During his Ph.D. research, Pavel had developed several prototypes of cloud storage using cryptographic protocols that ensure security, privacy, and fault tolerance. He intends to further revise and enhance these prototypes to accomplish his future research plans. His research offers opportunities to work on building novel security algorithms and fault tolerant solutions for cloud and vehicular networks. Following are the most recent research projects he had worked on.
SecReS: Since data and storage are outsourced to third party service providers, users lose direct control of data management and have to depend solely on the providers who may not always be dependable. This distinctive feature therefore poses numerous security threats and vulnerabilities. To address these issues, we proposed SecReS (Secure and Reliable Storage)– a cloud storage scheme that simultaneously achieves security, reliability, and deduplication. SecReS blends convergent encryption and perfect secret sharing scheme to achieve confidentiality of data and encryption keys. It also achieves fault tolerance by dispersing data to multiple storage servers using Reed-Solomon erasure code. SecReS uses Merkle hash tree to authenticate users by verifying Proof of Ownership (PoW) of data for carrying out secure deduplication.
CP-ABCE: To overcome the inherent limitations of convergent encryption and its vulnerability to several side-channel attacks (e.g., “confirmation-of-a-file” attack and “learn-the-remaining-information” attack), we proposed a storage scheme named CP-ABCE (Ciphertext Policy Attribute-Based Convergent Encryption). It blends convergent encryption with an attribute-based encryption scheme to ensure confidentiality and deduplication. The convergent encryption guarantees that only a single copy of data is stored at the server, and thus reduces the amount of data need to be transferred, stored, and managed by storage provider. In our scheme, users’ keys are specified by a set of attributes while the entity encrypting the data can specify an access control policy over these attributes so that only a specific set of users are able to decrypt.
FaCS: Large-scale cloud datacenters often experience reduced performance and service outage. Due to the inherent complexity, heterogeneity, and multitenant architecture of these datacenters, applications (i.e., jobs and tasks) running on them are susceptible to various types of failures. In this project, we first characterize the application failures in Google cluster trace and then propose a prediction model which can forecast the termination status of a task. Then, we introduce a task scheduler named FaCS (A Fault-tolerant Cloud Scheduler) that dynamically reschedules tasks based on the predicted results. This proactive fault-tolerant scheduler improves system reliability and ensures timely execution of the applications. Simulation results show that FaCS reduces makespan and failure rates of tasks substantially while balancing load at the same time. Moreover, early prediction along with quick scheduling adjustment improves overall resource utilization and reduces resource wastage.
SecReS: Since data and storage are outsourced to third party service providers, users lose direct control of data management and have to depend solely on the providers who may not always be dependable. This distinctive feature therefore poses numerous security threats and vulnerabilities. To address these issues, we proposed SecReS (Secure and Reliable Storage)– a cloud storage scheme that simultaneously achieves security, reliability, and deduplication. SecReS blends convergent encryption and perfect secret sharing scheme to achieve confidentiality of data and encryption keys. It also achieves fault tolerance by dispersing data to multiple storage servers using Reed-Solomon erasure code. SecReS uses Merkle hash tree to authenticate users by verifying Proof of Ownership (PoW) of data for carrying out secure deduplication.
CP-ABCE: To overcome the inherent limitations of convergent encryption and its vulnerability to several side-channel attacks (e.g., “confirmation-of-a-file” attack and “learn-the-remaining-information” attack), we proposed a storage scheme named CP-ABCE (Ciphertext Policy Attribute-Based Convergent Encryption). It blends convergent encryption with an attribute-based encryption scheme to ensure confidentiality and deduplication. The convergent encryption guarantees that only a single copy of data is stored at the server, and thus reduces the amount of data need to be transferred, stored, and managed by storage provider. In our scheme, users’ keys are specified by a set of attributes while the entity encrypting the data can specify an access control policy over these attributes so that only a specific set of users are able to decrypt.
FaCS: Large-scale cloud datacenters often experience reduced performance and service outage. Due to the inherent complexity, heterogeneity, and multitenant architecture of these datacenters, applications (i.e., jobs and tasks) running on them are susceptible to various types of failures. In this project, we first characterize the application failures in Google cluster trace and then propose a prediction model which can forecast the termination status of a task. Then, we introduce a task scheduler named FaCS (A Fault-tolerant Cloud Scheduler) that dynamically reschedules tasks based on the predicted results. This proactive fault-tolerant scheduler improves system reliability and ensures timely execution of the applications. Simulation results show that FaCS reduces makespan and failure rates of tasks substantially while balancing load at the same time. Moreover, early prediction along with quick scheduling adjustment improves overall resource utilization and reduces resource wastage.
Copyright © 2024
Last updated on March 28, 2024
Last updated on March 28, 2024