Visible to the public Data at Rest - Data i Motion

SoS Newsletter- Advanced Book Block

Data at Rest - Data in Motion

Data protection has distinguished between data in motion and data at rest for more than a decade. Research into these areas continues with the proliferation of cloud and mobile technologies. The articles cited here, separated by motion and rest, were offered in the first half of 2014. Data in Motion:

  • Ediger, D.; McColl, R.; Poovey, J.; Campbell, D., "Scalable Infrastructures for Data in Motion," Cluster, Cloud and Grid Computing (CCGrid), 2014 14th IEEE/ACM International Symposium on, vol., no., pp.875,882, 26-29 May 2014. doi: 10.1109/CCGrid.2014.91 Analytics applications for reporting and human interaction with big data rely upon scalable frameworks for data ingest, storage, and computation. Batch processing of analytic workloads increases latency of results and can perform redundant computation. In real-world applications, new data points are continuously arriving and a suite of algorithms must be updated to reflect the changes. Reducing the latency of re-computation by keeping algorithms online and up-to-date enables fast query, experimentation, and drill-down. In this paper, we share our experiences designing and implementing scalable infrastructure around No SQL databases for social media analytics applications. We propose a new heterogeneous architecture and execution model for streaming data applications that focuses on throughput and modularity.
    Keywords: Big Data; SQL; data analysis; social networking (online); NoSQL databases; analytic workloads; batch processing; big data; data in motion; data ingest; data storage; execution model; heterogeneous architecture; recomputation latency reduction; redundant computation; scalable infrastructures; social media analytics applications; streaming data applications; Algorithm design and analysis; Clustering algorithms; Computational modeling; Data structures; Databases; Media; Servers (ID#:14-2753)
  • Veiga Neves, M.; De Rose, C.AF.; Katrinis, K.; Franke, H., "Pythia: Faster Big Data in Motion through Predictive Software-Defined Network Optimization at Runtime," Parallel and Distributed Processing Symposium, 2014 IEEE 28th International, pp.82,90, 19-23 May 2014. doi: 10.1109/IPDPS.2014.20 The rise of Internet of Things sensors, social networking and mobile devices has led to an explosion of available data. Gaining insights into this data has led to the area of Big Data analytics. The MapReduce framework, as implemented in Hadoop, is one of the most popular frameworks for Big Data analysis. To handle the ever-increasing data size, Hadoop is a scalable framework that allows dedicated, seemingly unbound numbers of servers to participate in the analytics process. Response time of an analytics request is an important factor for time to value/insights. While the compute and disk I/O requirements can be scaled with the number of servers, scaling the system leads to increased network traffic. Arguably, the communication-heavy phase of MapReduce contributes significantly to the overall response time, the problem is further aggravated, if communication patterns are heavily skewed, as is not uncommon in many MapReduce workloads. In this paper we present a system that reduces the skew impact by transparently predicting data communication volume at runtime and mapping the many end-to-end flows among the various processes to the underlying network, using emerging software-defined networking technologies to avoid hotspots in the network. Dependent on the network oversubscription ratio, we demonstrate reduction in job completion time between 3% and 46% for popular MapReduce benchmarks like Sort and Nutch.
    Keywords: Big Data; computer networks; parallel programming; telecommunication traffic; Big Data analytics; Hadoop; MapReduce workloads; Nutch MapReduce benchmark; Pythia; Sort MapReduce benchmark; communication patterns; communication-heavy phase; compute requirements; data communication volume prediction; data size; disk I/O requirements; end-to-end flow mapping; job completion time reduction; network oversubscription ratio; network traffic; predictive software-defined network optimization; response time; runtime analysis; scalable framework; system scaling; unbound server numbers; Big data; Instruments; Job shop scheduling; Resource management; Routing; Runtime; Servers; Data communication; Data processing; Distributed computing (ID#:14-2754)
  • Hou, Junhui; Bian, Zhen-Peng; Chau, Lap-Pui; Magnenat-Thalmann, Nadia; He, Ying, "Restoring Corrupted Motion Capture Data Via Jointly Low-Rank Matrix Completion," Multimedia and Expo (ICME), 2014 IEEE International Conference on , vol., no., pp.1,6, 14-18 July 2014. doi: 10.1109/ICME.2014.6890222 Motion capture (mocap) technology is widely used in various applications. The acquired mocap data usually has missing data due to occlusions or ambiguities. Therefore, restoring the missing entries of the mocap data is a fundamental issue in mocap data analysis. Based on jointly low-rank matrix completion, this paper presents a practical and highly efficient algorithm for restoring the missing mocap data. Taking advantage of the unique properties of mocap data (i.e, strong correlation among the data), we represent the corrupted data as two types of matrices, where both the local and global characteristics are taken into consideration. Then we formulate the problem as a convex optimization problem, where the missing data is recovered by solving the two matrices using the alternating direction method of multipliers algorithm. Experimental results demonstrate that the proposed scheme significantly outperforms the state-of-the-art algorithms in terms of both the quality and computational cost.
    Keywords: Accuracy; Computational efficiency; Computers; Convex functions; Image restoration; Optimization; Trajectory; Motion capture; convex optimization; low-rank; matrix completion (ID#:14-2755)
  • Tennekoon, R.; Wijekoon, J.; Harahap, E.; Nishi, H.; Saito, E.; Katsura, S., "Per Hop Data Encryption Protocol For Transmission Of Motion Control Data Over Public Networks," Advanced Motion Control (AMC),2014 IEEE 13th International Workshop on , vol., no., pp.128,133, 14-16 March 2014. doi: 10.1109/AMC.2014.6823269 Bilateral controllers are widely used vital technology to perform remote operations and telesurgeries. The nature of the bilateral controller enables control objects, which are geographically far from the operation location. Therefore, the control data has to travel through public networks. As a result, to maintain the effectiveness and the consistency of applications such as teleoperations and telesurgeries, faster data delivery and data integrity are essential. The Service-oriented Router (SoR) was introduced to maintain the rich information on the Internet and to achieve maximum benefit from networks. In particular, the security, privacy and integrity of bilateral communication are not discoursed in spite of its significance brought by its underlying skill information or personal vital information. An SoR can analyze all packet or network stream transactions on its interfaces and store them in high throughput databases. In this paper, we introduce a hop-by-hop routing protocol which provides hop-by-hop data encryption using functions of the SoR. This infrastructure can provide security, privacy and integrity by using these functions. Furthermore, we present the implementations of proposed system in the ns-3 simulator and the test result shows that in a given scenario, the protocol only takes a processing delay of 46.32 ms for the encryption and decryption processes per a packet.
    Keywords: Internet; computer network security; control engineering computing; cryptographic protocols; data communication; data integrity; data privacy; force control; medical robotics; motion control; position control; routing protocols;surgery;telecontrol;telemedicine;telerobotics;Internet;SoR; bilateral communication; bilateral controller; control objects; data delivery; data integrity; decryption process; hop-by-hop data encryption; hop-by-hop routing protocol; motion control data transmission; network stream transaction analysis;ns-3 simulator; operation location; packet analysis; per hop data encryption protocol; personal vital information; privacy; processing delay; public network; remote operation; security;s ervice-oriented router; skill information; teleoperation; telesurgery; throughput database; Delays; Encryption; Haptic interfaces; Routing protocols; Surgery; Bilateral Controllers; Service-oriented Router; hop-by-hop routing; motion control over networks; ns-3 (ID#:14-2756)

Data at Rest:

  • Ferretti, L.; Colajanni, M.; Marchetti, M., "Distributed, Concurrent, and Independent Access to Encrypted Cloud Databases," Parallel and Distributed Systems, IEEE Transactions on , vol.25, no.2, pp.437,446, Feb. 2014 doi: 10.1109/TPDS.2013.154 Abstract: Placing critical data in the hands of a cloud provider should come with the guarantee of security and availability for data at rest, in motion, and in use. Several alternatives exist for storage services, while data confidentiality solutions for the database as a service paradigm are still immature. We propose a novel architecture that integrates cloud database services with data confidentiality and the possibility of executing concurrent operations on encrypted data. This is the first solution supporting geographically distributed clients to connect directly to an encrypted cloud database, and to execute concurrent and independent operations including those modifying the database structure. The proposed architecture has the further advantage of eliminating intermediate proxies that limit the elasticity, availability, and scalability properties that are intrinsic in cloud-based solutions. The efficacy of the proposed architecture is evaluated through theoretical analyses and extensive experimental results based on a prototype implementation subject to the TPC-C standard benchmark for different numbers of clients and network latencies.
    Keywords: {cloud computing; cryptography; database management systems; TPC-C standard benchmark; availability property; cloud database services; concurrent access; data confidentiality; database structure modification; distributed access; elasticity property; encrypted cloud database; encrypted data concurrent operation execution; geographically distributed clients; independent access; intermediate proxies elimination; network latencies; scalability property; Cloud; SecureDBaaS; confidentiality; database ;security (ID#:14-2757)
  • Woods, Jacqueline; Iyengar, Sridhar; Sinha, Amit; Mitra, Subhasish; Cannady, Stacy, "A New Era Of Computing: Are You "Ready Now" To Build A Smarter And Secured Enterprise?," Quality Electronic Design (ISQED), 2014 15th International Symposium on, pp.1,7, 3-5 March 2014. doi: 10.1109/ISQED.2014.6783293 We are experiencing fundamental changes in how we interact, live, work and succeed in business. To support the new paradigm, computing must be simpler, more responsive and more adaptive, with the ability to seamlessly move from monolithic applications to dynamic services, from structured data at rest to unstructured data in motion, from supporting standard device interfaces to supporting a myriad of new and different devices every day. IBM understands this need to integrate social, mobile, cloud and big data to deliver value for your enterprise, so join this discussion, and learn how IBM helps customers leverage these technologies for superior customer value.
    Keywords: (not provided) (ID#:14-2758)
  • Rodriguez Garcia, Ricardo; Thorpe, Julie; Vargas Martin, Miguel, "Crypto-assistant: Towards Facilitating Developer's Encryption Of Sensitive Data," Privacy, Security and Trust (PST), 2014 Twelfth Annual International Conference on, pp.342,346, 23-24 July 2014. doi: 10.1109/PST.2014.6890958 The lack of encryption of data at rest or in motion is one of the top 10 database vulnerabilities [1]. We suggest that this vulnerability could be prevented by encouraging developers to perform encryption-related tasks by enhancing their integrated development environment (IDE). To this end, we created the Crypto-Assistant: a modified version of the Hibernate Tools plug-in for the popular Eclipse IDE. The purpose of the Crypto-Assistant is to mitigate the impact of developers' lack of security knowledge related to encryption by facilitating the use of encryption directives via a graphical user interface that seamlessly integrates with Hibernate Tools. Two preliminary tests helped us to identify items for improvement which have been implemented in Crypto-Assistant. We discuss Crypto-Assistant's architecture, interface, changes in the developers' workflow, and design considerations.
    Keywords: Databases; Encryption; Java; Prototypes; Software (ID#:14-2759)
  • Hankins, R.Q.; Jigang Liu, "A Novel Approach To Evaluating Similarity In Computer Forensic Investigations," Electro/Information Technology (EIT), 2014 IEEE International Conference on,, pp.567,572, 5-7 June 2014. doi: 10.1109/EIT.2014.6871826 Abstraction-based approaches to data analysis in computer forensics require substantial human effort to determine what data is useful. Automated or semi-automated, similarity-based approaches allow rapid computer forensics analysis of large data sets with less focus on untangling many layers of abstraction. Rapid and automated ranking of data by its value to a computer forensics investigation eliminates much of the human effort required in the computer forensics process, leaving investigators to judge and specify what data is interesting, and automating the rest of analysis. In this paper, we develop two algorithms that find portions of a string relevant to an investigation, then refine that portion using a combination of human and computer analysis to rapidly and effectively extract the most useful data from the string, speeding, automatically documenting, and partially automating analysis.
    Keywords: data analysis; digital forensics; abstraction-based approach; computer analysis; computer forensic investigations; data analysis; data ranking; human analysis; similarity evaluation; similarity-based approach; Algorithm design and analysis; Computational complexity; Computers; Digital forensics; Measurement (ID#:14-2760)
  • D'Orazio, C.; Ariffin, A; Choo, K.-K.R., "iOS Anti-forensics: How Can We Securely Conceal, Delete and Insert Data?," System Sciences (HICSS), 2014 47th Hawaii International Conference on, pp.4838,4847, 6-9 Jan. 2014. doi: 10.1109/HICSS.2014.594 With increasing popularity of smart mobile devices such as iOS devices, security and privacy concerns have emerged as a salient area of inquiry. A relatively under-studied area is anti-mobile forensics to prevent or inhibit forensic investigations. In this paper, we propose a "Concealment" technique to enhance the security of non-protected (Class D) data that is at rest on iOS devices, as well as a "Deletion" technique to reinforce data deletion from iOS devices. We also demonstrate how our "Insertion" technique can be used to insert data into iOS devices surreptitiously that would be hard to pick up in a forensic investigation.
    Keywords: data privacy; digital forensics; iOS (operating system); mobile computing; mobile handsets; antimobile forensics; concealment technique; data deletion; deletion technique; forensic investigations; iOS antiforensics; iOS devices; insertion technique; nonprotected data security; privacy concerns; security concerns; smart mobile devices; Cryptography; File systems; Forensics; Mobile handsets; Random access memory; Videos; iOS anti-forensics; iOS forensics; mobile anti-forensics; mobile forensics (ID#:14-2761)


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.