Abstract
Using cloud storage servers to manage large amounts of data has gained increased interest due to their advantages (like availability and scalability). A major disadvantage of cloud storage providers, however, is their lack of security features. In this article we analyze a cloud storage setting where confidentiality of outsourced data is maintained by letting the client encrypt all data records before sending them to the cloud storage. Our main focus is on benchmarking and quantifying the performance loss that such a cloud storage system incurs due to encrypted storage. We present results based on a modification of the Yahoo! Cloud Serving Benchmark using the AES implementation of the Bouncy Castle Java Cryptography Provider for the encryption and decryption steps. The results show that for single read and write operations the performance loss is acceptable (even for stronger encryption with 256 bit keylength) while for range scans the impact can be quite severe.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Cooper, B.F., Silberstein, A., Tam, E., Ramakrishnan, R., Sears, R.: Benchmarking cloud serving systems with YCSB. In: Proceedings of the 1st ACM Symposium on Cloud Computing, pp. 143–154. ACM (2010)
The Legion of the Bouncy Castle. http://bouncycastle.org/
Lakshman, A., Malik, P.: Cassandra: a decentralized structured storage system. ACM SIGOPS Operating Syst. Rev. 44(2), 35–40 (2010)
The Apache Software Foundation. http://cassandra.apache.org
Borthakur, D., Gray, J., Sarma, J.S., Muthukkaruppan, K., Spiegelberg, N., Kuang, H., Ranganathan, K., Molkov, D., Menon, A., Rash, S., et al.: Apache hadoop goes realtime at facebook. In: Proceedings of the 2011 ACM SIGMOD International Conference on Management of Data, pp. 1071–1080. ACM (2011)
The Apache Software Foundation. http://hbase.apache.org
Brewer, E.A.: Towards robust distributed systems. In: PODC, p. 7 (2000)
Brewer, E.: A certain freedom: thoughts on the cap theorem. In: Proceedings of the 29th ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing, p. 335. ACM (2010)
Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: Proceedings of the 2000 IEEE Symposium on Security and Privacy, S&P 2000, pp. 44–55. IEEE (2000)
Kaliski, B.: Rfc 2315: Pkcs# 7: Cryptographic message syntax. Request for Comments (RFC) 2315 (1998)
Dede, E., Sendir, B., Kuzlu, P., Hartog, J., Govindaraju, M.: An evaluation of cassandra for hadoop. In: 2013 IEEE Sixth International Conference on Cloud Computing (CLOUD), pp. 494–501. IEEE (2013)
Cooper, B.F.: https://github.com/brianfrankcooper/YCSB/wiki/Core-Workloads/
Patil, S., Polte, M., Ren, K., Tantisiriroj, W., Xiao, L., López, J., Gibson, G., Fuchs, A., Rinaldi, B.: Ycsb++: benchmarking and performance debugging advanced features in scalable table stores. In: Proceedings of the 2nd ACM Symposium on Cloud Computing, pp. 9:1–9:14. ACM (2011)
Aniello, L., Bonomi, S., Breno, M., Baldoni, R.: Assessing data availability of cassandra in the presence of non-accurate membership. In: Proceedings of the 2nd International Workshop on Dependability Issues in Cloud Computing, pp. 2:1–2:6. ACM (2013)
Okman, L., Gal-Oz, N., Gonen, Y., Gudes, E., Abramov, J.: Security issues in nosql databases. In: 10th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 541–547. IEEE (2011)
Zhu, Y., Ahn, G.J., Hu, H., Ma, D., Wang, S.: Role-based cryptosystem: a new cryptographic RBAC system based on role-key hierarchy. IEEE Trans. Inf. Forensics Secur. 8(12), 2138–2153 (2013)
Acknowledgements
This work was partially funded by the DFG under grant number WI 4086/2-1.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Waage, T., Wiese, L. (2015). Benchmarking Encrypted Data Storage in HBase and Cassandra with YCSB. In: Cuppens, F., Garcia-Alfaro, J., Zincir Heywood, N., Fong, P. (eds) Foundations and Practice of Security. FPS 2014. Lecture Notes in Computer Science(), vol 8930. Springer, Cham. https://doi.org/10.1007/978-3-319-17040-4_20
Download citation
DOI: https://doi.org/10.1007/978-3-319-17040-4_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-17039-8
Online ISBN: 978-3-319-17040-4
eBook Packages: Computer ScienceComputer Science (R0)