Encryption Strategies for Secure Big Data Storage: A Study of AWS S3 and Redshift Clusters
DOI:
https://doi.org/10.63282/3050-9416.IJAIBDCMS-V6I4P104Keywords:
Big Data Security, AWS S3, Redshift Clusters, Encryption Strategies, Cloud Security, Server-Side Encryption, Client-Side Encryption, Performance AnalysisAbstract
As the big data continues to grow exponentially, safeguarding the data and having the tighten access control mechanisms has become a problem that enterprises and researchers are in need of. Scalable and cost effective storage solutions are meted out via cloud based storage solutions such as Amazon Web Services (AWS) Simple Storage Service (S3) and Redshift. However, these services require numerous encryption strategies in place to make the data safe, confidential, secure, and compliant with the industry standards. In this paper we discuss the encryption techniques to be used in securing big data inside the AWS S3 and Redshift clusters. A comparative performance, security effectiveness and computational overhead analysis of server side encryption (SSE), client side encryption (CSE) and column level encryption are made. In addition to this, the study introduces the mathematical models to evaluate encryption performance, along with an optimum encryption framework to provide a balance between security and performance for big data workloads. These findings provide insight into the encryption mechanisms of cloud storage based encryption and give some guidelines how efficient and secure encryption policies can be achieved
References
[1] “Secure cloud storage of text and image files by giving access control to users,” International Journal of Recent Technology and Engineering, vol. 8, no. 4, pp. 4618-4622, 2019. doi: 10.35940/ijrte.c5172.118419.
[2] V. Athulya and E. Dileesh, “Study on encryption techniques used to secure cloud storage system,” International Journal of Scientific Research in Science Engineering and Technology, pp. 238-244, 2020. doi: 10.32628/ijsrset207140.
[3] J. Bethencourt, A. Sahai, and B. Waters, “Ciphertext-policy attribute-based encryption,” pp. 321-334, 2007. doi: 10.1109/sp.2007.11.
[4] A. Dalskov, “2fe: Two-factor encryption for cloud storage,” 2020. doi: 10.48550/arxiv.2010.14417.
[5] S. Kang, B. Veeravalli, and K. Aung, “Espresso: An encryption as a service for cloud storage systems,” pp. 15-28, 2014. doi: 10.1007/978-3-662-43862-6_2.
[6] K. Lee, “On the analysis of the revocable-storage identity-based encryption scheme,” 2019. doi: 10.48550/arxiv.1904.01203.
[7] S. Lee and I. Lee, “A secure index management scheme for providing data sharing in cloud storage,” Journal of Information Processing Systems, vol. 9, no. 2, pp. 287-300, 2013. doi: 10.3745/jips.2013.9.2.287.
[8] J. Liu, N. Asokan, and B. Pinkas, “Secure deduplication of encrypted data without additional independent servers,” 2015. doi: 10.1145/2810103.2813623.
[9] S. Luo, “User privacy protection scheme based on verifiable outsourcing attribute-based encryption,” Security and Communication Networks, vol. 2021, pp. 1-11, 2021. doi: 10.1155/2021/6617669.
[10] T. Naruse, M. Mohri, and Y. Shiraishi, “Attribute-based encryption with attribute revocation and grant function using proxy re-encryption and attribute key for updating,” pp. 119-125, 2014. doi: 10.1007/978-3-642-40861-8_18.
[11] V. S., H. Sarojadevi, M. Shalini, S. Mounica, T. Vinutha, and S. Sahana, “Security and protection of enterprise data in cloud: Implementation of deniable CP-ABE algorithm and performance considerations,” International Journal of Engineering Research and Applications, vol. 07, no. 05, pp. 79-83, 2017. doi: 10.9790/9622-0705037983.
[12] F. Shaon and M. Kantarcioglu, “A practical framework for executing complex queries over encrypted multimedia data,” pp. 179-195, 2016. doi: 10.1007/978-3-319-41483-6_14.
[13] C. Shruthi, P. Deepthi, and G. Sreelatha, “Flexible multi-keyword based optimized search scheme for encrypted cloud storage with user revocation,” IJARCCE, vol. 6, no. 5, pp. 257-263, 2017. doi: 10.17148/ijarcce.2017.6546.
[14] A. Shukla, S. Silakari, and U. Chourasia, “A secure data storage over cloud using ABE (attribute-based encryption) approach,” International Journal of Computer Applications, vol. 168, no. 9, pp. 45-48, 2017. doi: 10.5120/ijca2017914509.
[15] R. Tu, W. Wen, and C. Hua, “An unequal image privacy protection method based on saliency detection,” Security and Communication Networks, vol. 2020, pp. 1-13, 2020. doi: 10.1155/2020/8842376.
[16] M. Vanitha, S. Thaseen, and J. Banu, “Secure and error-free data storage on cloud via deniable CP-ABE scheme,” International Journal of Innovative Technology and Exploring Engineering, vol. 8, no. 10, pp. 2880-2883, 2019. doi: 10.35940/ijitee.j9614.0881019.
[17] P. Wang, F. Zhang, and C. Han, “A cloud storage encryption scheme based on separated key and encryption policy,” Advanced Materials Research, vol. 989-994, pp. 2543-2546, 2014. doi: 10.4028/www.scientific.net/amr.989-994.2543.
[18] J. Wu and J. Chen, “Research on the method of cloud computing storage security based on the homomorphic encryption method,” 2016. doi: 10.14257/astl.2016.139.88.
[19] S. Yu, C. Wang, K. Ren, and W. Lou, “Attribute-based data sharing with attribute revocation,” 2010. doi: 10.1145/1755688.1755720.
[20] S. Zhang, Y. Gan, and B. Wang, “Parallel optimization of the AES algorithm based on MapReduce,” Applied Mechanics and Materials, vol. 644-650, pp. 1911-1914, 2014. doi: 10.4028/www.scientific.net/amm.644-650.1911.
[21] W. Zhang, C. Ma, W. Sha, and Q. Zhou, “Research of data security in cloud storage,” 2015. doi: 10.2991/iiicec-15.2015.192.
[22] Y. Zhang, Z. Jia, and S. Wang, “A multi-user searchable symmetric encryption scheme for cloud storage system,” 2013. doi: 10.1109/incos.2013.155
