Advertisement

Security-Aware Elasticity for NoSQL Databases

  • Athanasios Naskos
  • Anastasios Gounaris
  • Haralambos Mouratidis
  • Panagiotis Katsaros
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9344)

Abstract

We focus on horizontally scaling NoSQL databases in a cloud environment, in order to meet performance requirements while respecting security constraints. The performance requirements refer to strict latency limits on the query response time. The security requirements are derived from the need to address two specific kinds of threats that exist in cloud databases, namely data leakage, mainly due to malicious activities of actors hosted on the same physical machine, and data loss after one or more node failures. We explain that usually there is a trade-off between performance and security requirements and we derive a model checking approach to drive runtime decisions that strike a user-defined balance between them. We evaluate our proposal using real traces to prove the effectiveness in configuring the trade-offs.

Keywords

Cloud Computing Security Requirement Data Loss Markov Decision Process Cloud Provider 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Notes

Acknowledgments

This research has been co-financed by the European Union (European Social Fund - ESF) and Greek national funds through the Operational Program “Education and Lifelong Learning of the National Strategic Reference Framework (NSRF) - Research Funding Program: Thales. Investing in knowledge society through the European Social Fund.”

References

  1. 1.
    Calinescu, R., Grunske, L., Kwiatkowska, M., Mirandola, R., Tamburrelli, G.: Dynamic qos management and optimization in service-based systems. IEEE Trans. Softw. Eng. 37(3), 387–409 (2011)CrossRefGoogle Scholar
  2. 2.
    Copil, G., Moldovan, D., Truong, H.-L., Dustdar, S.: Multi-level elasticity control of cloud services. In: Basu, S., Pautasso, C., Zhang, L., Fu, X. (eds.) ICSOC 2013. LNCS, vol. 8274, pp. 429–436. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  3. 3.
    Fernandez, H., Pierre, G., Kielmann, T.: Autoscaling web applications in heterogeneous cloud infrastructures. In: IC2E (2014)Google Scholar
  4. 4.
    Gong, C., Liu, J., Zhang, Q., Chen, H., Gong, Z.: The characteristics of cloud computing. In: Proceedings of the 2010 39th International Conference on Parallel Processing Workshops, pp. 275–279. ICPPW (2010)Google Scholar
  5. 5.
    Gong, Z., Gu, X., Wilkes, J.: Press: Predictive elastic resource scaling for cloud systems. In: CNSM, pp. 9–16 (2010)Google Scholar
  6. 6.
    Grispos, G., Glisson, W.B., Storer, T.: Using smartphones as a proxy for forensic evidence contained in cloud storage services. CoRR abs/1303.4078 (2013)Google Scholar
  7. 7.
    Grobauer, B., Walloschek, T., Stocker, E.: Understanding cloud computing vulnerabilities. IEEE Secur. Priv. 9(2), 50–57 (2011)CrossRefGoogle Scholar
  8. 8.
    Islam, S., Mouratidis, H., Kalloniatis, C., Hudic, A., Zechner, L.: Model based process to support security and privacy requirements engineering. IJSSE 3(3), 1–22 (2012)Google Scholar
  9. 9.
    Kalloniatis, C., Mouratidis, H., Islam, S.: Evaluating cloud deployment scenarios based on security and privacy requirements. Requir. Eng. 18(4), 299–319 (2013)CrossRefGoogle Scholar
  10. 10.
    Kwiatkowska, M., Norman, G., Parker, D.: Prism: probabilistic model checking for performance and reliability analysis. SIGMETRICS 36(4), 40–45 (2009)CrossRefGoogle Scholar
  11. 11.
    Moore, L., Bean, K., Ellahi, T.: A coordinated reactive and predictive approach to cloud elasticity. In: CLOUD COMPUTING, pp. 87–92 (2013)Google Scholar
  12. 12.
    Mouratidis, H., Islam, S., Kalloniatis, C., Gritzalis, S.: A framework to support selection of cloud providers based on security and privacy requirements. J. Syst. Softw. 86(9), 2276–2293 (2013)CrossRefGoogle Scholar
  13. 13.
    Mulazzani, M., Schrittwieser, S., Leithner, M., Huber, M., Weippl, E.: Dark clouds on the horizon: Using cloud storage as attack vector and online slack space. In: USENIX Security Symposium (2011)Google Scholar
  14. 14.
    Naskos, A., Stachtiari, E., Gounaris, A., Katsaros, P., Tsoumakos, D., Konstantinou, I., Sioutas, S.: Dependable horizontal scaling based on probabilistic model checking. In: CCGrid. IEEE (2015)Google Scholar
  15. 15.
    Papadimitriou, P., Garcia-Molina, H.: Data leakage detection. IEEE Trans. Knowl. Data Eng. 23(1), 51–63 (2011)CrossRefGoogle Scholar
  16. 16.
    Perez-Palacin, D., Calinescu, R., Merseguer, J.: Log2cloud: Log-based prediction of cost-performance trade-offs for cloud deployments. In: ACM SAC, pp. 397–404 (2013)Google Scholar
  17. 17.
    Puterman, M.L.: Markov Decision Processes: Discrete Stochastic Dynamic Programming. John Wiley and Sons Inc., New York (1994) CrossRefMATHGoogle Scholar
  18. 18.
    Shen, Z., Subbiah, S., Gu, X., Wilkes, J.: Cloudscale: Elastic resource scaling for multi-tenant cloud systems. In: SOCC, pp. 5:1–5:14 (2011)Google Scholar
  19. 19.
    Tan, Y., Nguyen, H., Shen, Z., Gu, X., Venkatramani, C., Rajan, D.: Prepare: Predictive performance anomaly prevention for virtualized cloud systems. In: ICDCS, pp. 285–294 (2012)Google Scholar
  20. 20.
    Tsoumakos, D., Konstantinou, I., Boumpouka, C., Sioutas, S., Koziris, N.: Automated, elastic resource provisioning for nosql clusters using tiramola. In: CCGrid, pp. 34–41 (2013)Google Scholar
  21. 21.
    Wenzel, S., Wessel, C., Humberg, T., Jürjens, J.: Securing processes for outsourcing into the cloud. In: 2nd International Conference on Cloud Computing and Services Science, April 2012Google Scholar
  22. 22.
    Zhang, Q., Zhani, M.F., Boutaba, R., Hellerstein, J.L.: Harmony: Dynamic heterogeneity-aware resource provisioning in the cloud. In: ICDCS, pp. 510–519 (2013)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Athanasios Naskos
    • 1
  • Anastasios Gounaris
    • 1
  • Haralambos Mouratidis
    • 2
  • Panagiotis Katsaros
    • 1
  1. 1.Department of InformaticsAristotle University of ThessalonikiThessalonikiGreece
  2. 2.School of Computing, Engineering and MathematicsUniversity of BrightonBrightonUK

Personalised recommendations