Regenerating Code in Cloud Storage System: History
Please note this is an old version of this entry, which may differ significantly from the current revision.
Contributor: , ,

Cloud storage is an indispensable part of cloud computing solutions and the security of its stored data has become a key issue in the research and application of cloud storage systems.

  • cloud storage
  • regenerating code
  • security level

1. Introduction

As an indispensable part of cloud computing solutions, cloud storage is a system that provides external data storage and business access functions, based on distributed storage systems (DSSs). Currently, both public and large private clouds such as OceanStore and Google Drive contain a large amount of sensitive and private data, worldwide. Adopting a DSS that stores data in different geographical locations can improve stability. Unfortunately, it can lead to more target attacks and increase the risk of personal sensitive data being eavesdropped. Therefore, information security in cloud storage is particularly important. According to statistics, there were over 1000 public data breaches worldwide in 2022, resulting in 4 billion personal information breaches. A means to improve data security, on the basis of ensuring storage efficiency, is a key issue in cloud storage applications.
Research has shown that regenerating code (RC) technology plays a crucial role in addressing information security issues in DSSs [1]. When there are eavesdroppers in the system, the regenerating code can prevent the eavesdroppers from restoring the original data. This blocking mechanism belongs to an information-theory-based data security protection scheme, which assumes that the eavesdropper is familiar with coding design principles and has infinite computing power. A way to use regenerating code technology to resist eavesdropping and ensure the data security of DSSs has become a challenging problem in the research of cloud storage systems in recent years [2].
Until now, scholars have proposed various regenerating code structures to ensure the security of DSSs. These structures mostly focus on achieving strong or weak security for DSSs under different system models and eavesdropping models. Strong security necessitates that, when there is eavesdropping in the system, no information about the stored data is leaked to the eavesdropper. Weak security allows for partial information leakage, on the premise that the original message symbols cannot be decoded. It should be noted that strong security and weak security are only two security attributes that DSSs may possess. Existing research has shown that the security level (SL) of a DSS can be further quantitatively characterized by a value between 0 and 1, defined as the probability that the system will prevent eavesdroppers from restoring the original data file [3]. In practice, different applications (or customers) may have different requirements for security levels, such as government cloud platforms, enterprise clouds and other public storage services. At the same time, appropriately reducing the security level can enable the system to obtain storage performance gains, thereby reducing the deployment costs [4].

2. Regenerating Code in Cloud Storage System

Since Dimakis et al. [5] first introduced the idea of network coding [6] into DSS and proposed regenerating code to solve the problem of high bandwidth consumption within erasure correcting code [7], the security of cloud storage system based on regenerating code has begun to receive extensive attention from researchers. Oliveira et al. [8] used a Vandermonde matrix to design codes to increase the security capacity of a system, which indicates that regenerating codes can improve the security of a storage system. The data security strategy based on regenerating codes belongs to information-theory security. A number of simple encoding and decoding methods has been developed, though they have not limited the computing power of eavesdroppers. Hence, regenerating code is suitable for promotion and application in DSSs [9].
In recent years, research on using regenerating codes to ensure the security of DSS can be roughly divided into two categories. The first category focuses on deriving the corresponding upper bound of security capacity for different system models and eavesdropping models, and providing a regenerating code scheme that can achieve this upper bound, enabling the DSS to enhance its security. For example, Pawar et al. [10] used the max-flow min-cut theorem of graph theory [11] to solve the problem of node eavesdropping in homogeneous storage systems, and further constructed an encoding structure that can achieve the upper bound of the security capacity at the minimum bandwidth regeneration (MBR) point, enabling the system to achieve strong security. Rashmi et al. [12] used product matrix (PM) theory [13] and FR codes [14] to develop encoding schemes that meet strong security at MBR and minimum storage regeneration (MSR) points, respectively. Rawat et al. [15] and Goparaju et al. [16] used the linear subspace analysis method to give a new upper bound estimate of security capacity at MSR points, and constructed a secure storage code based on the maximum rank distance (MRD) codes [17,18]. Tandon et al. [19] studied the tradeoff between secure storage capacity and repair bandwidth, and obtained an improved upper bound on the security capacity that general regenerating codes can achieve. A team from Shanghai Jiao Tong University [20] considered the problem of multidimensional and multi-level secure regenerating codes, providing security constraints that can obtain MBR points. A team from Shandong University [21] gave a strong security coding design under the generalized cloud storage model. A team from the National University of Defense Science and Technology [22] proposed the concept of stationary MSR codes and obtained a fixed upper bound of the security capacity in linear MSR code scenarios.
The main objective of the above studies is to meet the strong security of the system. Although strong security does not reveal any information about the original file, it requires the introduction of a large number of random keys in the data symbols. As a result, the storage capacity is sacrificed, which is costly for cloud storage providers. Based on this, the second research direction on using regenerating codes to ensure data security is weak secure regenerating codes. The weak security nature of the system allows eavesdroppers to obtain partial information from the original file. However, they cannot decode any meaningful information of a single symbol in the original file [23]. Essentially, weak security does not introduce random keys and does not cause loss of storage capacity. Regarding the research on weakly secure regenerating codes, Kadhe et al. [24,25] proposed two external encoding structures using nested codes that can weakly protect PM-MBR codes and PM-MSR codes against eavesdropping. For MSR codes, Kadhe et al. [26] further proposed a generalized weakly secure encoding to meet practical application scenarios, where external encoding can be designed independently of internal encoding. Liu et al. [27] designed two types of weakly secure regenerating code schemes against eavesdropping attacks by combining the all-or-nothing transformation and a precise repair regenerating code strategy. Xu et al. [28] designed a heterogeneous encoding scheme, that satisfies weak security constraints, to address the issue of anti-link-eavesdropping in heterogeneous DSS. The team from the Beijing University of Posts and Telecommunications [29] analyzed the block security of PM-MSR codes, based on the Cauchy matrix, and proposed an improved MSR coding scheme to achieve optimal weak security.
It can be seen that research on strong or weak secure regenerating codes has achieved a series of results in recent years. However, strong security and weak security are only two properties of DSS. The former is too strict and the latter is too lenient. In practice, different applications may have different requirements for security levels [30]. Based on this consideration, this paper put forward a novel regenerating code structure with different security levels. The application of such a coding structure in cloud storage systems can not only ensure the availability and repairability of data, but also meet the personalized requirements of security level for cloud storage customers.

This entry is adapted from the peer-reviewed paper 10.3390/electronics12112423

This entry is offline, you can click here to edit this entry!
ScholarVision Creations