logo

SCIENTIA SINICA Informationis, Volume 50 , Issue 1 : 25-66(2020) https://doi.org/10.1360/N112019-00077

Research progress on big data security technology

More info
  • ReceivedApr 18, 2019
  • AcceptedJun 27, 2019
  • PublishedJan 8, 2020

Abstract

As a new and energetic realm of economic development, an innovative engine of social development, and a strategic tool for shaping national competitiveness, big data significantly effects people's lives. However, improved social awareness of data value and vigorous development of big data platforms mean that big data security is increasingly hindering the promotion of big data applications. Meanwhile, as big data technology and framework continue to evolve, researchers still have different understandings of the core ideas and key features of big data security, and a unified big data security framework has yet to be established. Currently, determining the state-of-the-art of big data security technology is urgently needed to provide reference for research aimed at solving key big data security issues. Following a typical big data system technology framework, this review builds a novel big data security technology framework around big data security requirements. With this framework, state-of-the-art key big data security technologies are systematically summarized from three aspects: big data secure sharing and trusted services, big data platform security, and big data security supervision, which includes the main security mechanisms involved in big data business processes and system technology frameworks. Finally, big data security technology's core issues and development trends are summarized.


Funded by

国家重点研发计划(2018YFB0803603)

科技创新特区(18-H863-01-ZT-005-017-01)


References

[1] Computer Emergency Rediness Team. 2017 security report--data breach. Qihoo 360 Technology Co. Ltd., 2018. Google Scholar

[2] Li X L, Gong H G. A survey on big data systems. Sci Sin Inform, 2015, 45: 1--44. Google Scholar

[3] Alshboul Y, Wang Y. Big data lifecycle: Threats and security model. In: Proceedings of the 21st Americas Conference on Information Systems, Fajardo, 2015. 3623--3629. Google Scholar

[4] Mehmood A, Natgunanathan I, Xiang Y. Protection of Big Data Privacy. IEEE Access, 2016, 4: 1821-1834 CrossRef Google Scholar

[5] Fang B X, Jia Y, Li A P, et al. Privacy preservation in big data: a survey. Big Data Research, 2016, 2: 1--18. Google Scholar

[6] National Information Security Standardization Technical Committee. Information Security Technology -- Big Data Security Management Guide (Draft for Comments). 2017. Google Scholar

[7] Anant B, Yu C, Adam F, et al. Expanded top ten big data security and privacy challenges. Cloud Security Alliance Big Data Working Group, 2013. Google Scholar

[8] Chang W L, Roy A, Underwood M, et al. NIST big data interoperability framework: volume 4, security and privacy. National Institute of Standards and Technology, 2015. Google Scholar

[9] Wang J M, Chen X S, Liu X G, et al. Big data security standardization white paper (2017). National Information Security Standardization Technical Committee SWG-BDS, 2017. Google Scholar

[10] Tankard C. Big data security. Network Security, 2012, 2012(7): 5-8 CrossRef Google Scholar

[11] Matturdi B, Zhou X, Li S. Big Data security and privacy: A review. China Commun, 2014, 11: 135-145 CrossRef Google Scholar

[12] Bertino E, Ferrari E. Big data security and privacy. In: A Comprehensive Guide Through the Italian Database Research Over the Last 25 Years. Berlin: Springer, 2018. 425--439. Google Scholar

[13] Walshe R, Boyd D. Big Data Reference Architecture - Part 3: Reference Architecture (2nd Working Draft). ISO/IEC JTC1 WG9, 2016. Google Scholar

[14] Mei H, Gao L, Dai H, et al. Information Technology - Big Data - Technical Reference Model. National Information Technoloty Standardization Technical Committee, 2017. Google Scholar

[15] Liang F, Yu W, An D. A Survey on Big Data Market: Pricing, Trading and Protection. IEEE Access, 2018, 6: 15132-15154 CrossRef Google Scholar

[16] Chen J C, Xue Y Z. Bootstrapping a blockchain based ecosystem for big data exchange. In: Proceedings of the 2017 IEEE International Congress on Big Data, Hawaii, 2017. 460--463. Google Scholar

[17] Liang J, Han W, Guo Z. DESC: enabling secure data exchange based on smart contracts. Sci China Inf Sci, 2018, 61: 049102 CrossRef Google Scholar

[18] Nakamoto S. Bitcoin: a peer-to-peer electronic cash system. 2008. Google Scholar

[19] Missier P, Bajoudah S, Capossele A, et al. Mind my value: a decentralized infrastructure for fair and trusted IoT data trading. In: Proceedings of the 7th International Conference on the Internet of Things, Linz, 2017. 15. Google Scholar

[20] Nasonov D, Visheratin A A, Boukhanovsky A. Blockchain-based transaction integrity in distributed big data marketplace. In: Proceedings of the International Conference on Computational Science, Wuxi, 2018. 569--577. Google Scholar

[21] Molinajimenez C, Solaiman E, Sfyrakis I, et al. On and off-blockchain enforcement of smart contracts. In: Euro-Par 2018: Parallel Processing Workshops. Berlin: Springer, 2018. 342--354. Google Scholar

[22] Azaria A, Ekblaw A, Vieira T, et al. MedRec: using blockchain for medical data access and permission management. In: Proceedings of the 2nd International Conference on Open and Big Data, Vienna, 2016. 25--30. Google Scholar

[23] Castaldo L, Cinque V. Blockchain-based logging for the cross-border exchange of ehealth data in Europe. In: Proceedings of the International ISCIS Security Workshop, London, 2018. 46--56. Google Scholar

[24] Yan S, Qing S D, Wei K. Application of blockchain in data circulation. Big Data Res, 2018, 4: 3--12. Google Scholar

[25] Lin I-C, Liao T-C. A survey of blockchain security issues and challenges. IJ Netw Secur, 2017, 19: 653--659. Google Scholar

[26] Dong X Q, Guo B, Shen Y, et al. An Efficient and Secure Decentralizing Data Sharing Model. Chin J Comput, 2018, 41: 1021--1036. Google Scholar

[27] Yang Q. The Challenge of GDPR to AI and the Countermeasures Based on Federated Transfer Learning. CAAI Trans Intell Tech, 2018, 8: 1--8. Google Scholar

[28] Pan S J, Yang Q. A Survey on Transfer Learning. IEEE Trans Knowl Data Eng, 2010, 22: 1345-1359 CrossRef Google Scholar

[29] Sweeney L. k-ANONYMITY: A MODEL FOR PROTECTING PRIVACY. Int J Unc Fuzz Knowl Based Syst, 2002, 10: 557-570 CrossRef Google Scholar

[30] Feng D G, Zhang M, Li H. Big data security and privacy protection. Chinese Journal of Computers, 2014, 37: 246--258. Google Scholar

[31] Byun J W, Sohn Y, Bertino E, et al. Secure Anonymization for Incremental Datasets. Berlin: Springer, 2006. Google Scholar

[32] Xiao X K, Tao Y F. M-invariance: towards privacy preserving re-publication of dynamic datasets. In: Proceedings of ACM SIGMOD International Conference on Management of Data, Beijing, 2007. 689--700. Google Scholar

[33] Bu Y, Fu A W C, Wong R C W. Privacy preserving serial data publishing by role composition. Proc VLDB Endow, 2008, 1: 845-856 CrossRef Google Scholar

[34] Fu Y Y, Fu H, Xie X. Social network anonymization and privacy protection. Communications of the CCF, 2014, 10: 51--58. Google Scholar

[35] Liu P, Li X X. An improved privacy preserving algorithm for publishing social network data. In: Proceedings of the 10th IEEE International Conference on High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing, Zhangjiajie, 2013. 888--895. Google Scholar

[36] Zou L, Chen L, ?zsu M T. k-automorphism. Proc VLDB Endow, 2009, 2: 946-957 CrossRef Google Scholar

[37] Yuan M, Chen L, Yu P S. Protecting Sensitive Labels in Social Network Data Anonymization. IEEE Trans Knowl Data Eng, 2013, 25: 633-647 CrossRef Google Scholar

[38] Fu Y Y, Zhang M, Feng D G, et al. Attribute Privacy Preservation in Social Networks Based on Node Anatomy. Journal of Sotfware, 2014, 25: 768--780. Google Scholar

[39] Tassa T, Cohen D J. Anonymization of Centralized and Distributed Social Networks by Sequential Clustering. IEEE Trans Knowl Data Eng, 2013, 25: 311-324 CrossRef Google Scholar

[40] Skarkala M E, Maragoudakis M, Gritzalis S, et al. Privacy preservation by k-anonymization of weighted social networks. In: Proceedings of the 2012 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining, Istanbul, 2012. 423--428. Google Scholar

[41] Gruteser M, Grunwald D. Anonymous usage of location-based services through spatial and temporal cloaking. In: Proceedings of the 1st International Conference on Mobile Systems, Applications and Services, San Francisco, 2003. 31--42. Google Scholar

[42] Dewri R, Ray I, Ray I, et al. Query m-invariance: preventing query disclosures in continuous location-based services. In: Proceedings of the 11th International Conference on Mobile Data Management, Kansas City, 2010. 95--104. Google Scholar

[43] Huo Z, Meng X F. Chin J Comput, 2011, 34: 1820-1830 CrossRef Google Scholar

[44] Poulis G, Skiadopoulos S, Loukides G, et al. Distance-based km-anonymization of trajectory data. In: Proceedings of the 14th International Conference on Mobile Data Management, Milan, 2013. 57--62. Google Scholar

[45] Gidofalvi G, Huang X, Pedersen T B. Privacy-preserving data mining on moving object trajectories. In: Proceedings of the 8th International Conference on Mobile data management, Mannheim, 2007. 60--68. Google Scholar

[46] Xu T, Cai Y. Exploring historical location data for anonymity preservation in location-based services. In: Proceedings of the 27th Conference on Computer Communications, Phoenix, 2008. 547--555. Google Scholar

[47] Huo Z, Meng X F. A trajectory data publication method under differential privacy. Chinese Journal of Computers, 2018, 41: 400-412. Google Scholar

[48] Dwork C. Differential privacy. In: Proceedings of the 33rd International Colloquium on Automata, Languages and Programming, Venice, 2006. 1--12. Google Scholar

[49] Sala A, Zhao X, Wilson C, et al. Sharing graphs using differentially private graph models. In: Proceedings of ACM SIGCOMM Conference on Internet Measurement Conference, 2011. 81--98. Google Scholar

[50] Wagner I, Eckhoff D. Technical Privacy Metrics. ACM Comput Surv, 2018, 51: 1-38 CrossRef Google Scholar

[51] Friedman A, Schuster A. Data mining with differential privacy. In: Proceedings of the 16th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, Washington, 2010. 493--502. Google Scholar

[52] Xiong P, Zhu T Q, Wang X F. A Survey on Differential Privacy and Applications. Chinese Journal of Computers, 2014, 37: 101--122. Google Scholar

[53] Warner S L. Randomized Response: A Survey Technique for Eliminating Evasive Answer Bias. J Am Statistical Association, 1965, 60: 63-69 CrossRef Google Scholar

[54] Ye Q Q, Meng X F, Zhu M J, et al. Survey on local differential privacy. J Softw, 2018, 29: 1981--2005. Google Scholar

[55] Qin Z, Yang Y, Yu T, et al. Heavy hitter estimation over set-valued data with local differential privacy. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, 2016. 192--203. Google Scholar

[56] Xu C, Ren J, Zhang Y. DPPro: Differentially Private High-Dimensional Data Release via Random Projection. IEEE TransInformForensic Secur, 2017, 12: 3081-3093 CrossRef Google Scholar

[57] Ren X, Yu C M, Yu W. IEEE TransInformForensic Secur, 2018, 13: 2151-2166 CrossRef Google Scholar

[58] Liyue Fan , Li Xiong . An Adaptive Approach to Real-Time Aggregate Monitoring With Differential Privacy. IEEE Trans Knowl Data Eng, 2014, 26: 2094-2106 CrossRef Google Scholar

[59] Chan T H, Shi E, Song D. Private and continual release of statistics. In: Proceedings of International Colloquium Conference on Automata, Languages and Programming, 2010. 405--417. Google Scholar

[60] Agrawal R, Srikant R. Privacy-preserving data mining. In: Proceedings of the 2000 ACM SIGMOD International Conference on Management of Data, Dallas, 2000. 439--450. Google Scholar

[61] Zhou S G, Li F, Tao Y F. Chin J Comput, 2009, 32: 847-861 CrossRef Google Scholar

[62] Cheng X, Su S, Xu S. DP-Apriori: A differentially private frequent itemset mining algorithm based on transaction splitting. Comput Security, 2015, 50: 74-90 CrossRef Google Scholar

[63] McSherry F D. Privacy integrated queries: an extensible platform for privacy-preserving data analysis. In: Proceedings of the 2009 ACM SIGMOD International Conference on Management of data, Providence, 2009. 19--30. Google Scholar

[64] Chaudhuri K, Monteleoni C, Sarwate A D. Differentially private empirical risk minimization. J Mach Learn Res, 2011, 12: 1069--1109. Google Scholar

[65] Zhang J, Zhang Z, Xiao X. Functional mechanism. Proc VLDB Endow, 2012, 5: 1364-1375 CrossRef Google Scholar

[66] Dwork C. A firm foundation for private data analysis. Commun ACM, 2011, 54: 86 CrossRef Google Scholar

[67] Kang H Y, Ma Y L. Survey on Application of Data Mining via Differential Privacy. Journal of Shandong University (Natural Science), 2017, 52: 16--23. Google Scholar

[68] Li N, Qardaji W, Su D. PrivBasis. Proc VLDB Endow, 2012, 5: 1340-1351 CrossRef Google Scholar

[69] Lin C, Song Z, Song H. Differential Privacy Preserving in Big Data Analytics for Connected Health.. J Med Syst, 2016, 40: 97 CrossRef PubMed Google Scholar

[70] Roy I, Setty S T, Kilzer A, et al. Airavat: security and privacy for MapReduce. In: Proceedings of the 7th USENIX Symposium on Networked Systems Design and Implementation, San Jose, 2010. 297--312. Google Scholar

[71] Rivest R L, Adleman L, Dertouzos M L. On data banks and privacy homomorphisms. Foundations Secure Comput, 1978, 4: 169--180. Google Scholar

[72] Graepel T, Lauter K, Naehrig M. ML confidential: machine learning on encrypted data. In: Proceedings of the 15th International Conference on Information Security and Cryptology, Seoul, 2012. 1--21. Google Scholar

[73] Almutairi N, Coenen F, Dures K. K-means clustering using homomorphic encryption and an updatable distance matrix: secure third party data clustering with limited data owner interaction. In: Proceedings of the 19th International Conference on Big Data Analytics and Knowledge Discovery, Lyon, 2017. 274--285. Google Scholar

[74] Li L, Lu R, Choo K K R. Privacy-Preserving-Outsourced Association Rule Mining on Vertically Partitioned Databases. IEEE TransInformForensic Secur, 2016, 11: 1847-1861 CrossRef Google Scholar

[75] Wang B, Zhan Y, Zhang Z. Cryptanalysis of a Symmetric Fully Homomorphic Encryption Scheme. IEEE TransInformForensic Secur, 2018, 13: 1460-1467 CrossRef Google Scholar

[76] Gilad-Bachrach R, Dowlin N, Laine K, et al. Cryptonets: applying neural networks to encrypted data with high throughput and accuracy. In: Proceedings of the 33rd International Conference on Machine Learning, New York, 2016. 201--210. Google Scholar

[77] Ben-Or M, Goldwasser S, Wigderson A. Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: Proceedings of the 20th Annual ACM Symposium on Theory of Computing, Chicago, 1988. 1--10. Google Scholar

[78] Zhou S F, Dou J W, Guo Y M, et al. Secure multiparty vector computation. Chin J Comput, 2017, 40: 1134--1150. Google Scholar

[79] Catak F Ö. Secure multi-party computation based privacy preserving extreme learning machine algorithm over vertically distributed data. In: Proceedings of the 22nd International Conference on Neural Information Processing, Istanbul, 2015. 337--345. Google Scholar

[80] ?nan A, Kaya S V, Sayg?n Y. Privacy preserving clustering on horizontally partitioned data. Data Knowledge Eng, 2007, 63: 646-666 CrossRef Google Scholar

[81] Kamara S, Mohassel P, Raykova M, et al. Scaling private set intersection to billion-element sets. In: Proceedings of the 18th International Conference on Financial Cryptography and Data Security, Barbados, 2014. 195--215. Google Scholar

[82] Jiang H, Xu Q L. Secure multiparty computation in cloud computing. J Comput Res Develop, 2016, 53: 2152--2162. Google Scholar

[83] Asharov G, Jain A, López-Alt A, et al. Multiparty computation with low communication, computation and interaction via threshold FHE. In: Proceedings of the 31st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cambridge, 2012. 483--501. Google Scholar

[84] López-Alt A, Tromer E, Vaikuntanathan V. On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption. In: Proceedings of the 44th Annual ACM Symposium on Theory of Computing, New York, 2012. 1219--1234. Google Scholar

[85] Peter A, Tews E, Katzenbeisser S. Efficiently Outsourcing Multiparty Computation Under Multiple Keys. IEEE TransInformForensic Secur, 2013, 8: 2046-2058 CrossRef Google Scholar

[86] Damgard I, Pastro V, Smart N, et al. Multiparty computation from somewhat homomorphic encryption. In: Advances in Cryptology-CRYPTO 2012. Berlin: Springer, 2012. 643--662. Google Scholar

[87] Liu M H, Zhang N, Zhang Y X, et al. Research on sensitive data protection technology on cloud computing. Telecommun Sci, 2014, 30: 2--8. Google Scholar

[88] Chen T Y, Chen J F. Intelligent data masking system for big data productive environment. Commun Tech, 2016, 49: 915--922. Google Scholar

[89] Jin J, Ping X J, Zhang T, et al. Survey of text localization techniques in images. Appl Res Comput, 2007, 24: 8--11. Google Scholar

[90] Black J, Rogaway P. Ciphers with arbitrary finite domains. In: Proceedings of the Cryptographers' Track at the RSA Conference, San Jose, 2002. 114--130. Google Scholar

[91] Joseph F, Brian L. Magic Quadrant for Data Masking Technology. Gartner, 2013. Google Scholar

[92] Wang J M, Liu X G, Jin T, et al. Big data security standardization white paper (2018). National Information Security Standardization Technical Committee SWG-BDS, 2018. Google Scholar

[93] Chang W L. NIST Big Data Interoperability Framework: Volume 6, Reference Architecture. NIST, 2015. Google Scholar

[94] Das D, O'Malley O, Radia S, et al. Adding security to apache hadoop. Hortonworks, 2011. Google Scholar

[95] Zhang K, Zhou X Y, Chen Y, et al. Sedic: Privacy-Aware Data Intensive Computing on Hybrid Clouds. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, Chicago, 2011. 515--526. Google Scholar

[96] Zhang C, Chang E C, Yap R H C. Tagged-MapReduce: a general framework for secure computing with mixed-sensitivity data on hybrid clouds. In: Proceedings of the 14th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, Chicago, 2014. 31--40. Google Scholar

[97] Oktay K Y, Mehrotra S, Khadilkar V, et al. SEMROD: secure and efficient MapReduce over HybriD clouds. In: Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data, Melbourne, 2015. 153--166. Google Scholar

[98] Shen Q N, Qing S H, Wu Z H, et al. Securely redundant scheduling policy for MapReduce based on dynamic domains partition. J Commun, 2014, 35: 34--46. Google Scholar

[99] Mckeen F, Alexandrovich I, Berenzon A, et al. Innovative instructions and software model for isolated execution. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, Tel-Aviv, 2013. 10. Google Scholar

[100] Schuster F, Costa M, Fournet C, et al. VC3: trustworthy data analytics in the cloud using SGX. In: Proceedings of the 36th IEEE Symposium on Security and Privacy, San Jose, 2015. 38--54. Google Scholar

[101] Pires R, Gavril D, Felber P, et al. A lightweight MapReduce framework for secure processing with SGX. In: Proceedings of the 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, Madrid, 2017. 1100--1107. Google Scholar

[102] Ohrimenko O, Costa M, Fournet C, et al. Observing and preventing leakage in MapReduce. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, 2015. 1570--1581. Google Scholar

[103] Schwarz M, Weiser S, Gruss D, et al. Malware guard extension: using SGX to conceal cache attacks. In: Proceedings of the 2017 International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, Bonn, 2017. 3--24. Google Scholar

[104] Sharma P P, Navdeti C P. Securing big data hadoop: a review of security issues, threats and solution. Int J Comput Sci Inf Tech, 2014, 5: 2126--2131. Google Scholar

[105] Ning F X, Wen Y, Shi G. GuardSpark: access control enforcement in spark. J Cyber Secur, 2017, 2: 70--81. Google Scholar

[106] Ulusoy H, Colombo P, Ferrari E, et al. GuardMR: fine-grained security policy enforcement for MapReduce systems. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, Singapore, 2015. 285--296. Google Scholar

[107] Preuveneers D, Joosen W. SparkXS: efficient access control for intelligent and large-scale streaming data applications. In: Proceedings of the 11th International Conference on Intelligent Environments, Prague, 2015. 96--103. Google Scholar

[108] Wang J H, Liu C Y, Wang G F, et al. Review of trusted cloud computing based on proof-based verifiable computation. Chin J Comput, 2016, 39: 286--304. Google Scholar

[109] Braun B, Feldman A J, Ren Z, et al. Verifying computations with state. In: Proceedings of the 24th ACM Symposium on Operating Systems Principles, Farmington, 2013. 341--357. Google Scholar

[110] Ding Y, Wang H M, Shi P C, et al. Trusted cloud service. Chin J Comput, 2015, 38: 133--149. Google Scholar

[111] Wei W, Du J, Yu T, et al. Securemr: a service integrity assurance framework for mapreduce. In: Proceedings of the Annual Computer Security Applications Conference, Honolulu, 2009. 73--82. Google Scholar

[112] Wang Y Z, Wei J P. Viaf: verification-based integrity assurance framework for mapreduce. In: Proceedings of the 2011 IEEE International Conference on Cloud Computing, Washington, 2011. 300--307. Google Scholar

[113] Xiao Z F, Xiao Y. Accountable MapReduce in cloud computing. In: Proceedings of Computer Communications Workshops, 2011. 1082--1087. Google Scholar

[114] Huang C, Zhu S C, Wu D H. Towards trusted services: Result verification schemes for mapreduce. In: Proceedings of the 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, Ottawa, 2012. 41--48. Google Scholar

[115] Ruan A, Martin A. Tmr: towards a trusted mapreduce infrastructure. In: Proceedings of the IEEE 8th World Congress on Services, Honolulu, 2012. 141--148. Google Scholar

[116] Wang Y Z, Wei J P, Srivatsa M. Result integrity check for mapreduce computation on hybrid clouds. In: Proceedings of the IEEE Sixth International Conference on Cloud Computing, Santa Clara, 2013. 847--854. Google Scholar

[117] Gentry C. Fully homomorphic encryption using ideal lattices. In: Proceedings of the 41st ACM Symposium on Theory of Computing, Washington, 2009. 169--178. Google Scholar

[118] China Association for Science and Technoloty. 2014 2015 Report on Advances in Cryptology. Beijing: China Science and Technology Press. Google Scholar

[119] Coron J-S. Survey of Existing SHE schemes and Cryptanalytic Techniques. Homomorphic Encryption Applications and Technology Project, 2015. Google Scholar

[120] Ducas L, Micciancio D. FHEW: bootstrapping homomorphic encryption in less than a second. In: Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, 2015. 617--640. Google Scholar

[121] Chillotti I, Gama N, Georgieva M, et al. Faster fully homomorphic encryption: bootstrapping in less than 0.1 seconds. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, 2016. 3--33. Google Scholar

[122] Halevi S, Shoup V. Faster homomorphic linear transformations in helib. In: Advances in Cryptology-CRYPTO 2018. Berlin: Springer, 2018. Google Scholar

[123] van Dijk M, Gentry C, Halevi S, et al. Fully homomorphic encryption over the integers. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco and Nice, 2010. 24--43. Google Scholar

[124] Martins P, Sousa L, Mariano A. A Survey on Fully Homomorphic Encryption. ACM Comput Surv, 2018, 50: 1-33 CrossRef Google Scholar

[125] Acar A, Aksu H, Uluagac A S. A Survey on Homomorphic Encryption Schemes. ACM Comput Surv, 2018, 51: 1-35 CrossRef Google Scholar

[126] Brakerski Z, Vaikuntanathan V. Efficient fully homomorphic encryption from (standard) LWE. In: Proceedings of the 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science, Washington, 2011. 97--106. Google Scholar

[127] Brakerski Z, Gentry C, Vaikuntanathan V. (Leveled) fully homomorphic encryption without bootstrapping. In: Proceedings of the 3rd Innovations in Theoretical Computer Science Conference, Cambridge, 2012. 309--325. Google Scholar

[128] Gentry C, Sahai A, Waters B. Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based. In: Proceedings of the 33rd Annual Cryptology Conference, Santa Barbara, 2013. 75--92. Google Scholar

[129] Brakerski Z. Fully homomorphic encryption without modulus switching from classical GapSVP. In: Proceedings of Advances in Cryptology-crypto 2012, Santa Barbara, 2012. 868--886. Google Scholar

[130] Fan J, Vercauteren F. Somewhat practical fully homomorphic encryption. IACR Cryptology ePrint Archive, 2012, 2012: 144. Google Scholar

[131] Bos J W, Lauter K, Loftus J, et al. Improved security for a ring-based fully homomorphic encryption scheme. In: Proceedings of the 14th IMA International Conference on Cryptography and Coding, Oxford, 2013. 45--64. Google Scholar

[132] Lepoint T, Naehrig M. A comparison of the homomorphic encryption schemes FV and YASHE. In: Proceedings of International Conference on Cryptology in Africa, Marrakesh, 2014. 318--335. Google Scholar

[133] Cheon J H, Kim A, Kim M, et al. Homomorphic encryption for arithmetic of approximate numbers. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security, Hong Kong, 2017. 409--437. Google Scholar

[134] Cheon J H, Han K, Kim A, et al. Bootstrapping for approximate homomorphic encryption. In: Proceedings of the 37th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tel Aviv, 2018. 360--384. Google Scholar

[135] Chor B, Goldreich O, Kushilevitz E, et al. Private information retrieval. In: Proceedings of the 36th Annual Symposium on Foundations of Computer Science, Milwaukee, 1995. 41--50. Google Scholar

[136] Doröz Y, Sunar B, Hammouri G. Bandwidth efficient PIR from NTRU. In: Proceedings of International Conference on Financial Cryptography and Data Security, Barbados, 2014. 195--207. Google Scholar

[137] Popa R A, Redfield C, Zeldovich N, et al. CryptDB: protecting confidentiality with encrypted query processing. In: Proceedings of the 23rd ACM Symposium on Operating Systems Principles, Cascais, 2011. 85--100. Google Scholar

[138] Cheon J H, Kim M, Kim M. Search-and-compute on encrypted data. In: Proceedings of International Conference on Financial Cryptography and Data Security, San Juan, 2015. 142--159. Google Scholar

[139] Li Z P, Ma C G, Zhou H S. Overview on Fully Homomorphic Encryption. J Cryptologic Res, 2017, 4: 561--578. Google Scholar

[140] Yagisawa M. Fully Homomorphic Encryption without bootstrapping. IACR Cryptol ePrint Arch, 2015, 2015: 474. Google Scholar

[141] Liu D X. Practical Fully Homomorphic Encryption without Noise Reduction. IACR Cryptol ePrint Arch, 2015, 2015: 468. Google Scholar

[142] Wang Y G. Notes on two fully homomorphic encryption schemes without bootstrapping. IACR Cryptol ePrint Arch, 2015, 2015: 519. Google Scholar

[143] Qin Z G, Xu J, Nie X Y, et al. A Survey of Public-Key Encryption with Keyword Search. J Cyber Secur, 2017, 2: 1--12. Google Scholar

[144] Song D X, Wagner D, Perrig A. Practical techniques for searches on encrypted data. In: Proceedings of 2000 IEEE Symposium on Security and Privacy, Berkeley, 2000. 44--55. Google Scholar

[145] Goh E-J. Secure indexes. IACR Cryptol ePrint Arch, 2003, 2003: 216. Google Scholar

[146] Curtmola R, Garay J, Kamara S, et al. Searchable symmetric encryption: improved definitions and efficient constructions. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, 2006. 79--88. Google Scholar

[147] van Liesdonk P, Sedghi S, Doumen J, et al. Computationally efficient searchable symmetric encryption. In: Proceedings of Workshop on Secure Data Management, Seattle, 2010. 87--100. Google Scholar

[148] Kamara S, Papamanthou C, Roeder T. Dynamic searchable symmetric encryption. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, Raleigh, 2012. 965--976. Google Scholar

[149] Golle P, Staddon J, Waters B. Secure conjunctive keyword search over encrypted data. In: Proceedings of International Conference on Applied Cryptography and Network Security, Yellow Mountains, 2004. 31--45. Google Scholar

[150] Cao N, Wang C, Li M. Privacy-Preserving Multi-Keyword Ranked Search over Encrypted Cloud Data. IEEE Trans Parallel Distrib Syst, 2014, 25: 222-233 CrossRef Google Scholar

[151] Li J, Wang Q, Wang C, et al. Fuzzy keyword search over encrypted data in cloud computing. In: Proceedings of The 29th Conference on Computer Communications, San Diego, 2010. 1--5. Google Scholar

[152] Chai Q, Gong G. Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers. In: Proceedings of the 2012 IEEE International Conference on Communications, Ottawa, 2012. 917--922. Google Scholar

[153] Boneh D, Di Crescenzo G, Ostrovsky R, et al. Public key encryption with keyword search. In: Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, 2004. 506--522. Google Scholar

[154] Abdalla M, Bellare M, Catalano D, et al. Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions. In: Proceedings of Annual International Cryptology Conference, Santa Barbara, 2005. 205--222. Google Scholar

[155] Xu P, Jin H, Wu Q. Public-Key Encryption with Fuzzy Keyword Search: A Provably Secure Scheme under Keyword Guessing Attack. IEEE Trans Comput, 2013, 62: 2266-2277 CrossRef Google Scholar

[156] Chen R, Mu Y, Yang G. Dual-Server Public-Key Encryption with Keyword Search for Secure Cloud Storage. IEEE TransInformForensic Secur, 2015, : 1-1 CrossRef Google Scholar

[157] Baek J, Safavi-Naini R, Susilo W. Public key encryption with keyword search revisited. In: Proceedings of International conference on Computational Science and Its Applications, Perugia, 2008. 1249--1259. Google Scholar

[158] Zheng Q J, Xu S H, Ateniese G. VABKS: verifiable attribute-based keyword search over outsourced encrypted data. In: Proceedings of the 33rd Annual IEEE International Conference on Computer Communications, Toronto, 2014. 522--530. Google Scholar

[159] Bellare M, Boldyreva A, O'Neill A. Deterministic and efficiently searchable encryption. In: Proceedings of the Annual International Cryptology Conference, Santa Barbara, 2007. 535--552. Google Scholar

[160] Regev O. On lattices, learning with errors, random linear codes, and cryptography. J ACM, 2009, 56: 1-40 CrossRef Google Scholar

[161] Boneh D, Waters B. Conjunctive, subset, and range queries on encrypted data. In: Proceedings of the 4th Theory of Cryptography Conference, Amsterdam, 2007. 535--554. Google Scholar

[162] Agrawal R, Kiernan J, Srikant R, et al. Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, Paris, 2004. 563--574. Google Scholar

[163] Boldyreva A, Chenette N, Lee Y, et al. Order-preserving symmetric encryption. In: Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cologne, 2009. 224--241. Google Scholar

[164] Popa R A, Li F H, Zeldovich N. An ideal-security protocol for order-preserving encoding. In: Proceedings of the 2013 IEEE Symposium on Security and Privacy, San Francisco, 2013. 463--477. Google Scholar

[165] Kerschbaum F. Frequency-hiding order-preserving encryption. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, 2015. 656--667. Google Scholar

[166] Boneh D, Lewi K, Raykova M, et al. Semantically secure order-revealing encryption: multi-input functional encryption without obfuscation. In: Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, 2015. 563--594. Google Scholar

[167] Lewi K, Wu D J. Order-revealing encryption: new constructions, applications, and lower bounds. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, 2016. 1167--1178. Google Scholar

[168] Ning J, Xu J, Liang K. Passive Attacks Against Searchable Encryption. IEEE TransInformForensic Secur, 2019, 14: 789-802 CrossRef Google Scholar

[169] Fu Z, Wu X, Guan C. Toward Efficient Multi-Keyword Fuzzy Search Over Encrypted Outsourced Data With Accuracy Improvement. IEEE TransInformForensic Secur, 2016, 11: 2706-2716 CrossRef Google Scholar

[170] Guo J J, Miao M X, Wang J F. Research and progress of order preserving encryption. J Cryptol Res, 2018, 5: 182--195. Google Scholar

[171] Brightwell M, Smith H. Using datatype-preserving encryption to enhance data warehouse security. In: Proceedings of the 20th National Information Systems Security Conference, Baltimore, 1997. 141--149. Google Scholar

[172] Liu Z L, Jia C F, Li J W. Research on the format-preserving encryption modes. J Commun, 2011, 32: 184--190. Google Scholar

[173] Bellare M, Ristenpart T, Rogaway P, et al. Format-preserving encryption. In: Proceedings of the International Workshop on Selected Areas in Cryptography, Alberta, 2009. 295--312. Google Scholar

[174] Liu Z L, Jia C F, Li J W. J Software, 2012, 23: 152-170 CrossRef Google Scholar

[175] Liu Z L, Jia C F, Li J W, et al. Format-preserving encryption for datetime. In: Proceedings of the 2010 IEEE International Conference on Intelligent Computing and Intelligent Systems, Xiamen, 2010. 201--205. Google Scholar

[176] Cui B J, Zhang B H, Wang K Y. A data masking scheme for sensitive big data based on format-preserving encryption. In: Proceedings of the 2017 IEEE International Conference on Computational Science and Engineering & Embedded and Ubiquitous Computing, Guangzhou, 2017. 518--524. Google Scholar

[177] Biryukov A, Leurent G, Perrin L. Cryptanalysis of Feistel networks with secret round functions. In: Proceedings of the International Conference on Selected Areas in Cryptography, New Brunswick, 2015. 102--121. Google Scholar

[178] Biham E, Biryukov A, Dunkelman O, et al. Initial observations on skipjack: cryptanalysis of skipjack-3XOR. In: Proceedings of the International Workshop on Selected Areas in Cryptography, Kingston, 1998. 362--375. Google Scholar

[179] Bellare M, Hoang V T, Tessaro S. Message-recovery attacks on Feistel-based format preserving encryption. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, 2016. 444--455. Google Scholar

[180] Durak F B, Vaudenay S. Breaking the FF3 format-preserving encryption standard over small domains. In: Proceedings of the Annual International Cryptology Conference, Santa Barbara, 2017. 679--707. Google Scholar

[181] Hoang V T, Tessaro S, Trieu N. The curse of small domains: new attacks on format-preserving encryption. In: Proceedings of the Annual International Cryptology Conference, Santa Barbara, 2018. 221--251. Google Scholar

[182] Naor M, Reingold O. On the Construction of Pseudorandom Permutations: Luby-Rackoff Revisited. J Cryptology, 1999, 12: 29-66 CrossRef Google Scholar

[183] Moniruzzaman A B M, Hossain S A. NoSQL database: New era of databases for big data analytics-classification, characteristics and comparison. 2013,. arXiv Google Scholar

[184] Dworkin M. Recommendation for block cipher modes of operation: methods for formatpreserving encryption. NIST, 2016. Google Scholar

[185] Shin Y, Koo D, Hur J. A survey of secure data deduplication schemes for cloud storage systems. ACM computing surveys, 2017, 49: 74. Google Scholar

[186] Douceur J R, Adya A, Bolosky W J, et al. Reclaiming space from duplicate files in a serverless distributed file system. In: Proceedings of the 22nd International Conference on Distributed Computing Systems, Vienna, 2002. 617--624. Google Scholar

[187] Bellare M, Keelveedhi S, Ristenpart T. Message-locked encryption and secure deduplication. In: Proceedings of the 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Athens, 2013. 296--312. Google Scholar

[188] González-Manzano L, Orfila A. An efficient confidentiality-preserving Proof of Ownership for deduplication. J Network Comput Appl, 2015, 50: 49-59 CrossRef Google Scholar

[189] Xiong J B, Zhang Y Y, Li F H, et al. Research progress on secure data deduplication in cloud. J Commun, 2016, 37: 169--180. Google Scholar

[190] Ateniese G, Burns R, Curtmola R, et al. Provable data possession at untrusted stores. In: Proceedings of the 14th ACM conference on Computer and communications security, Alexandria, 2007. 598--609. Google Scholar

[191] Juels A, Kaliski Jr B S. PORs: proofs of retrievability for large files. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 584--597. Google Scholar

[192] Erway C, Küpcü A, Papamanthou C, et al. Dynamic provable data possession. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, Chicago, 2009. 213--222. Google Scholar

[193] Shen J, Shen J, Chen X. An Efficient Public Auditing Protocol With Novel Dynamic Structure for Cloud Data. IEEE TransInformForensic Secur, 2017, 12: 2402-2415 CrossRef Google Scholar

[194] Wu Y, Jiang Z L, Wang X, et al. Dynamic data operations with deduplication in privacy-preserving public auditing for secure cloud storage. In: Proceedings of the 2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC), Guangzhou, 2017. 562--567. Google Scholar

[195] Wang Q, Wang C, Li J, et al. Enabling public verifiability and data dynamics for storage security in cloud computing. In: Proceedings of the 14th European Symposium on Research in Computer Security, Saint-Malo, 2009. 355--370. Google Scholar

[196] Ren Z, Wang L, Wang Q. Dynamic Proofs of Retrievability for Coded Cloud Storage Systems. IEEE Trans Serv Comput, 2018, 11: 685-698 CrossRef Google Scholar

[197] Tate S R, Vishwanathan R, Everhart L. Multi-user dynamic proofs of data possession using trusted hardware. In: Proceedings of the 3rd ACM Conference on Data and Application Security and Privacy, San Antonio, 2013. 353--364. Google Scholar

[198] Wang B, Chow S S, Li M, et al. Storing shared data on the cloud via security-mediator. In: Proceedings of the 2013 IEEE 33rd International Conference on Distributed Computing Systems Philadelphia, 2013. 124--133. Google Scholar

[199] Wang B, Li B, Li H. Panda: Public Auditing for Shared Data with Efficient User Revocation in the Cloud. IEEE Trans Serv Comput, 2015, 8: 92-106 CrossRef Google Scholar

[200] Jiang T, Chen X, Ma J. Public Integrity Auditing for Shared Dynamic Cloud Data with Group User Revocation. IEEE Trans Comput, 2016, 65: 2363-2373 CrossRef Google Scholar

[201] Wang Z H. Research on several security mechanisms for cloud storage service. Dissertation for Ph.D. Degree. Beijing: Beijing Jiaotong University, 2016. Google Scholar

[202] Zhuo Hao , Sheng Zhong , Nenghai Yu . A Privacy-Preserving Remote Data Integrity Checking Protocol with Data Dynamics and Public Verifiability. IEEE Trans Knowl Data Eng, 2011, 23: 1432-1437 CrossRef Google Scholar

[203] Wang C, Chow S S M, Wang Q. Privacy-Preserving Public Auditing for Secure Cloud Storage. IEEE Trans Comput, 2013, 62: 362-375 CrossRef Google Scholar

[204] Zhu Y, Hu H, Ahn G J. Cooperative Provable Data Possession for Integrity Verification in Multicloud Storage. IEEE Trans Parallel Distrib Syst, 2012, 23: 2231-2244 CrossRef Google Scholar

[205] Yang K, Jia X. An Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud Computing. IEEE Trans Parallel Distrib Syst, 2013, 24: 1717-1726 CrossRef Google Scholar

[206] Wang H. Identity-Based Distributed Provable Data Possession in Multicloud Storage. IEEE Trans Serv Comput, 2015, 8: 328-340 CrossRef Google Scholar

[207] Yu Y, Au M H, Ateniese G. Identity-Based Remote Data Integrity Checking With Perfect Data Privacy Preserving for Cloud Storage. IEEE TransInformForensic Secur, 2017, 12: 767-778 CrossRef Google Scholar

[208] He D, Kumar N, Wang H. Privacy-preserving certificateless provable data possession scheme for big data storage on cloud. Appl Math Computation, 2017, 314: 31-43 CrossRef Google Scholar

[209] Wang Y Z, Wei J P. VIAF: verification-based integrity assurance framework for MapReduce. In: Proceedings of IEEE International Conference on Cloud Computing, 2011. 300-307. Google Scholar

[210] Zhu Y, Wang H X, Hu Z X. Zero-knowledge proofs of retrievability. Sci China Inf Sci, 2011, 54: 1608-1617 CrossRef Google Scholar

[211] Jian Liu , Kun Huang , Hong Rong . Privacy-Preserving Public Auditing for Regenerating-Code-Based Cloud Storage. IEEE TransInformForensic Secur, 2015, 10: 1513-1528 CrossRef Google Scholar

[212] Xiang F, Liu C Y, Fang B X, et al. Novel “rich cloud" based data disaster recovery strategy. J Commun, 2013, 34: 92--101. Google Scholar

[213] Wood T, Cecchet E, Ramakrishnan K K, et al. Disaster recovery as a cloud service: economic benefits & deployment challenges. HotCloud, 2010, 10: 8--15. Google Scholar

[214] Weatherspoon H, Kubiatowicz J D. Erasure coding vs. replication: a quantitative comparison. In: Proceedings of International Workshop on Peer-to-Peer Systems, Cambridge, 2002. 328--337. Google Scholar

[215] Wang Y J, Xu F L, Pei X Q. Research on erasure code-based fault-tolerant technology for distributed storage. Chin J Comput, 2017, 40: 236--255. Google Scholar

[216] Xu J W, Zhang W B, Wang T, et al. A Genetic Algorithm Based Ataptive Strategy for Image Backup of Virtual Machines. Chin J Comput, 2016, 39: 351--363. Google Scholar

[217] Chang V. Towards a Big Data system disaster recovery in a Private Cloud. Ad Hoc Networks, 2015, 35: 65-82 CrossRef Google Scholar

[218] Wood T, Lagar-Cavilla H A, Ramakrishnan K, et al. PipeCloud: using causality to overcome speed-of-light delays in cloud-based disaster recovery. In: Proceedings of the 2nd ACM Symposium on Cloud Computing, Cascais, 2011. 17. Google Scholar

[219] Zhong R M, Liu C Y, Wang C L, et al. Cost-aware data reliability provision algorithm for the cloud providers. J Softw, 2014, 25: 1874--1886. Google Scholar

[220] Yu Gu , Dongsheng Wang , Chuanyi Liu . DR-Cloud: Multi-cloud based disaster recovery service. Tinshhua Sci Technol, 2014, 19: 13-23 CrossRef Google Scholar

[221] Colman-Meixner C, Develder C, Tornatore M. A Survey on Resiliency Techniques in Cloud Computing Infrastructures and Applications. IEEE Commun Surv Tutorials, 2016, 18: 2244-2281 CrossRef Google Scholar

[222] Perez R, Sailer R, van Doorn L. vTPM: virtualizing the trusted platform module. In: Proceedings of the 15th USENIX Security Symposium, Vancouver, 2006. 305--320. Google Scholar

[223] Hua J, Sakurai K. Barrier: a lightweight hypervisor for protecting kernel integrity via memory isolation. In: Proceedings of the 27th Annual ACM Symposium on Applied Computing, Trento, 2012. 1470--1477. Google Scholar

[224] Zhu M, Tu B B, Meng D. The security research of virtualization software stack. Chin J Comput, 2017, 40: 481--504. Google Scholar

[225] Ainapure B S, Shah D, Rao A A. Understanding perception of cache-based side-channel attack on cloud environment. In: Proceedings of Progress in Intelligent Computing Techniques: Theory, Practice, and Applications, 2018. 9--21. Google Scholar

[226] Garfinkel T, Rosenblum M. A virtual machine introspection based architecture for intrusion detection. In: Proceedings of the 2003 Network and Distributed System Security Symposium, San Diego, 2003. 191--206. Google Scholar

[227] Hebbal Y, Laniepce S, Menaud J-M. Virtual machine introspection: techniques and applications. In: Proceedings of the 10th International Conference on Availability, Reliability and Security, Toulouse, 2015. 676--685. Google Scholar

[228] Noshy M, Ibrahim A, Ali H A. Optimization of live virtual machine migration in cloud computing: A survey and future directions. J Network Comput Appl, 2018, 110: 1-10 CrossRef Google Scholar

[229] Li C, Raghunathan A, Jha N K. Secure virtual machine execution under an untrusted management OS. In: Proceedings of the 2010 IEEE 3rd International Conference on Cloud Computing, Miami, 2010. 172--179. Google Scholar

[230] Azab A M, Ning P, Wang Z, et al. HyperSentry: enabling stealthy in-context measurement of hypervisor integrity. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, Chicago, 2010. 38--49. Google Scholar

[231] Szefer J, Keller E, Lee R B, et al. Eliminating the hypervisor attack surface for a more secure cloud. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, Chicago, 2011. 401--412. Google Scholar

[232] Wang J, Stavrou A, Ghosh A. Hypercheck: A hardware-assisted integrity monitor. In: Proceedings of the International Workshop on Recent Advances in Intrusion Detection, Ottawa, 2010. 158--177. Google Scholar

[233] Wang Z, Jiang X X. Hypersafe: A lightweight approach to provide lifetime hypervisor control-flow integrity. In: Proceedings of 2010 IEEE Symposium on Security and Privacy, Berkeley, 2010. 380--395. Google Scholar

[234] Mijumbi R, Serrat J, Gorricho J L. Network Function Virtualization: State-of-the-Art and Research Challenges. IEEE Commun Surv Tutorials, 2016, 18: 236-262 CrossRef Google Scholar

[235] Sezer S, Scott-Hayward S, Chouhan P. Are we ready for SDN? Implementation challenges for software-defined networks. IEEE Commun Mag, 2013, 51: 36-43 CrossRef Google Scholar

[236] Yu Y, Wang Z L, Bi J, et al. Survey on the Languages in the Northbound Interface of Software Defined Networking. J Softw, 2016, 27: 993--1008. Google Scholar

[237] Zaalouk A, Khondoker R, Marx R, et al. Orchsec: an orchestrator-based architecture for enhancing network-security using network monitoring and sdn control functions. In: Proceedings of Network Operations and Management Symposium (NOMS). New York: IEEE, 2014. 1--9. Google Scholar

[238] Tao Wang , Hongchang Chen . SGuard: A lightweight SDN safe-guard architecture for DoS attacks. China Commun, 2017, 14: 113-125 CrossRef Google Scholar

[239] Kreutz D, Ramos F, Verissimo P. Towards secure and dependable software-defined networks. In: Proceedings of Proceedings of the 2nd ACM SIGCOMM Workshop on Hot topics in Software Defined Networking, 2013. 55--60. Google Scholar

[240] Varadharajan V, Karmakar K, Tupakula U. A Policy-Based Security Architecture for Software-Defined Networks. IEEE TransInformForensic Secur, 2019, 14: 897-912 CrossRef Google Scholar

[241] Shin S, Porras P A, Yegneswaran V, et al. FRESCO: modular composable security services for software-defined networks. In: Proceedings of NDSS, 2013. Google Scholar

[242] Han B, Gopalakrishnan V, Ji L. Network function virtualization: Challenges and opportunities for innovations. IEEE Commun Mag, 2015, 53: 90-97 CrossRef Google Scholar

[243] Yang W, Fung C. A survey on security in network functions virtualization. In: Proceedings of NetSoft Conference and Workshops (NetSoft). New York: IEEE, 2016. 15--19. Google Scholar

[244] Gember-Jacobson A, Viswanathan R, Prakash C, et al. OpenNF: enabling innovation in network function control. In: Proceedings of ACM SIGCOMM Computer Communication Review, 2014. 163--174. Google Scholar

[245] Jaeger B. Security orchestrator: introducing a security orchestrator in the context of the etsi nfv reference architecture. In: Proceedings of Trustcom/BigDataSE/ISPA. New York: IEEE, 2015. 1255--1260. Google Scholar

[246] Pattaranantakul M, He R, Song Q. NFV Security Survey: From Use Case Driven Threat Analysis to State-of-the-Art Countermeasures. IEEE Commun Surv Tutorials, 2018, 20: 3330-3368 CrossRef Google Scholar

[247] Daghmehchi Firoozjaei M, Jeong J P, Ko H. Security challenges with network functions virtualization. Future Generation Comput Syst, 2017, 67: 315-324 CrossRef Google Scholar

[248] Wang J, Hao S R, Li Y, et al. Challenges Towards Protecting VNF With SGX. In: Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, Tempe, 2018. 39--42. Google Scholar

[249] Melis L, Asghar H J, de Cristofaro E, et al. Private processing of outsourced network functions: Feasibility and constructions. In: Proceedings of Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, 2016. 39--44. Google Scholar

[250] Bonfim M S, Dias K L, Fernandes S F L. Integrated NFV/SDN Architectures. ACM Comput Surv, 2019, 51: 1-39 CrossRef Google Scholar

[251] Wang M M, Liu J W, Chen J, et al. Software defined networking: security model, threats and mechanism. J Softw, 2016, 27: 969--992. Google Scholar

[252] Rawat D B, Reddy S R. Software Defined Networking Architecture, Security and Energy Efficiency: A Survey. IEEE Commun Surv Tutorials, 2017, 19: 325-346 CrossRef Google Scholar

[253] Feng D G, Chan C. Research on attribute-based cryptography. J Cryptologic Res, 2014, 1: 1--12. Google Scholar

[254] Goyal V, Pandey O, Sahai A, et al. Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of Proceedings of the 13th ACM Conference on Computer and Communications Security, 2006. 89--98. Google Scholar

[255] Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption. In: Proceedings of IEEE Symposium on Security and Privacy, 2007. 321--334. Google Scholar

[256] Fugkeaw S, Sato H. Scalable and secure access control policy update for outsourced big data. Future Generation Comput Syst, 2018, 79: 364-373 CrossRef Google Scholar

[257] Fang L, Yin L H, Guo Y C, et al. A survey of technologies in attribute-based access control scheme. Chin J Comput, 2017, 40: 1680--1698. Google Scholar

[258] Kapadia A, Tsang P P, Smith S W. Attribute-based publishing with hidden credentials and hidden policies. In: Proceedings of the 14th Annual Network & Distributed System Security Symposium, San Diego, 2007. 179--192. Google Scholar

[259] Cui H, Deng R H, Lai J. An efficient and expressive ciphertext-policy attribute-based encryption scheme with partially hidden access structures, revisited. Comput Networks, 2018, 133: 157-165 CrossRef Google Scholar

[260] Wang H, Zheng Z, Wu L. New directly revocable attribute-based encryption scheme and its application in cloud storage environment. Cluster Comput, 2017, 20: 2385-2392 CrossRef Google Scholar

[261] Liu J K, Yuen T H, Zhang P, et al. Time-based direct revocable ciphertext-policy attribute-based encryption with short revocation list. In: Proceedings of the 16th International Conference on Applied Cryptography and Network Security, Leuven, 2018. 516--534. Google Scholar

[262] Pirretti M, Traynor P, McDaniel P, et al. Secure attribute-based systems. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, 2006. 99--112. Google Scholar

[263] Sun W, Yu S, Lou W. Protecting Your Right: Verifiable Attribute-Based Keyword Search with Fine-Grained Owner-Enforced Search Authorization in the Cloud. IEEE Trans Parallel Distrib Syst, 2016, 27: 1187-1198 CrossRef Google Scholar

[264] Sookhak M, Yu F R, Khan M K. Attribute-based data access control in mobile cloud computing: Taxonomy and open issues. Future Generation Comput Syst, 2017, 72: 273-287 CrossRef Google Scholar

[265] Jianting Ning , Xiaolei Dong , Zhenfu Cao . White-Box Traceable Ciphertext-Policy Attribute-Based Encryption Supporting Flexible Attributes. IEEE TransInformForensic Secur, 2015, 10: 1274-1288 CrossRef Google Scholar

[266] Liu Z, Cao Z F, Wong D S. Blackbox traceable CP-ABE: how to catch people leaking their keys by selling decryption devices on eBay. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, Berlin, 2013. 475--486. Google Scholar

[267] Liu Z, Duan S, Zhou P. Traceable-then-revocable ciphertext-policy attribute-based encryption scheme. Future Generation Comput Syst, 2019, 93: 903-913 CrossRef Google Scholar

[268] Zhang K, Li H, Ma J. Efficient large-universe multi-authority ciphertext-policy attribute-based encryption with white-box traceability. Sci China Inf Sci, 2018, 61: 032102 CrossRef Google Scholar

[269] Chase M. Multi-authority attribute based encryption. In: Proceedings of thr 4th Theory of Cryptography Conference, Amsterdam, 2007. 515--534. Google Scholar

[270] Chase M, Chow S S. Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, Chicago, 2009. 121--130. Google Scholar

[271] Li Q, Ma J, Li R. Large universe decentralized key-policy attribute-based encryption. Security Comm Networks, 2015, 8: 501-509 CrossRef Google Scholar

[272] Rouselakis Y, Waters B. Efficient statically-secure large-universe multi-authority attribute-based encryption. In: Proceedings of the 19th International Conference on Financial Cryptography and Data Security, San Juan, 2015. 315--332. Google Scholar

[273] Can Z F, Dong X L, Zhou J, et al. Research advances on big data security and privacy preserving. J Comput Res Develop, 2016, 53: 2137--2151. Google Scholar

[274] P P K, P S K, P.j.a. A. Attribute based encryption in cloud computing: A survey, gap analysis, and future directions. J Network Comput Appl, 2018, 108: 37-52 CrossRef Google Scholar

[275] Kuhlmann M, Shohat D, Schimpf G. Role mining - revealing business roles for security administration using data mining technology. In: Proceedings of Eighth ACM Symposium on Access Control MODELS and Technologies, 2003. 179--186. Google Scholar

[276] Kuhlmann M, Shohat D, Schimpf G. Role mining-revealing business roles for security administration using data mining technology. In: Proceedings of the 8th ACM Symposium on Access Control Models and Technologies, Como, 2003. 179--186. Google Scholar

[277] Molloy I, Park Y, Chari S. Generative models for access control policies: applications to role mining over logs with attribution. In: Proceedings of the 17th ACM Symposium on Access Control Models and Technologies, Newark, 2012. 45--56. Google Scholar

[278] Li H, Zhang M, Feng D G, et al. Research on access control of big data. Chin J Comput, 2017, 40: 72--91. Google Scholar

[279] Molloy I, Li N, Li T, et al. Evaluating role mining algorithms. In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, Stresa, 2009. 95--104. Google Scholar

[280] Vaidya J, Atluri V, Warner J. RoleMiner: mining roles using subset enumeration. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, 2006. 144--153. Google Scholar

[281] Zhang D N, Ramamohanarao K, Ebringer T, et al. Permission set mining: discovering practical and useful roles. In: Proceedings of the 24th Annual Computer Security Applications Conference, Anaheim, 2008. 247--256. Google Scholar

[282] Molloy I, Hong C, Li T C, et al. Mining roles with semantic meanings. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, Estes Park, 2008. 21--30. Google Scholar

[283] Vaidya J, Atluri V, Guo Q. The role mining problem: finding a minimal descriptive set of roles. In: Proceedings of the 12th ACM symposium on Access control models and technologies, Sophia Antipolis, 2007. 175--184. Google Scholar

[284] Zhang D, Ramamohanarao K, Ebringer T. Role engineering using graph optimisation. In: Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, Sophia Antipolis, 2007. 139--144. Google Scholar

[285] Frank M, Streich A P, Basin D A, et al. A probabilistic approach to hybrid role mining. In: Proceedings of the 16th ACM conference on Computer and communications security, Chicago, 2009. 101--111. Google Scholar

[286] Jafarian J H, Takabi H, Touati H, et al. Towards a general framework for optimal role mining: A constraint satisfaction approach. In: Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, Vienna, 2015. 211--220. Google Scholar

[287] Mitra B, Sural S, Vaidya J. A Survey of Role Mining. ACM Comput Surv, 2016, 48: 1-37 CrossRef Google Scholar

[288] Phua T W, Ko R K L. Data provenance for big data security and accountability. In: Encyclopedia of Big Data Technologies. Berlin: Springer, 2018. 1--6. Google Scholar

[289] Buneman P, Khanna S, Tan W C. Why and where: a characterization of data provenance. In: Proceedings of 2001 International Conference on Database Theory, London, 2001. 216--330. Google Scholar

[290] Glavic B. Big data provenance: challenges and implications for benchmarking. In: Proceedings of the 2012 Workshop on Big Data Benchmarks, Pune, 2012. 72--80. Google Scholar

[291] Cheney J, Chong S, Foster N, et al. Provenance: a future history. In: Proceedings of the 24th ACM SIGPLAN Conference Companion on Object Oriented Programming Systems Languages and Applications, Orlando, 2009. 957--964. Google Scholar

[292] Labrinidis A, Jagadish H V. Challenges and opportunities with big data. Proceedings of the VLDB Endowment,2012, 5: 2032-2033. Google Scholar

[293] Moreau L, Clifford B, Freire J. The Open Provenance Model core specification (v1.1). Future Generation Comput Syst, 2011, 27: 743-756 CrossRef Google Scholar

[294] Sahoo S S, Barga R S, Goldstein J, et al. Provenance algebra and materialized view-based provenance management. In: Proceedings of the 2nd International Provenance and Annotation Workshop, Salt Lake City, 2008. 531--540. Google Scholar

[295] Wang J, Crawl D, Purawat S, et al. Big data provenance: challenges, state of the art and opportunities. In: Proceedings of 2015 IEEE International Conference on Big Data, Santa Clara, 2015. 2509--2516. Google Scholar

[296] Gehani A, Kazmi H, Irshad H. Scaling spade to “big provenance". In: Proceedings of the 8th USENIX Conference on Theory and Practice of Provenance, Washington, 2016. 26--33. Google Scholar

[297] Fu X, Gao Y, Luo B. Security Threats to Hadoop: Data Leakage Attacks and Investigation. IEEE Network, 2017, 31: 67-71 CrossRef Google Scholar

[298] Ko R K, Will M A. Progger: an efficient, tamper-evident kernel-space logger for cloud data provenance tracking. In: Proceedings of the IEEE 7th International Conference on Cloud Computing, Anchorage, 2014. 881--889. Google Scholar

[299] Kulkarni D. A provenance model for key-value systems. In: Proceedings of the 5th Workshop on the Theory and Practice of Provenance, Lombard, 2013. 1--4. Google Scholar

[300] Alkhaldi A, Gupta I, Raghavan V, et al. Leveraging metadata in no SQL storage systems. In: Proceedings of the 8th IEEE International Conference on Cloud Computing, New York, 2015. 57--64. Google Scholar

[301] Chacko A M, Fairooz M, Kumar S M. Provenance-aware NoSQL databases. In: Proceedings of the International Symposium on Security in Computing and Communication, Jaipur, 2016. 152--160. Google Scholar

[302] Park H, Ikeda R, Widom J. Ramp: a system for capturing and tracing provenance in mapreduce workflows. Proceedings of the VLDB Endowment, 2011, 4: 1351-1354. Google Scholar

[303] Akoush S, Sohan R, Hopper A. HadoopProv: towards provenance as a first class citizen in MapReduce. In: Proceedings of the 5th USENIX Workshop on the Theory and Practice of Provenance, Lombard, 2013. 1--4. Google Scholar

[304] Zafar F, Khan A, Suhail S. Trustworthy data: A survey, taxonomy and future trends of secure provenance schemes. J Network Comput Appl, 2017, 94: 50-68 CrossRef Google Scholar

[305] Cheney J. A formal framework for provenance security. In: Proceedings of the 24th IEEE Computer Security Foundations Symposium, Cernay-la-Ville, 2011. 281--293. Google Scholar

[306] Braun U, Shinnar A. A Security Model for Provenance. Harvard Computer Science Group Technical Report TR-04-06. 2006. Google Scholar

[307] Cadenhead T, Khadilkar V, Kantarcioglu M, et al. A language for provenance access control. In: Proceedings of the 1st ACM Conference on Data and Application Security and Privacy, San Antonio, 2011. 133--144. Google Scholar

[308] Danger R, Curcin V, Missier P. Access control and view generation for provenance graphs. Future Generation Comput Syst, 2015, 49: 8-27 CrossRef Google Scholar

[309] Liang X, Shetty S, Tosh D, et al. ProvChain: a blockchain-based data provenance architecture in cloud environment with enhanced privacy and availability. In: Proceedings of the 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, Madrid, 2017. 468--477. Google Scholar

[310] Ramachandran A, Kantarcioglu M. SmartProvenance: a distributed, blockchain based data provenance system. In: Proceedings of the 8th ACM Conference on Data and Application Security and Privacy, Tempe, 2018. 35--42. Google Scholar

[311] Muniswamy-Reddy K K, Holland D A, Braun U, et al. Provenance-aware storage systems. In: Proceedings of 2006 USENIX Annual Technical Conference, Boston, 2006. 43--56. Google Scholar

[312] Suen C H, Ko R K L, Yu S T, et al. S2Logger: end-to-end data tracking mechanism for cloud data provenance. In: Proceedings of the 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, Melbourne, 2013. 594--602. Google Scholar

[313] Alabi O, Beckman J, Dark M, et al. Toward a data spillage prevention process in hadoop using data provenance. In: Proceedings of the 2nd Workshop on Changing Landscapes in HPC Security, Portland, 2015. 9--13. Google Scholar

[314] Bates A, Butler K, Dobra A, et al. Retrofitting Applications with Provenance-Based Security Monitoring. 2016,. arXiv Google Scholar

[315] Appelbaum D. Securing Big Data Provenance for Auditors: The Big Data Provenance Black Box as Reliable Evidence. J Emerging Technologies Accounting, 2016, 13: 17-36 CrossRef Google Scholar

[316] Ghoshal D, Plale B. Provenance from log files: a BigData problem. In: Proceedings of the Joint EDBT/ICDT 2013 Workshops, Genoa, 2013. 290--297. Google Scholar

[317] Cuzzocrea A. Provenance research issues and challenges in the big data era. In: Proceedings of the IEEE 39th Annual Computer Software and Applications Conference, Taichung, 2015. 684--686. Google Scholar

[318] Cardenas A A, Manadhata P K, Rajan S P. Big Data Analytics for Security. IEEE Secur Privacy, 2013, 11: 74-76 CrossRef Google Scholar

[319] Zuech R, Khoshgoftaar T M, Wald R. Intrusion detection and Big Heterogeneous Data: a Survey. J Big Data, 2015, 2: 3 CrossRef Google Scholar

[320] Jeong H-D J, Hyun W, Lim J, et al. Anomaly teletraffic intrusion detection systems on hadoop-based platforms: A survey of some problems and solutions. In: Proceedings of the 15th International Conference on Network-Based Information Systems, Melbourne, 2012. 766--770. Google Scholar

[321] Cheon J, Choe T-Y. Distributed processing of snort alert log using hadoop. Int J Eng Tech, 2013, 5: 2685--2690. Google Scholar

[322] Baker M, Turnbull D, Kaszuba G. Finding needles in haystacks (the size of countries). In: Proceedings of Black Hat Europe 2012, Amsterdam, 2012. 1--13. Google Scholar

[323] Rathore M M, Paul A, Ahmad A, et al. Hadoop based real-time intrusion detection for high-speed networks. In: Proceedings of the 2016 IEEE Global Communications Conference, Washington, 2016. 1--6. Google Scholar

[324] Marchal S, Jiang X, State R, et al. A big data architecture for large scale security monitoring. In: Proceedings of the 2014 IEEE International Congress on Big Data, Anchorage, 2014. 56--63. Google Scholar

[325] Giura P, Wang W. Using large scale distributed computing to unveil advanced persistent threats. Sci J, 2012, 1: 93--105. Google Scholar

[326] Bhatt P, Yano E T, Gustavsson P. Towards a framework to detect multi-stage advanced persistent threats attacks. In: Proceedings of the 8th IEEE International Symposium on Service Oriented System Engineering, Oxford, 2014. 390--395. Google Scholar

[327] Sharma P K, Moon S Y, Moon D. DFA-AD: a distributed framework architecture for the detection of advanced persistent threats. Cluster Comput, 2017, 20: 597-609 CrossRef Google Scholar

[328] Hameed S, Ali U. Efficacy of live ddos detection with hadoop. In: Proceedings of 2016 IEEE/IFIP Operations and Management Symposium, Istanbul, 2016. 488--494. Google Scholar

[329] Terzi D S, Terzi R, Sagiroglu S. Big data analytics for network anomaly detection from netflow data. In: Proceedings of International Conference on Computer Science and Engineering, Bangkok, 2017. 592--597. Google Scholar

[330] Francois J, Wang S, Bronzi W, et al. Botcloud: detecting botnets using mapreduce. In: Proceedings of the 2011 IEEE International Workshop on Information Forensics and Security, Iguacu Falls, 2011. 1--6. Google Scholar

[331] Jon-Michael B, Scot F, Dave S, et al. The Treacherous 12: Cloud Computing Top Threats in 2016. Cloud Security Alliance, 2016. Google Scholar

[332] Yang G, Ma J G, Yu A M, et al. Survey of insider threat detection. J Cyber Secur, 2016, 1: 21--36. Google Scholar

[333] Greitzer F, Purl J, Leong Y M, et al. SOFIT: sociotechnical and organizational factors for insider threat. In: Proceedings of 2018 IEEE Security and Privacy Workshops, San Francisco, 2018. 197--206. Google Scholar

[334] Bose B, Avasarala B, Tirthapura S. Detecting Insider Threats Using RADISH: A System for Real-Time Anomaly Detection in Heterogeneous Data Streams. IEEE Syst J, 2017, 11: 471-482 CrossRef ADS Google Scholar

[335] Bilge L, Dumitras T. Before we knew it: an empirical study of zero-day attacks in the real world. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, Raleigh, 2012. 833--844. Google Scholar

[336] Win T Y, Tianfield H, Mair Q. Big Data Based Security Analytics for Protecting Virtualized Infrastructures in Cloud Computing. IEEE Trans Big Data, 2018, 4: 11-25 CrossRef Google Scholar

[337] Ullah F, Ali Babar M. Architectural Tactics for Big Data Cybersecurity Analytics Systems: A Review. J Syst Software, 2019, 151: 81-118 CrossRef Google Scholar

[338] Alguliyev R, Imamverdiyev Y. Big data: big promises for information security. In: Proceedings of the IEEE 8th International Conference on Application of Information and Communication Technologies, Kazakhstan, 2014. 1--4. Google Scholar

Copyright 2020  CHINA SCIENCE PUBLISHING & MEDIA LTD.  中国科技出版传媒股份有限公司  版权所有

京ICP备14028887号-23       京公网安备11010102003388号