integrity in distributed big data marketplace. In: Proceedings of the International Conference on Computational Science, Wuxi, 2018. 569--577. Google Scholar

[21] Molinajimenez C, Solaiman E, Sfyrakis I, et al. On and off-blockchain enforcement of smart contracts. In: Euro-Par 2018: Parallel Processing Workshops. Berlin: Springer, 2018. 342--354. Google Scholar

[22] Azaria A, Ekblaw A, Vieira T, et al. MedRec: using blockchain for medical data access and permission management. In: Proceedings of the 2nd International Conference on Open and Big Data, Vienna, 2016. 25--30. Google Scholar

[23] Castaldo L, Cinque V. Blockchain-based logging for the cross-border exchange of ehealth data in Europe. In: Proceedings of the International ISCIS Security Workshop, London, 2018. 46--56. Google Scholar

[24] Yan S, Qing S D, Wei K. Application of blockchain in data circulation. Big Data Res, 2018, 4: 3--12. Google Scholar

[25] Lin I-C, Liao T-C. A survey of blockchain security issues and challenges. IJ Netw Secur, 2017, 19: 653--659. Google Scholar

[26] Dong X Q, Guo B, Shen Y, et al. An Efficient and Secure Decentralizing Data Sharing Model. Chin J Comput, 2018, 41: 1021--1036. Google Scholar

[27] Yang Q. The Challenge of GDPR to AI and the Countermeasures Based on Federated Transfer Learning. CAAI Trans Intell Tech, 2018, 8: 1--8. Google Scholar

[28] Pan S J, Yang Q. A Survey on Transfer Learning. IEEE Trans Knowl Data Eng, 2010, 22: 1345-1359 CrossRef Google Scholar

[29] Sweeney L. k-ANONYMITY: A MODEL FOR PROTECTING PRIVACY. Int J Unc Fuzz Knowl Based Syst, 2002, 10: 557-570 CrossRef Google Scholar

[30] Feng D G, Zhang M, Li H. Big data security and privacy protection. Chinese Journal of Computers, 2014, 37: 246--258. Google Scholar

[31] Byun J W, Sohn Y, Bertino E, et al. Secure Anonymization for Incremental Datasets. Berlin: Springer, 2006. Google Scholar

[32] Xiao X K, Tao Y F. M-invariance: towards privacy preserving re-publication of dynamic datasets. In: Proceedings of ACM SIGMOD International Conference on Management of Data, Beijing, 2007. 689--700. Google Scholar

[33] Bu Y, Fu A W C, Wong R C W. Privacy preserving serial data publishing by role composition. Proc VLDB Endow, 2008, 1: 845-856 CrossRef Google Scholar

[34] Fu Y Y, Fu H, Xie X. Social network anonymization and privacy protection. Communications of the CCF, 2014, 10: 51--58. Google Scholar

[35] Liu P, Li X X. An improved privacy preserving algorithm for publishing social network data. In: Proceedings of the 10th IEEE International Conference on High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing, Zhangjiajie, 2013. 888--895. Google Scholar

[36] Zou L, Chen L, ?zsu M T. k-automorphism. Proc VLDB Endow, 2009, 2: 946-957 CrossRef Google Scholar

[37] Yuan M, Chen L, Yu P S. Protecting Sensitive Labels in Social Network Data Anonymization. IEEE Trans Knowl Data Eng, 2013, 25: 633-647 CrossRef Google Scholar

[38] Fu Y Y, Zhang M, Feng D G, et al. Attribute Privacy Preservation in Social Networks Based on Node Anatomy. Journal of Sotfware, 2014, 25: 768--780. Google Scholar

[39] Tassa T, Cohen D J. Anonymization of Centralized and Distributed Social Networks by Sequential Clustering. IEEE Trans Knowl Data Eng, 2013, 25: 311-324 CrossRef Google Scholar

[40] Skarkala M E, Maragoudakis M, Gritzalis S, et al. Privacy preservation by k-anonymization of weighted social networks. In: Proceedings of the 2012 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining, Istanbul, 2012. 423--428. Google Scholar

[41] Gruteser M, Grunwald D. Anonymous usage of location-based services through spatial and temporal cloaking. In: Proceedings of the 1st International Conference on Mobile Systems, Applications and Services, San Francisco, 2003. 31--42. Google Scholar

[42] Dewri R, Ray I, Ray I, et al. Query m-invariance: preventing query disclosures in continuous location-based services. In: Proceedings of the 11th International Conference on Mobile Data Management, Kansas City, 2010. 95--104. Google Scholar

[43] Huo Z, Meng X F. Chin J Comput, 2011, 34: 1820-1830 CrossRef Google Scholar

[44] Poulis G, Skiadopoulos S, Loukides G, et al. Distance-based km-anonymization of trajectory data. In: Proceedings of the 14th International Conference on Mobile Data Management, Milan, 2013. 57--62. Google Scholar

[45] Gidofalvi G, Huang X, Pedersen T B. Privacy-preserving data mining on moving object trajectories. In: Proceedings of the 8th International Conference on Mobile data management, Mannheim, 2007. 60--68. Google Scholar

[46] Xu T, Cai Y. Exploring historical location data for anonymity preservation in location-based services. In: Proceedings of the 27th Conference on Computer Communications, Phoenix, 2008. 547--555. Google Scholar

[47] Huo Z, Meng X F. A trajectory data publication method under differential privacy. Chinese Journal of Computers, 2018, 41: 400-412. Google Scholar

[48] Dwork C. Differential privacy. In: Proceedings of the 33rd International Colloquium on Automata, Languages and Programming, Venice, 2006. 1--12. Google Scholar

[49] Sala A, Zhao X, Wilson C, et al. Sharing graphs using differentially private graph models. In: Proceedings of ACM SIGCOMM Conference on Internet Measurement Conference, 2011. 81--98. Google Scholar

[50] Wagner I, Eckhoff D. Technical Privacy Metrics. ACM Comput Surv, 2018, 51: 1-38 CrossRef Google Scholar

[51] Friedman A, Schuster A. Data mining with differential privacy. In: Proceedings of the 16th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, Washington, 2010. 493--502. Google Scholar

[52] Xiong P, Zhu T Q, Wang X F. A Survey on Differential Privacy and Applications. Chinese Journal of Computers, 2014, 37: 101--122. Google Scholar

[53] Warner S L. Randomized Response: A Survey Technique for Eliminating Evasive Answer Bias. J Am Statistical Association, 1965, 60: 63-69 CrossRef Google Scholar

[54] Ye Q Q, Meng X F, Zhu M J, et al. Survey on local differential privacy. J Softw, 2018, 29: 1981--2005. Google Scholar

[55] Qin Z, Yang Y, Yu T, et al. Heavy hitter estimation over set-valued data with local differential privacy. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, 2016. 192--203. Google Scholar

[56] Xu C, Ren J, Zhang Y. DPPro: Differentially Private High-Dimensional Data Release via Random Projection. IEEE TransInformForensic Secur, 2017, 12: 3081-3093 CrossRef Google Scholar

[57] Ren X, Yu C M, Yu W. IEEE TransInformForensic Secur, 2018, 13: 2151-2166 CrossRef Google Scholar

[58] Liyue Fan , Li Xiong . An Adaptive Approach to Real-Time Aggregate Monitoring With Differential Privacy. IEEE Trans Knowl Data Eng, 2014, 26: 2094-2106 CrossRef Google Scholar

[59] Chan T H, Shi E, Song D. Private and continual release of statistics. In: Proceedings of International Colloquium Conference on Automata, Languages and Programming, 2010. 405--417. Google Scholar

[60] Agrawal R, Srikant R. Privacy-preserving data mining. In: Proceedings of the 2000 ACM SIGMOD International Conference on Management of Data, Dallas, 2000. 439--450. Google Scholar

[61] Zhou S G, Li F, Tao Y F. Chin J Comput, 2009, 32: 847-861 CrossRef Google Scholar

[62] Cheng X, Su S, Xu S. DP-Apriori: A differentially private frequent itemset mining algorithm based on transaction splitting. Comput Security, 2015, 50: 74-90 CrossRef Google Scholar

[63] McSherry F D. Privacy integrated queries: an extensible platform for privacy-preserving data analysis. In: Proceedings of the 2009 ACM SIGMOD International Conference on Management of data, Providence, 2009. 19--30. Google Scholar

[64] Chaudhuri K, Monteleoni C, Sarwate A D. Differentially private empirical risk minimization. J Mach Learn Res, 2011, 12: 1069--1109. Google Scholar

[65] Zhang J, Zhang Z, Xiao X. Functional mechanism. Proc VLDB Endow, 2012, 5: 1364-1375 CrossRef Google Scholar

[66] Dwork C. A firm foundation for private data analysis. Commun ACM, 2011, 54: 86 CrossRef Google Scholar

[67] Kang H Y, Ma Y L. Survey on Application of Data Mining via Differential Privacy. Journal of Shandong University (Natural Science), 2017, 52: 16--23. Google Scholar

[68] Li N, Qardaji W, Su D. PrivBasis. Proc VLDB Endow, 2012, 5: 1340-1351 CrossRef Google Scholar

[69] Lin C, Song Z, Song H. Differential Privacy Preserving in Big Data Analytics for Connected Health.. J Med Syst, 2016, 40: 97 CrossRef PubMed Google Scholar

[70] Roy I, Setty S T, Kilzer A, et al. Airavat: security and privacy for MapReduce. In: Proceedings of the 7th USENIX Symposium on Networked Systems Design and Implementation, San Jose, 2010. 297--312. Google Scholar

[71] Rivest R L, Adleman L, Dertouzos M L. On data banks and privacy homomorphisms. Foundations Secure Comput, 1978, 4: 169--180. Google Scholar

[72] Graepel T, Lauter K, Naehrig M. ML confidential: machine learning on encrypted data. In: Proceedings of the 15th International Conference on Information Security and Cryptology, Seoul, 2012. 1--21. Google Scholar

[73] Almutairi N, Coenen F, Dures K. K-means clustering using homomorphic encryption and an updatable distance matrix: secure third party data clustering with limited data owner interaction. In: Proceedings of the 19th International Conference on Big Data Analytics and Knowledge Discovery, Lyon, 2017. 274--285. Google Scholar

[74] Li L, Lu R, Choo K K R. Privacy-Preserving-Outsourced Association Rule Mining on Vertically Partitioned Databases. IEEE TransInformForensic Secur, 2016, 11: 1847-1861 CrossRef Google Scholar

[75] Wang B, Zhan Y, Zhang Z. Cryptanalysis of a Symmetric Fully Homomorphic Encryption Scheme. IEEE TransInformForensic Secur, 2018, 13: 1460-1467 CrossRef Google Scholar

[76] Gilad-Bachrach R, Dowlin N, Laine K, et al. Cryptonets: applying neural networks to encrypted data with high throughput and accuracy. In: Proceedings of the 33rd International Conference on Machine Learning, New York, 2016. 201--210. Google Scholar

[77] Ben-Or M, Goldwasser S, Wigderson A. Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: Proceedings of the 20th Annual ACM Symposium on Theory of Computing, Chicago, 1988. 1--10. Google Scholar

[78] Zhou S F, Dou J W, Guo Y M, et al. Secure multiparty vector computation. Chin J Comput, 2017, 40: 1134--1150. Google Scholar

[79] Catak F Ö. Secure multi-party computation based privacy preserving extreme learning machine algorithm over vertically distributed data. In: Proceedings of the 22nd International Conference on Neural Information Processing, Istanbul, 2015. 337--345. Google Scholar

[80] ?nan A, Kaya S V, Sayg?n Y. Privacy preserving clustering on horizontally partitioned data. Data Knowledge Eng, 2007, 63: 646-666 CrossRef Google Scholar

[81] Kamara S, Mohassel P, Raykova M, et al. Scaling private set intersection to billion-element sets. In: Proceedings of the 18th International Conference on Financial Cryptography and Data Security, Barbados, 2014. 195--215. Google Scholar

[82] Jiang H, Xu Q L. Secure multiparty computation in cloud computing. J Comput Res Develop, 2016, 53: 2152--2162. Google Scholar

[83] Asharov G, Jain A, López-Alt A, et al. Multiparty computation with low communication, computation and interaction via threshold FHE. In: Proceedings of the 31st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cambridge, 2012. 483--501. Google Scholar

[84] López-Alt A, Tromer E, Vaikuntanathan V. On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption. In: Proceedings of the 44th Annual ACM Symposium on Theory of Computing, New York, 2012. 1219--1234. Google Scholar

[85] Peter A, Tews E, Katzenbeisser S. Efficiently Outsourcing Multiparty Computation Under Multiple Keys. IEEE TransInformForensic Secur, 2013, 8: 2046-2058 CrossRef Google Scholar

[86] Damgard I, Pastro V, Smart N, et al. Multiparty computation from somewhat homomorphic encryption. In: Advances in Cryptology-CRYPTO 2012. Berlin: Springer, 2012. 643--662. Google Scholar

[87] Liu M H, Zhang N, Zhang Y X, et al. Research on sensitive data protection technology on cloud computing. Telecommun Sci, 2014, 30: 2--8. Google Scholar

[88] Chen T Y, Chen J F. Intelligent data masking system for big data productive environment. Commun Tech, 2016, 49: 915--922. Google Scholar

[89] Jin J, Ping X J, Zhang T, et al. Survey of text localization techniques in images. Appl Res Comput, 2007, 24: 8--11. Google Scholar

[90] Black J, Rogaway P. Ciphers with arbitrary finite domains. In: Proceedings of the Cryptographers' Track at the RSA Conference, San Jose, 2002. 114--130. Google Scholar

[91] Joseph F, Brian L. Magic Quadrant for Data Masking Technology. Gartner, 2013. Google Scholar

[92] Wang J M, Liu X G, Jin T, et al. Big data security standardization white paper (2018). National Information Security Standardization Technical Committee SWG-BDS, 2018. Google Scholar

[93] Chang W L. NIST Big Data Interoperability Framework: Volume 6, Reference Architecture. NIST, 2015. Google Scholar

[94] Das D, O'Malley O, Radia S, et al. Adding security to apache hadoop. Hortonworks, 2011. Google Scholar

[95] Zhang K, Zhou X Y, Chen Y, et al. Sedic: Privacy-Aware Data Intensive Computing on Hybrid Clouds. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, Chicago, 2011. 515--526. Google Scholar

[96] Zhang C, Chang E C, Yap R H C. Tagged-MapReduce: a general framework for secure computing with mixed-sensitivity data on hybrid clouds. In: Proceedings of the 14th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, Chicago, 2014. 31--40. Google Scholar

[97] Oktay K Y, Mehrotra S, Khadilkar V, et al. SEMROD: secure and efficient MapReduce over HybriD clouds. In: Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data, Melbourne, 2015. 153--166. Google Scholar

[98] Shen Q N, Qing S H, Wu Z H, et al. Securely redundant scheduling policy for MapReduce based on dynamic domains partition. J Commun, 2014, 35: 34--46. Google Scholar

[99] Mckeen F, Alexandrovich I, Berenzon A, et al. Innovative instructions and software model for isolated execution. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, Tel-Aviv, 2013. 10. Google Scholar

[100] Schuster F, Costa M, Fournet C, et al. VC3: trustworthy data analytics in the cloud using SGX. In: Proceedings of the 36th IEEE Symposium on Security and Privacy, San Jose, 2015. 38--54. Google Scholar

[101] Pires R, Gavril D, Felber P, et al. A lightweight MapReduce framework for secure processing with SGX. In: Proceedings of the 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, Madrid, 2017. 1100--1107. Google Scholar

[102] Ohrimenko O, Costa M, Fournet C, et al. Observing and preventing leakage in MapReduce. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, 2015. 1570--1581. Google Scholar

[103] Schwarz M, Weiser S, Gruss D, et al. Malware guard extension: using SGX to conceal cache attacks. In: Proceedings of the 2017 International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, Bonn, 2017. 3--24. Google Scholar

[104] Sharma P P, Navdeti C P. Securing big data hadoop: a review of security issues, threats and solution. Int J Comput Sci Inf Tech, 2014, 5: 2126--2131. Google Scholar

[105] Ning F X, Wen Y, Shi G. GuardSpark: access control enforcement in spark. J Cyber Secur, 2017, 2: 70--81. Google Scholar

[106] Ulusoy H, Colombo P, Ferrari E, et al. GuardMR: fine-grained security policy enforcement for MapReduce systems. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, Singapore, 2015. 285--296. Google Scholar

[107] Preuveneers D, Joosen W. SparkXS: efficient access control for intelligent and large-scale streaming data applications. In: Proceedings of the 11th International Conference on Intelligent Environments, Prague, 2015. 96--103. Google Scholar

[108] Wang J H, Liu C Y, Wang G F, et al. Review of trusted cloud computing based on proof-based verifiable computation. Chin J Comput, 2016, 39: 286--304. Google Scholar

[109] Braun B, Feldman A J, Ren Z, et al. Verifying computations with state. In: Proceedings of the 24th ACM Symposium on Operating Systems Principles, Farmington, 2013. 341--357. Google Scholar

[110] Ding Y, Wang H M, Shi P C, et al. Trusted cloud service. Chin J Comput, 2015, 38: 133--149. Google Scholar

[111] Wei W, Du J, Yu T, et al. Securemr: a service integrity assurance framework for mapreduce. In: Proceedings of the Annual Computer Security Applications Conference, Honolulu, 2009. 73--82. Google Scholar

[112] Wang Y Z, Wei J P. Viaf: verification-based integrity assurance framework for mapreduce. In: Proceedings of the 2011 IEEE International Conference on Cloud Computing, Washington, 2011. 300--307. Google Scholar

[113] Xiao Z F, Xiao Y. Accountable MapReduce in cloud computing. In: Proceedings of Computer Communications Workshops, 2011. 1082--1087. Google Scholar

[114] Huang C, Zhu S C, Wu D H. Towards trusted services: Result verification schemes for mapreduce. In: Proceedings of the 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, Ottawa, 2012. 41--48. Google Scholar

[115] Ruan A, Martin A. Tmr: towards a trusted mapreduce infrastructure. In: Proceedings of the IEEE 8th World Congress on Services, Honolulu, 2012. 141--148. Google Scholar

[116] Wang Y Z, Wei J P, Srivatsa M. Result integrity check for mapreduce computation on hybrid clouds. In: Proceedings of the IEEE Sixth International Conference on Cloud Computing, Santa Clara, 2013. 847--854. Google Scholar

[117] Gentry C. Fully homomorphic encryption using ideal lattices. In: Proceedings of the 41st ACM Symposium on Theory of Computing, Washington, 2009. 169--178. Google Scholar

[118] China Association for Science and Technoloty. 2014 2015 Report on Advances in Cryptology. Beijing: China Science and Technology Press. Google Scholar

[119] Coron J-S. Survey of Existing SHE schemes and Cryptanalytic Techniques. Homomorphic Encryption Applications and Technology Project, 2015. Google Scholar

[120] Ducas L, Micciancio D. FHEW: bootstrapping homomorphic encryption in less than a second. In: Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, 2015. 617--640. Google Scholar

[121] Chillotti I, Gama N, Georgieva M, et al. Faster fully homomorphic encryption: bootstrapping in less than 0.1 seconds. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, 2016. 3--33. Google Scholar

[122] Halevi S, Shoup V. Faster homomorphic linear transformations in helib. In: Advances in Cryptology-CRYPTO 2018. Berlin: Springer, 2018. Google Scholar

[123] van Dijk M, Gentry C, Halevi S, et al. Fully homomorphic encryption over the integers. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco and Nice, 2010. 24--43. Google Scholar

[124] Martins P, Sousa L, Mariano A. A Survey on Fully Homomorphic Encryption. ACM Comput Surv, 2018, 50: 1-33 CrossRef Google Scholar

[125] Acar A, Aksu H, Uluagac A S. A Survey on Homomorphic Encryption Schemes. ACM Comput Surv, 2018, 51: 1-35 CrossRef Google Scholar

[126] Brakerski Z, Vaikuntanathan V. Efficient fully homomorphic encryption from (standard) LWE. In: Proceedings of the 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science, Washington, 2011. 97--106. Google Scholar

[127] Brakerski Z, Gentry C, Vaikuntanathan V. (Leveled) fully homomorphic encryption without bootstrapping. In: Proceedings of the 3rd Innovations in Theoretical Computer Science Conference, Cambridge, 2012. 309--325. Google Scholar

[128] Gentry C, Sahai A, Waters B. Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based. In: Proceedings of the 33rd Annual Cryptology Conference, Santa Barbara, 2013. 75--92. Google Scholar

[129] Brakerski Z. Fully homomorphic encryption without modulus switching from classical GapSVP. In: Proceedings of Advances in Cryptology-crypto 2012, Santa Barbara, 2012. 868--886. Google Scholar

[130] Fan J, Vercauteren F. Somewhat practical fully homomorphic encryption. IACR Cryptology ePrint Archive, 2012, 2012: 144. Google Scholar

[131] Bos J W, Lauter K, Loftus J, et al. Improved security for a ring-based fully homomorphic encryption scheme. In: Proceedings of the 14th IMA International Conference on Cryptography and Coding, Oxford, 2013. 45--64. Google Scholar

[132] Lepoint T, Naehrig M. A comparison of the homomorphic encryption schemes FV and YASHE. In: Proceedings of International Conference on Cryptology in Africa, Marrakesh, 2014. 318--335. Google Scholar

[133] Cheon J H, Kim A, Kim M, et al. Homomorphic encryption for arithmetic of approximate numbers. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security, Hong Kong, 2017. 409--437. Google Scholar

[134] Cheon J H, Han K, Kim A, et al. Bootstrapping for approximate homomorphic encryption. In: Proceedings of the 37th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tel Aviv, 2018. 360--384. Google Scholar

[135] Chor B, Goldreich O, Kushilevitz E, et al. Private information retrieval. In: Proceedings of the 36th Annual Symposium on Foundations of Computer Science, Milwaukee, 1995. 41--50. Google Scholar

[136] Doröz Y, Sunar B, Hammouri G. Bandwidth efficient PIR from NTRU. In: Proceedings of International Conference on Financial Cryptography and Data Security, Barbados, 2014. 195--207. Google Scholar

[137] Popa R A, Redfield C, Zeldovich N, et al. CryptDB: protecting confidentiality with encrypted query processing. In: Proceedings of the 23rd ACM Symposium on Operating Systems Principles, Cascais, 2011. 85--100. Google Scholar

[138] Cheon J H, Kim M, Kim M. Search-and-compute on encrypted data. In: Proceedings of International Conference on Financial Cryptography and Data Security, San Juan, 2015. 142--159. Google Scholar

[139] Li Z P, Ma C G, Zhou H S. Overview on Fully Homomorphic Encryption. J Cryptologic Res, 2017, 4: 561--578. Google Scholar

[140] Yagisawa M. Fully Homomorphic Encryption without bootstrapping. IACR Cryptol ePrint Arch, 2015, 2015: 474. Google Scholar

[141] Liu D X. Practical Fully Homomorphic Encryption without Noise Reduction. IACR Cryptol ePrint Arch, 2015, 2015: 468. Google Scholar

[142] Wang Y G. Notes on two fully homomorphic encryption schemes without bootstrapping. IACR Cryptol ePrint Arch, 2015, 2015: 519. Google Scholar

[143] Qin Z G, Xu J, Nie X Y, et al. A Survey of Public-Key Encryption with Keyword Search. J Cyber Secur, 2017, 2: 1--12. Google Scholar

[144] Song D X, Wagner D, Perrig A. Practical techniques for searches on encrypted data. In: Proceedings of 2000 IEEE Symposium on Security and Privacy, Berkeley, 2000. 44--55. Google Scholar

[145] Goh E-J. Secure indexes. IACR Cryptol ePrint Arch, 2003, 2003: 216. Google Scholar

[146] Curtmola R, Garay J, Kamara S, et al. Searchable symmetric encryption: improved definitions and efficient constructions. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, 2006. 79--88. Google Scholar

[147] van Liesdonk P, Sedghi S, Doumen J, et al. Computationally efficient searchable symmetric encryption. In: Proceedings of Workshop on Secure Data Management, Seattle, 2010. 87--100. Google Scholar

[148] Kamara S, Papamanthou C, Roeder T. Dynamic searchable symmetric encryption. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, Raleigh, 2012. 965--976. Google Scholar

[149] Golle P, Staddon J, Waters B. Secure conjunctive keyword search over encrypted data. In: Proceedings of International Conference on Applied Cryptography and Network Security, Yellow Mountains, 2004. 31--45. Google Scholar

[150] Cao N, Wang C, Li M. Privacy-Preserving Multi-Keyword Ranked Search over Encrypted Cloud Data. IEEE Trans Parallel Distrib Syst, 2014, 25: 222-233 CrossRef Google Scholar

[151] Li J, Wang Q, Wang C, et al. Fuzzy keyword search over encrypted data in cloud computing. In: Proceedings of The 29th Conference on Computer Communications, San Diego, 2010. 1--5. Google Scholar

[152] Chai Q, Gong G. Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers. In: Proceedings of the 2012 IEEE International Conference on Communications, Ottawa, 2012. 917--922. Google Scholar

[153] Boneh D, Di Crescenzo G, Ostrovsky R, et al. Public key encryption with keyword search. In: Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, 2004. 506--522. Google Scholar

[154] Abdalla M, Bellare M, Catalano D, et al. Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions. In: Proceedings of Annual International Cryptology Conference, Santa Barbara, 2005. 205--222. Google Scholar

[155] Xu P, Jin H, Wu Q. Public-Key Encryption with Fuzzy Keyword Search: A Provably Secure Scheme under Keyword Guessing Attack. IEEE Trans Comput, 2013, 62: 2266-2277 CrossRef Google Scholar

[156] Chen R, Mu Y, Yang G. Dual-Server Public-Key Encryption with Keyword Search for Secure Cloud Storage. IEEE TransInformForensic Secur, 2015, : 1-1 CrossRef Google Scholar

[157] Baek J, Safavi-Naini R, Susilo W. Public key encryption with keyword search revisited. In: Proceedings of International conference on Computational Science and Its Applications, Perugia, 2008. 1249--1259. Google Scholar

[158] Zheng Q J, Xu S H, Ateniese G. VABKS: verifiable attribute-based keyword search over outsourced encrypted data. In: Proceedings of the 33rd Annual IEEE International Conference on Computer Communications, Toronto, 2014. 522--530. Google Scholar

[159] Bellare M, Boldyreva A, O'Neill A. Deterministic and efficiently searchable encryption. In: Proceedings of the Annual International Cryptology Conference, Santa Barbara, 2007. 535--552. Google Scholar

[160] Regev O. On lattices, learning with errors, random linear codes, and cryptography. J ACM, 2009, 56: 1-40 CrossRef Google Scholar

[161] Boneh D, Waters B. Conjunctive, subset, and range queries on encrypted data. In: Proceedings of the 4th Theory of Cryptography Conference, Amsterdam, 2007. 535--554. Google Scholar

[162] Agrawal R, Kiernan J, Srikant R, et al. Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, Paris, 2004. 563--574. Google Scholar

[163] Boldyreva A, Chenette N, Lee Y, et al. Order-preserving symmetric encryption. In: Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cologne, 2009. 224--241. Google Scholar

[164] Popa R A, Li F H, Zeldovich N. An ideal-security protocol for order-preserving encoding. In: Proceedings of the 2013 IEEE Symposium on Security and Privacy, San Francisco, 2013. 463--477. Google Scholar

[165] Kerschbaum F. Frequency-hiding order-preserving encryption. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, 2015. 656--667. Google Scholar

[166] Boneh D, Lewi K, Raykova M, et al. Semantically secure order-revealing encryption: multi-input functional encryption without obfuscation. In: Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, 2015. 563--594. Google Scholar

[167] Lewi K, Wu D J. Order-revealing encryption: new constructions, applications, and lower bounds. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, 2016. 1167--1178. Google Scholar

[168] Ning J, Xu J, Liang K. Passive Attacks Against Searchable Encryption. IEEE TransInformForensic Secur, 2019, 14: 789-802 CrossRef Google Scholar

[169] Fu Z, Wu X, Guan C. Toward Efficient Multi-Keyword Fuzzy Search Over Encrypted Outsourced Data With Accuracy Improvement. IEEE TransInformForensic Secur, 2016, 11: 2706-2716 CrossRef Google Scholar

[170] Guo J J, Miao M X, Wang J F. Research and progress of order preserving encryption. J Cryptol Res, 2018, 5: 182--195. Google Scholar

[171] Brightwell M, Smith H. Using datatype-preserving encryption to enhance data warehouse security. In: Proceedings of the 20th National Information Systems Security Conference, Baltimore, 1997. 141--149. Google Scholar

[172] Liu Z L, Jia C F, Li J W. Research on the format-preserving encryption modes. J Commun, 2011, 32: 184--190. Google Scholar

[173] Bellare M, Ristenpart T, Rogaway P, et al. Format-preserving encryption. In: Proceedings of the International Workshop on Selected Areas in Cryptography, Alberta, 2009. 295--312. Google Scholar

[174] Liu Z L, Jia C F, Li J W. J Software, 2012, 23: 152-170 CrossRef Google Scholar

[175] Liu Z L, Jia C F, Li J W, et al. Format-preserving encryption for datetime. In: Proceedings of the 2010 IEEE International Conference on Intelligent Computing and Intelligent Systems, Xiamen, 2010. 201--205. Google Scholar

[176] Cui B J, Zhang B H, Wang K Y. A data masking scheme for sensitive big data based on format-preserving encryption. In: Proceedings of the 2017 IEEE International Conference on Computational Science and Engineering & Embedded and Ubiquitous Computing, Guangzhou, 2017. 518--524. Google Scholar

[177] Biryukov A, Leurent G, Perrin L. Cryptanalysis of Feistel networks with secret round functions. In: Proceedings of the International Conference on Selected Areas in Cryptography, New Brunswick, 2015. 102--121. Google Scholar

[178] Biham E, Biryukov A, Dunkelman O, et al. Initial observations on skipjack: cryptanalysis of skipjack-3XOR. In: Proceedings of the International Workshop on Selected Areas in Cryptography, Kingston, 1998. 362--375. Google Scholar

[179] Bellare M, Hoang V T, Tessaro S. Message-recovery attacks on Feistel-based format preserving encryption. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, 2016. 444--455. Google Scholar

[180] Durak F B, Vaudenay S. Breaking the FF3 format-preserving encryption standard over small domains. In: Proceedings of the Annual International Cryptology Conference, Santa Barbara, 2017. 679--707. Google Scholar

[181] Hoang V T, Tessaro S, Trieu N. The curse of small domains: new attacks on format-preserving encryption. In: Proceedings of the Annual International Cryptology Conference, Santa Barbara, 2018. 221--251. Google Scholar

[182] Naor M, Reingold O. On the Construction of Pseudorandom Permutations: Luby-Rackoff Revisited. J Cryptology, 1999, 12: 29-66 CrossRef Google Scholar

[183] Moniruzzaman A B M, Hossain S A. NoSQL database: New era of databases for big data analytics-classification, characteristics and comparison. 2013,. arXiv Google Scholar

[184] Dworkin M. Recommendation for block cipher modes of operation: methods for formatpreserving encryption. NIST, 2016. Google Scholar

[185] Shin Y, Koo D, Hur J. A survey of secure data deduplication schemes for cloud storage systems. ACM computing surveys, 2017, 49: 74. Google Scholar

[186] Douceur J R, Adya A, Bolosky W J, et al. Reclaiming space from duplicate files in a serverless distributed file system. In: Proceedings of the 22nd International Conference on Distributed Computing Systems, Vienna, 2002. 617--624. Google Scholar

[187] Bellare M, Keelveedhi S, Ristenpart T. Message-locked encryption and secure deduplication. In: Proceedings of the 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Athens, 2013. 296--312. Google Scholar

[188] González-Manzano L, Orfila A. An efficient confidentiality-preserving Proof of Ownership for deduplication. J Network Comput Appl, 2015, 50: 49-59 CrossRef Google Scholar

[189] Xiong J B, Zhang Y Y, Li F H, et al. Research progress on secure data deduplication in cloud. J Commun, 2016, 37: 169--180. Google Scholar

[190] Ateniese G, Burns R, Curtmola R, et al. Provable data possession at untrusted stores. In: Proceedings of the 14th ACM conference on Computer and communications security, Alexandria, 2007. 598--609. Google Scholar

[191] Juels A, Kaliski Jr B S. PORs: proofs of retrievability for large files. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 584--597. Google Scholar

[192] Erway C, Küpcü A, Papamanthou C, et al. Dynamic provable data possession. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, Chicago, 2009. 213--222. Google Scholar

[193] Shen J, Shen J, Chen X. An Efficient Public Auditing Protocol With Novel Dynamic Structure for Cloud Data. IEEE TransInformForensic Secur, 2017, 12: 2402-2415 CrossRef Google Scholar

[194] Wu Y, Jiang Z L, Wang X, et al. Dynamic data operations with deduplication in privacy-preserving public auditing for secure cloud storage. In: Proceedings of the 2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC), Guangzhou, 2017. 562--567. Google Scholar

[195] Wang Q, Wang C, Li J, et al. Enabling public verifiability and data dynamics for storage security in cloud computing. In: Proceedings of the 14th European Symposium on Research in Computer Security, Saint-Malo, 2009. 355--370. Google Scholar

[196] Ren Z, Wang L, Wang Q. Dynamic Proofs of Retrievability for Coded Cloud Storage Systems. IEEE Trans Serv Comput, 2018, 11: 685-698 CrossRef Google Scholar

[197] Tate S R, Vishwanathan R, Everhart L. Multi-user dynamic proofs of data possession using trusted hardware. In: Proceedings of the 3rd ACM Conference on Data and Application Security and Privacy, San Antonio, 2013. 353--364. Google Scholar

[198] Wang B, Chow S S, Li M, et al. Storing shared data on the cloud via security-mediator. In: Proceedings of the 2013 IEEE 33rd International Conference on Distributed Computing Systems Philadelphia, 2013. 124--133. Google Scholar

[199] Wang B, Li B, Li H. Panda: Public Auditing for Shared Data with Efficient User Revocation in the Cloud. IEEE Trans Serv Comput, 2015, 8: 92-106 CrossRef Google Scholar

[200] Jiang T, Chen X, Ma J. Public Integrity Auditing for Shared Dynamic Cloud Data with Group User Revocation. IEEE Trans Comput, 2016, 65: 2363-2373 CrossRef Google Scholar

[201] Wang Z H. Research on several security mechanisms for cloud storage service. Dissertation for Ph.D. Degree. Beijing: Beijing Jiaotong University, 2016. Google Scholar

[202] Zhuo Hao , Sheng Zhong , Nenghai Yu . A Privacy-Preserving Remote Data Integrity Checking Protocol with Data Dynamics and Public Verifiability. IEEE Trans Knowl Data Eng, 2011, 23: 1432-1437 CrossRef Google Scholar

[203] Wang C, Chow S S M, Wang Q. Privacy-Preserving Public Auditing for Secure Cloud Storage. IEEE Trans Comput, 2013, 62: 362-375 CrossRef Google Scholar

[204] Zhu Y, Hu H, Ahn G J. Cooperative Provable Data Possession for Integrity Verification in Multicloud Storage. IEEE Trans Parallel Distrib Syst, 2012, 23: 2231-2244 CrossRef Google Scholar

[205] Yang K, Jia X. An Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud Computing. IEEE Trans Parallel Distrib Syst, 2013, 24: 1717-1726 CrossRef Google Scholar

[206] Wang H. Identity-Based Distributed Provable Data Possession in Multicloud Storage. IEEE Trans Serv Comput, 2015, 8: 328-340 CrossRef Google Scholar

[207] Yu Y, Au M H, Ateniese G. Identity-Based Remote Data Integrity Checking With Perfect Data Privacy Preserving for Cloud Storage. IEEE TransInformForensic Secur, 2017, 12: 767-778 CrossRef Google Scholar

[208] He D, Kumar N, Wang H. Privacy-preserving certificateless provable data possession scheme for big data storage on cloud. Appl Math Computation, 2017, 314: 31-43 CrossRef Google Scholar

[209] Wang Y Z, Wei J P. VIAF: verification-based integrity assurance framework for MapReduce. In: Proceedings of IEEE International Conference on Cloud Computing, 2011. 300-307. Google Scholar

[210] Zhu Y, Wang H X, Hu Z X. Zero-knowledge proofs of retrievability. Sci China Inf Sci, 2011, 54: 1608-1617 CrossRef Google Scholar

[211] Jian Liu , Kun Huang , Hong Rong . Privacy-Preserving Public Auditing for Regenerating-Code-Based Cloud Storage. IEEE TransInformForensic Secur, 2015, 10: 1513-1528 CrossRef Google Scholar

[212] Xiang F, Liu C Y, Fang B X, et al. Novel “rich cloud" based data disaster recovery strategy. J Commun, 2013, 34: 92--101. Google Scholar

[213] Wood T, Cecchet E, Ramakrishnan K K, et al. Disaster recovery as a cloud service: economic benefits & deployment challenges. HotCloud, 2010, 10: 8--15. Google Scholar

[214] Weatherspoon H, Kubiatowicz J D. Erasure coding vs. replication: a quantitative comparison. In: Proceedings of International Workshop on Peer-to-Peer Systems, Cambridge, 2002. 328--337. Google Scholar

[215] Wang Y J, Xu F L, Pei X Q. Research on erasure code-based fault-tolerant technology for distributed storage. Chin J Comput, 2017, 40: 236--255. Google Scholar

[216] Xu J W, Zhang W B, Wang T, et al. A Genetic Algorithm Based Ataptive Strategy for Image Backup of Virtual Machines. Chin J Comput, 2016, 39: 351--363. Google Scholar

[217] Chang V. Towards a Big Data system disaster recovery in a Private Cloud. Ad Hoc Networks, 2015, 35: 65-82 CrossRef Google Scholar

[218] Wood T, Lagar-Cavilla H A, Ramakrishnan K, et al. PipeCloud: using causality to overcome speed-of-light delays in cloud-based disaster recovery. In: Proceedings of the 2nd ACM Symposium on Cloud Computing, Cascais, 2011. 17. Google Scholar

[219] Zhong R M, Liu C Y, Wang C L, et al. Cost-aware data reliability provision algorithm for the cloud providers. J Softw, 2014, 25: 1874--1886. Google Scholar

[220] Yu Gu , Dongsheng Wang , Chuanyi Liu . DR-Cloud: Multi-cloud based disaster recovery service. Tinshhua Sci Technol, 2014, 19: 13-23 CrossRef Google Scholar

[221] Colman-Meixner C, Develder C, Tornatore M. A Survey on Resiliency Techniques in Cloud Computing Infrastructures and Applications. IEEE Commun Surv Tutorials, 2016, 18: 2244-2281 CrossRef Google Scholar

[222] Perez R, Sailer R, van Doorn L. vTPM: virtualizing the trusted platform module. In: Proceedings of the 15th USENIX Security Symposium, Vancouver, 2006. 305--320. Google Scholar

[223] Hua J, Sakurai K. Barrier: a lightweight hypervisor for protecting kernel integrity via memory isolation. In: Proceedings of the 27th Annual ACM Symposium on Applied Computing, Trento, 2012. 1470--1477. Google Scholar

[224] Zhu M, Tu B B, Meng D. The security research of virtualization software stack. Chin J Comput, 2017, 40: 481--504. Google Scholar

[225] Ainapure B S, Shah D, Rao A A. Understanding perception of cache-based side-channel attack on cloud environment. In: Proceedings of Progress in Intelligent Computing Techniques: Theory, Practice, and Applications, 2018. 9--21. Google Scholar

[226] Garfinkel T, Rosenblum M. A virtual machine introspection based architecture for intrusion detection. In: Proceedings of the 2003 Network and Distributed System Security Symposium, San Diego, 2003. 191--206. Google Scholar

[227] Hebbal Y, Laniepce S, Menaud J-M. Virtual machine introspection: techniques and applications. In: Proceedings of the 10th International Conference on Availability, Reliability and Security, Toulouse, 2015. 676--685. Google Scholar

[228] Noshy M, Ibrahim A, Ali H A. Optimization of live virtual machine migration in cloud computing: A survey and future directions. J Network Comput Appl, 2018, 110: 1-10 CrossRef Google Scholar

[229] Li C, Raghunathan A, Jha N K. Secure virtual machine execution under an untrusted management OS. In: Proceedings of the 2010 IEEE 3rd International Conference on Cloud Computing, Miami, 2010. 172--179. Google Scholar

[230] Azab A M, Ning P, Wang Z, et al. HyperSentry: enabling stealthy in-context measurement of hypervisor integrity. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, Chicago, 2010. 38--49. Google Scholar

[231] Szefer J, Keller E, Lee R B, et al. Eliminating the hypervisor attack surface for a more secure cloud. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, Chicago, 2011. 401--412. Google Scholar

[232] Wang J, Stavrou A, Ghosh A. Hypercheck: A hardware-assisted integrity monitor. In: Proceedings of the International Workshop on Recent Advances in Intrusion Detection, Ottawa, 2010. 158--177. Google Scholar

[233] Wang Z, Jiang X X. Hypersafe: A lightweight approach to provide lifetime hypervisor control-flow integrity. In: Proceedings of 2010 IEEE Symposium on Security and Privacy, Berkeley, 2010. 380--395. Google Scholar

[234] Mijumbi R, Serrat J, Gorricho J L. Network Function Virtualization: State-of-the-Art and Research Challenges. IEEE Commun Surv Tutorials, 2016, 18: 236-262 CrossRef Google Scholar

[235] Sezer S, Scott-Hayward S, Chouhan P. Are we ready for SDN? Implementation challenges for software-defined networks. IEEE Commun Mag, 2013, 51: 36-43 CrossRef Google Scholar

[236] Yu Y, Wang Z L, Bi J, et al. Survey on the Languages in the Northbound Interface of Software Defined Networking. J Softw, 2016, 27: 993--1008. Google Scholar

[237] Zaalouk A, Khondoker R, Marx R, et al. Orchsec: an orchestrator-based architecture for enhancing network-security using network monitoring and sdn control functions. In: Proceedings of Network Operations and Management Symposium (NOMS). New York: IEEE, 2014. 1--9. Google Scholar

[238] Tao Wang , Hongchang Chen . SGuard: A lightweight SDN safe-guard architecture for DoS attacks. China Commun, 2017, 14: 113-125 CrossRef Google Scholar

[239] Kreutz D, Ramos F, Verissimo P. Towards secure and dependable software-defined networks. In: Proceedings of Proceedings of the 2nd ACM SIGCOMM Workshop on Hot topics in Software Defined Networking, 2013. 55--60. Google Scholar

[240] Varadharajan V, Karmakar K, Tupakula U. A Policy-Based Security Architecture for Software-Defined Networks. IEEE TransInformForensic Secur, 2019, 14: 897-912 CrossRef Google Scholar

[241] Shin S, Porras P A, Yegneswaran V, et al. FRESCO: modular composable security services for software-defined networks. In: Proceedings of NDSS, 2013. Google Scholar

[242] Han B, Gopalakrishnan V, Ji L. Network function virtualization: Challenges and opportunities for innovations. IEEE Commun Mag, 2015, 53: 90-97 CrossRef Google Scholar

[243] Yang W, Fung C. A survey on security in network functions virtualization. In: Proceedings of NetSoft Conference and Workshops (NetSoft). New York: IEEE, 2016. 15--19. Google Scholar

[244] Gember-Jacobson A, Viswanathan R, Prakash C, et al. OpenNF: enabling innovation in network function control. In: Proceedings of ACM SIGCOMM Computer Communication Review, 2014. 163--174. Google Scholar

[245] Jaeger B. Security orchestrator: introducing a security orchestrator in the context of the etsi nfv reference architecture. In: Proceedings of Trustcom/BigDataSE/ISPA. New York: IEEE, 2015. 1255--1260. Google Scholar

[246] Pattaranantakul M, He R, Song Q. NFV Security Survey: From Use Case Driven Threat Analysis to State-of-the-Art Countermeasures. IEEE Commun Surv Tutorials, 2018, 20: 3330-3368 CrossRef Google Scholar

[247] Daghmehchi Firoozjaei M, Jeong J P, Ko H. Security challenges with network functions virtualization. Future Generation Comput Syst, 2017, 67: 315-324 CrossRef Google Scholar

[248] Wang J, Hao S R, Li Y, et al. Challenges Towards Protecting VNF With SGX. In: Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, Tempe, 2018. 39--42. Google Scholar

[249] Melis L, Asghar H J, de Cristofaro E, et al. Private processing of outsourced network functions: Feasibility and constructions. In: Proceedings of Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, 2016. 39--44. Google Scholar

[250] Bonfim M S, Dias K L, Fernandes S F L. Integrated NFV/SDN Architectures. ACM Comput Surv, 2019, 51: 1-39 CrossRef Google Scholar

[251] Wang M M, Liu J W, Chen J, et al. Software defined networking: security model, threats and mechanism. J Softw, 2016, 27: 969--992. Google Scholar

[252] Rawat D B, Reddy S R. Software Defined Networking Architecture, Security and Energy Efficiency: A Survey. IEEE Commun Surv Tutorials, 2017, 19: 325-346 CrossRef Google Scholar

[253] Feng D G, Chan C. Research on attribute-based cryptography. J Cryptologic Res, 2014, 1: 1--12. Google Scholar

[254] Goyal V, Pandey O, Sahai A, et al. Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of Proceedings of the 13th ACM Conference on Computer and Communications Security, 2006. 89--98. Google Scholar

[255] Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption. In: Proceedings of IEEE Symposium on Security and Privacy, 2007. 321--334. Google Scholar

[256] Fugkeaw S, Sato H. Scalable and secure access control policy update for outsourced big data. Future Generation Comput Syst, 2018, 79: 364-373 CrossRef Google Scholar

[257] Fang L, Yin L H, Guo Y C, et al. A survey of technologies in attribute-based access control scheme. Chin J Comput, 2017, 40: 1680--1698. Google Scholar

[258] Kapadia A, Tsang P P, Smith S W. Attribute-based publishing with hidden credentials and hidden policies. In: Proceedings of the 14th Annual Network & Distributed System Security Symposium, San Diego, 2007. 179--192. Google Scholar

[259] Cui H, Deng R H, Lai J. An efficient and expressive ciphertext-policy attribute-based encryption scheme with partially hidden access structures, revisited. Comput Networks, 2018, 133: 157-165 CrossRef Google Scholar

[260] Wang H, Zheng Z, Wu L. New directly revocable attribute-based encryption scheme and its application in cloud storage environment. Cluster Comput, 2017, 20: 2385-2392 CrossRef Google Scholar

[261] Liu J K, Yuen T H, Zhang P, et al. Time-based direct revocable ciphertext-policy attribute-based encryption with short revocation list. In: Proceedings of the 16th International Conference on Applied Cryptography and Network Security, Leuven, 2018. 516--534. Google Scholar

[262] Pirretti M, Traynor P, McDaniel P, et al. Secure attribute-based systems. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, 2006. 99--112. Google Scholar

[263] Sun W, Yu S, Lou W. Protecting Your Right: Verifiable Attribute-Based Keyword Search with Fine-Grained Owner-Enforced Search Authorization in the Cloud. IEEE Trans Parallel Distrib Syst, 2016, 27: 1187-1198 CrossRef Google Scholar

[264] Sookhak M, Yu F R, Khan M K. Attribute-based data access control in mobile cloud computing: Taxonomy and open issues. Future Generation Comput Syst, 2017, 72: 273-287 CrossRef Google Scholar

[265] Jianting Ning , Xiaolei Dong , Zhenfu Cao . White-Box Traceable Ciphertext-Policy Attribute-Based Encryption Supporting Flexible Attributes. IEEE TransInformForensic Secur, 2015, 10: 1274-1288 CrossRef Google Scholar

[266] Liu Z, Cao Z F, Wong D S. Blackbox traceable CP-ABE: how to catch people leaking their keys by selling decryption devices on eBay. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, Berlin, 2013. 475--486. Google Scholar

[267] Liu Z, Duan S, Zhou P. Traceable-then-revocable ciphertext-policy attribute-based encryption scheme. Future Generation Comput Syst, 2019, 93: 903-913 CrossRef Google Scholar

[268] Zhang K, Li H, Ma J. Efficient large-universe multi-authority ciphertext-policy attribute-based encryption with white-box traceability. Sci China Inf Sci, 2018, 61: 032102 CrossRef Google Scholar

[269] Chase M. Multi-authority attribute based encryption. In: Proceedings of thr 4th Theory of Cryptography Conference, Amsterdam, 2007. 515--534. Google Scholar

[270] Chase M, Chow S S. Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, Chicago, 2009. 121--130. Google Scholar

[271] Li Q, Ma J, Li R. Large universe decentralized key-policy attribute-based encryption. Security Comm Networks, 2015, 8: 501-509 CrossRef Google Scholar

[272] Rouselakis Y, Waters B. Efficient statically-secure large-universe multi-authority attribute-based encryption. In: Proceedings of the 19th International Conference on Financial Cryptography and Data Security, San Juan, 2015. 315--332. Google Scholar

[273] Can Z F, Dong X L, Zhou J, et al. Research advances on big data security and privacy preserving. J Comput Res Develop, 2016, 53: 2137--2151. Google Scholar

[274] P P K, P S K, P.j.a. A. Attribute based encryption in cloud computing: A survey, gap analysis, and future directions. J Network Comput Appl, 2018, 108: 37-52 CrossRef Google Scholar

[275] Kuhlmann M, Shohat D, Schimpf G. Role mining - revealing business roles for security administration using data mining technology. In: Proceedings of Eighth ACM Symposium on Access Control MODELS and Technologies, 2003. 179--186. Google Scholar

[276] Kuhlmann M, Shohat D, Schimpf G. Role mining-revealing business roles for security administration using data mining technology. In: Proceedings of the 8th ACM Symposium on Access Control Models and Technologies, Como, 2003. 179--186. Google Scholar

[277] Molloy I, Park Y, Chari S. Generative models for access control policies: applications to role mining over logs with attribution. In: Proceedings of the 17th ACM Symposium on Access Control Models and Technologies, Newark, 2012. 45--56. Google Scholar

[278] Li H, Zhang M, Feng D G, et al. Research on access control of big data. Chin J Comput, 2017, 40: 72--91. Google Scholar

[279] Molloy I, Li N, Li T, et al. Evaluating role mining algorithms. In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, Stresa, 2009. 95--104. Google Scholar

[280] Vaidya J, Atluri V, Warner J. RoleMiner: mining roles using subset enumeration. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, 2006. 144--153. Google Scholar

[281] Zhang D N, Ramamohanarao K, Ebringer T, et al. Permission set mining: discovering practical and useful roles. In: Proceedings of the 24th Annual Computer Security Applications Conference, Anaheim, 2008. 247--256. Google Scholar

[282] Molloy I, Hong C, Li T C, et al. Mining roles with semantic meanings. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, Estes Park, 2008. 21--30. Google Scholar

[283] Vaidya J, Atluri V, Guo Q. The role mining problem: finding a minimal descriptive set of roles. In: Proceedings of the 12th ACM symposium on Access control models and technologies, Sophia Antipolis, 2007. 175--184. Google Scholar

[284] Zhang D, Ramamohanarao K, Ebringer T. Role engineering using graph optimisation. In: Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, Sophia Antipolis, 2007. 139--144. Google Scholar

[285] Frank M, Streich A P, Basin D A, et al. A probabilistic approach to hybrid role mining. In: Proceedings of the 16th ACM conference on Computer and communications security, Chicago, 2009. 101--111. Google Scholar

[286] Jafarian J H, Takabi H, Touati H, et al. Towards a general framework for optimal role mining: A constraint satisfaction approach. In: Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, Vienna, 2015. 211--220. Google Scholar

[287] Mitra B, Sural S, Vaidya J. A Survey of Role Mining. ACM Comput Surv, 2016, 48: 1-37 CrossRef Google Scholar

[288] Phua T W, Ko R K L. Data provenance for big data security and accountability. In: Encyclopedia of Big Data Technologies. Berlin: Springer, 2018. 1--6. Google Scholar

[289] Buneman P, Khanna S, Tan W C. Why and where: a characterization of data provenance. In: Proceedings of 2001 International Conference on Database Theory, London, 2001. 216--330. Google Scholar

[290] Glavic B. Big data provenance: challenges and implications for benchmarking. In: Proceedings of the 2012 Workshop on Big Data Benchmarks, Pune, 2012. 72--80. Google Scholar

[291] Cheney J, Chong S, Foster N, et al. Provenance: a future history. In: Proceedings of the 24th ACM SIGPLAN Conference Companion on Object Oriented Programming Systems Languages and Applications, Orlando, 2009. 957--964. Google Scholar

[292] Labrinidis A, Jagadish H V. Challenges and opportunities with big data. Proceedings of the VLDB Endowment,2012, 5: 2032-2033. Google Scholar

[293] Moreau L, Clifford B, Freire J. The Open Provenance Model core specification (v1.1). Future Generation Comput Syst, 2011, 27: 743-756 CrossRef Google Scholar

[294] Sahoo S S, Barga R S, Goldstein J, et al. Provenance algebra and materialized view-based provenance management. In: Proceedings of the 2nd International Provenance and Annotation Workshop, Salt Lake City, 2008. 531--540. Google Scholar

[295] Wang J, Crawl D, Purawat S, et al. Big data provenance: challenges, state of the art and opportunities. In: Proceedings of 2015 IEEE International Conference on Big Data, Santa Clara, 2015. 2509--2516. Google Scholar

[296] Gehani A, Kazmi H, Irshad H. Scaling spade to “big provenance". In: Proceedings of the 8th USENIX Conference on Theory and Practice of Provenance, Washington, 2016. 26--33. Google Scholar

[297] Fu X, Gao Y, Luo B. Security Threats to Hadoop: Data Leakage Attacks and Investigation. IEEE Network, 2017, 31: 67-71 CrossRef Google Scholar

[298] Ko R K, Will M A. Progger: an efficient, tamper-evident kernel-space logger for cloud data provenance tracking. In: Proceedings of the IEEE 7th International Conference on Cloud Computing, Anchorage, 2014. 881--889. Google Scholar

[299] Kulkarni D. A provenance model for key-value systems. In: Proceedings of the 5th Workshop on the Theory and Practice of Provenance, Lombard, 2013. 1--4. Google Scholar

[300] Alkhaldi A, Gupta I, Raghavan V, et al. Leveraging metadata in no SQL storage systems. In: Proceedings of the 8th IEEE International Conference on Cloud Computing, New York, 2015. 57--64. Google Scholar

[301] Chacko A M, Fairooz M, Kumar S M. Provenance-aware NoSQL databases. In: Proceedings of the International Symposium on Security in Computing and Communication, Jaipur, 2016. 152--160. Google Scholar

[302] Park H, Ikeda R, Widom J. Ramp: a system for capturing and tracing provenance in mapreduce workflows. Proceedings of the VLDB Endowment, 2011, 4: 1351-1354. Google Scholar

[303] Akoush S, Sohan R, Hopper A. HadoopProv: towards provenance as a first class citizen in MapReduce. In: Proceedings of the 5th USENIX Workshop on the Theory and Practice of Provenance, Lombard, 2013. 1--4. Google Scholar

[304] Zafar F, Khan A, Suhail S. Trustworthy data: A survey, taxonomy and future trends of secure provenance schemes. J Network Comput Appl, 2017, 94: 50-68 CrossRef Google Scholar

[305] Cheney J. A formal framework for provenance security. In: Proceedings of the 24th IEEE Computer Security Foundations Symposium, Cernay-la-Ville, 2011. 281--293. Google Scholar

[306] Braun U, Shinnar A. A Security Model for Provenance. Harvard Computer Science Group Technical Report TR-04-06. 2006. Google Scholar

[307] Cadenhead T, Khadilkar V, Kantarcioglu M, et al. A language for provenance access control. In: Proceedings of the 1st ACM Conference on Data and Application Security and Privacy, San Antonio, 2011. 133--144. Google Scholar

[308] Danger R, Curcin V, Missier P. Access control and view generation for provenance graphs. Future Generation Comput Syst, 2015, 49: 8-27 CrossRef Google Scholar

[309] Liang X, Shetty S, Tosh D, et al. ProvChain: a blockchain-based data provenance architecture in cloud environment with enhanced privacy and availability. In: Proceedings of the 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, Madrid, 2017. 468--477. Google Scholar

[310] Ramachandran A, Kantarcioglu M. SmartProvenance: a distributed, blockchain based data provenance system. In: Proceedings of the 8th ACM Conference on Data and Application Security and Privacy, Tempe, 2018. 35--42. Google Scholar

[311] Muniswamy-Reddy K K, Holland D A, Braun U, et al. Provenance-aware storage systems. In: Proceedings of 2006 USENIX Annual Technical Conference, Boston, 2006. 43--56. Google Scholar

[312] Suen C H, Ko R K L, Yu S T, et al. S2Logger: end-to-end data tracking mechanism for cloud data provenance. In: Proceedings of the 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, Melbourne, 2013. 594--602. Google Scholar

[313] Alabi O, Beckman J, Dark M, et al. Toward a data spillage prevention process in hadoop using data provenance. In: Proceedings of the 2nd Workshop on Changing Landscapes in HPC Security, Portland, 2015. 9--13. Google Scholar

[314] Bates A, Butler K, Dobra A, et al. Retrofitting Applications with Provenance-Based Security Monitoring. 2016,. arXiv Google Scholar

[315] Appelbaum D. Securing Big Data Provenance for Auditors: The Big Data Provenance Black Box as Reliable Evidence. J Emerging Technologies Accounting, 2016, 13: 17-36 CrossRef Google Scholar

[316] Ghoshal D, Plale B. Provenance from log files: a BigData problem. In: Proceedings of the Joint EDBT/ICDT 2013 Workshops, Genoa, 2013. 290--297. Google Scholar

[317] Cuzzocrea A. Provenance research issues and challenges in the big data era. In: Proceedings of the IEEE 39th Annual Computer Software and Applications Conference, Taichung, 2015. 684--686. Google Scholar

[318] Cardenas A A, Manadhata P K, Rajan S P. Big Data Analytics for Security. IEEE Secur Privacy, 2013, 11: 74-76 CrossRef Google Scholar

[319] Zuech R, Khoshgoftaar T M, Wald R. Intrusion detection and Big Heterogeneous Data: a Survey. J Big Data, 2015, 2: 3 CrossRef Google Scholar

[320] Jeong H-D J, Hyun W, Lim J, et al. Anomaly teletraffic intrusion detection systems on hadoop-based platforms: A survey of some problems and solutions. In: Proceedings of the 15th International Conference on Network-Based Information Systems, Melbourne, 2012. 766--770. Google Scholar

[321] Cheon J, Choe T-Y. Distributed processing of snort alert log using hadoop. Int J Eng Tech, 2013, 5: 2685--2690. Google Scholar

[322] Baker M, Turnbull D, Kaszuba G. Finding needles in haystacks (the size of countries). In: Proceedings of Black Hat Europe 2012, Amsterdam, 2012. 1--13. Google Scholar

[323] Rathore M M, Paul A, Ahmad A, et al. Hadoop based real-time intrusion detection for high-speed networks. In: Proceedings of the 2016 IEEE Global Communications Conference, Washington, 2016. 1--6. Google Scholar

[324] Marchal S, Jiang X, State R, et al. A big data architecture for large scale security monitoring. In: Proceedings of the 2014 IEEE International Congress on Big Data, Anchorage, 2014. 56--63. Google Scholar

[325] Giura P, Wang W. Using large scale distributed computing to unveil advanced persistent threats. Sci J, 2012, 1: 93--105. Google Scholar

[326] Bhatt P, Yano E T, Gustavsson P. Towards a framework to detect multi-stage advanced persistent threats attacks. In: Proceedings of the 8th IEEE International Symposium on Service Oriented System Engineering, Oxford, 2014. 390--395. Google Scholar

[327] Sharma P K, Moon S Y, Moon D. DFA-AD: a distributed framework architecture for the detection of advanced persistent threats. Cluster Comput, 2017, 20: 597-609 CrossRef Google Scholar

[328] Hameed S, Ali U. Efficacy of live ddos detection with hadoop. In: Proceedings of 2016 IEEE/IFIP Operations and Management Symposium, Istanbul, 2016. 488--494. Google Scholar

[329] Terzi D S, Terzi R, Sagiroglu S. Big data analytics for network anomaly detection from netflow data. In: Proceedings of International Conference on Computer Science and Engineering, Bangkok, 2017. 592--597. Google Scholar

[330] Francois J, Wang S, Bronzi W, et al. Botcloud: detecting botnets using mapreduce. In: Proceedings of the 2011 IEEE International Workshop on Information Forensics and Security, Iguacu Falls, 2011. 1--6. Google Scholar

[331] Jon-Michael B, Scot F, Dave S, et al. The Treacherous 12: Cloud Computing Top Threats in 2016. Cloud Security Alliance, 2016. Google Scholar

[332] Yang G, Ma J G, Yu A M, et al. Survey of insider threat detection. J Cyber Secur, 2016, 1: 21--36. Google Scholar

[333] Greitzer F, Purl J, Leong Y M, et al. SOFIT: sociotechnical and organizational factors for insider threat. In: Proceedings of 2018 IEEE Security and Privacy Workshops, San Francisco, 2018. 197--206. Google Scholar

[334] Bose B, Avasarala B, Tirthapura S. Detecting Insider Threats Using RADISH: A System for Real-Time Anomaly Detection in Heterogeneous Data Streams. IEEE Syst J, 2017, 11: 471-482 CrossRef ADS Google Scholar

[335] Bilge L, Dumitras T. Before we knew it: an empirical study of zero-day attacks in the real world. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, Raleigh, 2012. 833--844. Google Scholar

[336] Win T Y, Tianfield H, Mair Q. Big Data Based Security Analytics for Protecting Virtualized Infrastructures in Cloud Computing. IEEE Trans Big Data, 2018, 4: 11-25 CrossRef Google Scholar

[337] Ullah F, Ali Babar M. Architectural Tactics for Big Data Cybersecurity Analytics Systems: A Review. J Syst Software, 2019, 151: 81-118 CrossRef Google Scholar

[338] Alguliyev R, Imamverdiyev Y. Big data: big promises for information security. In: Proceedings of the IEEE 8th International Conference on Application of Information and Communication Technologies, Kazakhstan, 2014. 1--4. Google Scholar

Click to view Download high-quality image

Figure 1
(Color online) Big data security technology framework

0

Citations
0

Altmetric
Article metrics

Email
Export

Research progress on big data security technology

Abstract

Funded by

References

0

0

Interesting search

Top 5Related Articles