TU Darmstadt / ULB / TUbiblio

Assured Cloud-Based Data Analysis with ClusterBFT

Stephen, Julian James and Eugster, Patrick
Eyers, David and Schwan, Karsten (eds.) (2013):
Assured Cloud-Based Data Analysis with ClusterBFT.
In: Middleware 2013. ACM/IFIP/USENIX 14th International Middleware Conference. Proceedings, Berlin, Heidelberg, Springer, pp. 82-102, DOI: 10.1007/978-3-642-45065-5_5, [Book Section]

Abstract

The shift to cloud technologies is a paradigm change that offers considerable financial and administrative gains. However governmental and business institutions wanting to tap into these gains are concerned with security issues. The cloud presents new vulnerabilities and is dominated by new kinds of applications, which calls for new security solutions. Intuitively, Byzantine fault tolerant (BFT) replication has many benefits to enforce integrity and availability in clouds. Existing BFT systems, however, are not suited for typical “data-flow processing” cloud applications which analyze large amounts of data in a parallelizable manner: indeed, existing BFT solutions focus on replicating single monolithic servers, whilst data-flow applications consist in several different stages, each of which may give rise to multiple components at runtime to exploit cheap hardware parallelism; similarly, BFT replication hinges on comparison of redundant outputs generated, which in the case of data-flow processing can represent huge amounts of data. In fact, current limits of data processing directly depend on the amount of data that can be processed per time unit. In this paper we present ClusterBFT, a system that secures computations being run in the cloud by leveraging BFT replication coupled with fault isolation. In short, ClusterBFT leverages a combination of variable-degree clustering, approximated and offline output comparison, smart deployment, and separation of duty, to achieve a parameterized tradeoff between fault tolerance and overhead in practice. We demonstrate the low overhead achieved with ClusterBFT when securing data-flow computations expressed in Apache Pig, and Hadoop. Our solution allows assured computation with less than 10 percent latency overhead as shown by our evaluation.

Item Type: Book Section
Erschienen: 2013
Editors: Eyers, David and Schwan, Karsten
Creators: Stephen, Julian James and Eugster, Patrick
Title: Assured Cloud-Based Data Analysis with ClusterBFT
Language: English
Abstract:

The shift to cloud technologies is a paradigm change that offers considerable financial and administrative gains. However governmental and business institutions wanting to tap into these gains are concerned with security issues. The cloud presents new vulnerabilities and is dominated by new kinds of applications, which calls for new security solutions. Intuitively, Byzantine fault tolerant (BFT) replication has many benefits to enforce integrity and availability in clouds. Existing BFT systems, however, are not suited for typical “data-flow processing” cloud applications which analyze large amounts of data in a parallelizable manner: indeed, existing BFT solutions focus on replicating single monolithic servers, whilst data-flow applications consist in several different stages, each of which may give rise to multiple components at runtime to exploit cheap hardware parallelism; similarly, BFT replication hinges on comparison of redundant outputs generated, which in the case of data-flow processing can represent huge amounts of data. In fact, current limits of data processing directly depend on the amount of data that can be processed per time unit. In this paper we present ClusterBFT, a system that secures computations being run in the cloud by leveraging BFT replication coupled with fault isolation. In short, ClusterBFT leverages a combination of variable-degree clustering, approximated and offline output comparison, smart deployment, and separation of duty, to achieve a parameterized tradeoff between fault tolerance and overhead in practice. We demonstrate the low overhead achieved with ClusterBFT when securing data-flow computations expressed in Apache Pig, and Hadoop. Our solution allows assured computation with less than 10 percent latency overhead as shown by our evaluation.

Title of Book: Middleware 2013. ACM/IFIP/USENIX 14th International Middleware Conference. Proceedings
Series Name: Lecture Notes in Computer Science
Volume: 8275
Number: 8275
Place of Publication: Berlin, Heidelberg
Publisher: Springer
ISBN: 978-3-642-45064-8
Uncontrolled Keywords: Cloud Byzantine fault replication integrity data analysis
Divisions: Profile Areas
Profile Areas > Cybersecurity (CYSEC)
Event Title: 14th International Middleware Conference
Event Location: Beijing, China
Event Dates: December 9-13, 2013
Date Deposited: 28 Aug 2017 13:25
DOI: 10.1007/978-3-642-45065-5_5
Identification Number: TUD-CS-2013-0484
Export:

Optionen (nur für Redakteure)

View Item View Item