Securing data services: A security architecture design for private storage cloud based on HDFS

With the growth of business, an enterprise would like to make its PSC (private storage cloud) approach an infrastructure service in a partner/public cloud. In such PSCs, there are some new data security issues, First, how to keep the data rest in the PSC isolated from internal and external attackers; second, how to make secure intra-cloud data migration within the enterprise; third, how to secure inter-cloud data migrating between the PSC and the partner/public cloud. In this paper, we propose an architecture design for enforcing data security services on the layer of HDFS in the PSC, including secure data isolation service, secure intra-cloud data migration service, and secure inter-cloud data migration service. Finally, it gives the prototype implemented as pluggable security modules in accord with our custom security policies through AOP (Aspect- Oriented Programming) method. The time cost is given and evaluated efficiently. Copyright © 2013 Inderscience Enterprises Ltd.