ENABLING SECURE BIG DATA ANALYTICS IN THE CLOUD

摘要

Methods are provided for enabling secure big data analytics in the cloud. A method includes reading a secure file, by a Secure Distributed File System in a public cloud service provider. The reading step includes computing a hash of a name of the secure file to obtain a hashed file name, finding metadata for the secure file using the hashed file name, retrieving a sharing policy identifier from the metadata, and obtaining authorization from an external entity to decrypt the secure file. The reading step further includes extracting a security key and encrypted data file names from the metadata using the sharing policy identifier, requesting one or more encrypted data files that form the secure file from a node of the public cloud service provider, and at least one of decrypting and reconstructing plaintext data for the secure file from the one or more encrypted data files.

主权项

1. A method, comprising:
reading a secure file, by a Secure Distributed File System in a public cloud service provider having a processor and a memory device, wherein said reading step comprises:
computing a hash of a name of the secure file to obtain a hashed file name;finding metadata for the secure file using the hashed file name;retrieving a sharing policy identifier from the metadata;obtaining authorization from an external entity to decrypt the secure file;extracting a security key and encrypted data file names from the metadata using the sharing policy identifier;requesting one or more encrypted data files that form the secure file from a node of the public cloud service provider; andat least one of decrypting and reconstructing plaintext data for the secure file from the one or more encrypted data files.