HKE-BC

Big data is one of the most referred key words in recent information and communications technology industry. As the new-generation distributed computing platform, cloud environments offer high efficiency and low cost for data-intensive storage and computation for big data applications. Cloud resources and services are available in pay-as-you-go mode, which brings extraordinary flexibility and cost-effectiveness as well as minimal investments in their own computing infrastructure. However, these advantages come at a pricepeople no longer have direct control over their own data. Based on this view, data security becomes a major concern in the adoption of cloud computing. Authenticated key exchange is essential to a security system that is based on high-efficiency symmetric-key encryptions. With virtualisation technology being applied, existing key exchange schemes such as Internet key exchange become time consuming when directly deployed into cloud computing environment, especially for large-scale tasks that involve intensive user-cloud interactions, such as scheduling and data auditing. In this paper, we propose a novel hierarchical key exchange scheme, namely hierarchical key exchange for big data in cloud, which aims at providing efficient security-aware scheduling and auditing for cloud environments. In this novel key exchange scheme, we developed a two-phase layer-by-layer iterative key exchange strategy to achieve more efficient authenticated key exchange without sacrificing the level of data security. Both theoretical analysis and experimental results demonstrate that when deployed in cloud environments with diverse server layouts, efficiency of the proposed scheme is dramatically superior to its predecessors cloud computing background key exchange and Internet key exchange schemes. Copyright (c) 2014 John Wiley & Sons, Ltd.