一种异构分布式存储再生码变换原理

再生码是一类分布式存储编码,由于在节点存储和修复带宽两方面均有效而被广泛研究。基于乘积矩阵(PM)理论的最小存储再生(PM-MSR)码是一类同构分布式存储再生码,具有最小的节点存储。提出一种再生码变换原理,能够根据PM-MSR码产生新的再生码,新的再生码用于异构分布式存储系统。严格证明了新再生码结构的数据重构和数据修复性质,并提供了编码实例。新的再生码与PM-MSR码具有相同的存储消耗和带宽消耗,但新的再生码具有更小的平均节点故障率,这对实际应用具有吸引力。     

分布式存储系统中容错技术综述

互联网、5G及其相关产业的飞速发展使我们迈入了大数据时代,存储海量数据将面临着巨大挑战。大规模分布式存储系统以其海量存储能力、高吞吐量、高可用性和低成本的突出优势取代了集中式存储系统成为主流系统。由于分布式存储系统中节点数量庞大,经常会产生各种类型故障,从而导致节点失效情况频发。因此,必须采用容错技术来保证在部分存储节点失效的情况下,数据仍然能够被正常读取和下载,具有容错能力且节约存储资源的分布式存储编码成为大数据时代重点研究的核心技术之一。讨论了大数据背景下存储与可靠性的问题,从而引出数据容错对分布式存储的重要性。阐述了传统的2种数据存储容错技术,即多副本机制和MDS码。重点分析了3种主要的分布式存储编码,即再生码(RGC)、局部可修复码(LRC)和Piggybacking编码的基本原理、优缺点以及发展现状。总结对比了这5种数据容错技术的性能差异。面向数据的容错存储,针对存储中的节点修复问题,为大数据和移动数据的分布式存储编码提供理论基础,为海量数据的高效、可靠存储提供技术支撑。     

基于极化码的无协商密钥物理层安全传输方案

针对现有的密钥生成方案需要在通信流程中增加额外的密钥协商协议，导致在5G等标准通信系统中应用受限的问题，该文提出一种基于极化码的无协商密钥物理层安全传输方案。首先基于信道特征提取未协商的物理层密钥，然后针对物理信道与密钥加密信道共同构成的等效信道设计极化码，最后利用未协商的物理层密钥对编码后的序列进行简单的模二加加密后传输。该方案通过针对性设计的极化码纠正密钥差异和噪声引起的比特错误，实现可靠的安全传输。仿真表明，该文基于等效信道设计的极化码在保证合法双方以最优的码率可靠传输的同时可以防止窃听者窃听，实现了安全与通信的一体化。     

基于再生码的云存储系统——Ustor

摘 要：Ustor是一个构建在多个商业云存储服务之上的云存储系统,它旨在保证数据可靠性的同时减少单点失效时占用的修复带宽。不同于将所有数据存储在单个云中,Ustor将数据编码后分布在多个云存储系统中保证可靠性。Ustor的编码模块部署了包括Reed-Solomon码和功能性修复再生码（FRC）在内的多种纠删码,是第一个将功能性修复再生码应用于多个异构的、真实的云存储系统中的应用。与传统的冗余编码比较,FRC显著地减少了单个云存储发生数据丢失时需要从网络上传输的数据量。实验表明：与不编码比较,冗余编码给系统增加了5%~10%的响应时间开销,但可保障节点失效;FRC码编、解码和修复速度与Reed-Solomon码基本相当,256 MB大小文件编码时间差距在0.5 s以内;FRC码修复时与传统的Reed-Solomon码相比减少了25%以上需要下载的数据量。     

基于差集矩阵的部分重复码构造

针对最小带宽再生码的有效修复问题,该文提出一种基于差集矩阵的部分重复(FR)码的构造算法。利用差集矩阵和克罗内克(Kronecker)和来构造正交排列,根据正交排列每一列取相同元素所在行作为节点的编码块,得到相应的FR码。构造的FR码可以划分成多个平行类,同时还能调整数据块的重复度和节点的存储容量。仿真结果表明,与传统的里德-所罗门(RS)码和简单再生码(SRC)相比,构造的FR码在修复复杂度、修复带宽开销和修复局部性方面具有更好的性能,修复选择度上虽然是基于表格的修复方案,但选择度依旧可以达到很高。     

异构分布式存储系统中部分重复码的构造

部分重复(FR)码因对故障节点提供精确无编码修复,能够提高分布式存储系统的修复效率和可靠性。异构分布式存储系统中FR码的构造更接近于存储数据的实际应用,即每个节点的存储容量和数据块的重复度不同。考虑到用户访问数据的不均衡性,基于数据热度不同重复度不同的思想,文章提出了基于循环置换矩阵(CPMs)与映射置换矩阵(APMs)的异构分布式存储系统中部分重复码的构造。性能分析表明,异构分布式存储系统中的部分重复码可实现存储系统中故障节点的快速修复,具有较低的修复局部性;相对于RS编码以及简单再生码,部分重复码具有更优的修复带宽开销和修复复杂度。     

数据中心中路由编码的可行性研究

修复带宽最优并不代表修复通信量也是最优的,后者与物理网络拓扑有着密切联系.本文基于路由编码的思想减少修复通信量.首先,基于信息流图对物理网络中数据的传递过程进行建模,证明得出了满足路由编码可行的充要条件,并发现路由编码可以基于再生码实现.然后,针对数据中心网络设计的特点,为Fat-tree设计了一个工作在应用层的协议来生成修复树,为CamCube设计了一个启发式算法来生成修复树.关于最小存储再生码的数据修复过程的仿真实验表明,路由编码可以有效地降低修复通信量,2种修复树生成方案在各自适合的网络中均有较好性能：在帮助节点数较小时,Fat-tree和CamCube中的修复通信量分别降低了大约50%和30%.     

防窃听和污染攻击的安全网络编码

搭线窃听和污染攻击是安全攻击中的2种重要手段。研究表明,网络编码自身的数据融合特性能够达到一定的安全传输效果。针对污染攻击和搭线窃听攻击,在此提出一种能够防御全能窃听和污染攻击的安全网络编码。在攻击者具有全能窃听能力以及污染部分链路,该方案通过对传输的信息进行哈希达到了防污染攻击的效果,对全局编码向量进行加密实现了防污染攻击,该方案适用于攻击者窃听能力较强并且具有污染攻击威胁的网络中。分析结果表明,该方案是有效的。     

两类极小二元线性码的构造

线性码在数据存储、信息安全以及秘密共享等领域具有重要的作用。而极小线性码是设计秘密共享方案的首选码,设计极小线性码是当前密码与编码研究的重要内容之一。该文首先选取恰当的布尔函数,研究了函数的Walsh谱值分布,并利用布尔函数的Walsh谱值分布构造了两类极小线性码,确定了码的参数及重量分布。结果表明,所构造的码是不满足Ashikhmin-Barg条件的极小线性码,可用作设计具有良好访问结构的秘密共享方案。     

中继网络中不准确信道状态信息下抗多窃听者的物理层安全方案

该文研究存在多个相互勾结的单天线窃听者的多中继传输系统中,采用零空间人工噪声和放大转发的中继波束赋形的物理层安全传输方案。在中继窃听端的信道状态信息不准确的情况下,基于半定规划理论,对中继的波束赋形加权矩阵和人工噪声协方差矩阵进行联合优化,有效减少相互勾结的多个窃听者所获得的信息量,显著提高系统保密容量,是一种具有良好鲁棒性的物理层安全传输方案。仿真结果显示方案具有良好的性能。     

面向物理层安全的一种打孔极化编码方法

为了解决物理层安全编码中安全性和可靠性之间的矛盾和提高保密速率,该文提出一种基于打孔极化码的安全编码方法。根据信道极化理论,该方法将私密信息位映射到合法者正常接收而窃听者无法译码的特定逻辑信道输入位,保证私密信息可靠且安全传输。然后,通过分析极化码的校验关系树,利用3个参数表征输出节点对私密信息位的影响,再按照影响程度大小确定打孔位置。理论分析与仿真结果表明,该方法保证私密信息传输安全性和可靠性的同时,提高了私密信息传输的有效性。     

A secure channel code‐based scheme for privacy preserving data aggregation in wireless sensor networks

Data aggregation is an efficient method to reduce the energy consumption in wireless sensor networks (WSNs). However, data aggregation schemes pose challenges in ensuring data privacy in WSN because traditional encryption schemes cannot support data aggregation. Homomorphic encryption schemes are promising techniques to provide end to end data privacy in WSN. Data reliability is another main issue in WSN due to the errors introduced by communication channels. In this paper, a symmetric additive homomorphic encryption scheme based on Rao‐Nam scheme is proposed to provide data confidentiality during aggregation in WSN. This scheme also possess the capability to correct errors present in the aggregated data. The required security levels can be achieved in the proposed scheme through channel decoding problem by embedding security in encoding matrix and error vector. The error vectors are carefully designed so that the randomness properties are preserved while homomorphically combining the data from different sensor nodes. Extensive cryptanalysis shows that the proposed scheme is secure against all attacks reported against private‐key encryption schemes based on error correcting codes. The performance of the encryption scheme is compared with the related schemes, and the results show that the proposed encryption scheme outperforms the existing schemes.     

Optimal Heterogeneous Distributed Storage Regenerating Code at Minimum Remote‐Repair Bandwidth Regenerating Point

Recently, a product‐matrix (PM) framework was proposed to construct optimal regenerating codes for homogeneous distributed storage systems (DSSs). In this paper, we propose an extended PM (EPM) framework for coding of heterogeneous DSSs having different repair bandwidths but identical storage capacities. Based on the EPM framework, an explicit construction of minimum remote‐repair bandwidth regenerating (MRBR) codes is presented for a specific heterogeneous DSS, where two geographically different datacenters with associated storage nodes are deployed. The data reconstruction and regeneration properties of the MRBR code are proved strictly. For the purpose of demonstration, an example implementation of MRBR code is provided. The presented MRBR code is the first optimal strict‐regenerating code for heterogeneous DSSs. In addition, our proposed EPM framework can be applied to homogeneous systems also.     

RS regenerating codes for cloud storage fault-tolerant system

RS(Reed-Solomon) regenerating erasure codes was proposed for cloud storage fault-tolerant system,which not only inherited the reliability of the RS encoding,but also achieved the high efficiency of tolerance three faults.Hybrid recovery method of the single fault node based on RS regenerating erasure codes was introduced.And the theoretical lower bound of the number of accessing disks was computed.In theory,the performance evaluation of the storage overhead,decoding efficiency,and repair bandwidth of the RS regenerating erasure codes was carried out.Experiments results show that the repair performance of RS regenerating erasure codes is improved greatly than the similar erasure codes,and the total recovery time of the system is reduced by 20.8%~28.2% using hybrid recovery algorithm in the case of single fault.     

Relay Selection for Secure Cooperative Networks with Jamming

This paper deals with relay selection in cooperative networks with secrecy constraints. The proposed scheme enables an opportunistic selection of two relay nodes to increase security against eavesdroppers. The first relay operates as a conventional mode and assists a source to deliver its data to a destination via a decode-and-forward strategy. The second relay is used in order to create intentional interference at the eavesdropper nodes. The proposed selection technique jointly protects the primary destination against interference and eavesdropping and jams the reception of the eavesdropper. The new approach is analyzed for different complexity requirements based on instantaneous and average knowledge of the eavesdropper channels. In addition an investigation of an hybrid security scheme which switches between jamming and non-jamming protection is discussed in the paper. It is proven that an appropriate application of these two modes further improves security. The enhancements of the proposed selection techniques are demonstrated analytically and with simulation results.     

Design of exact regenerating hierarchical code for distributed storage system

Erasure code is widely used as the redundancy scheme in distributed storage system. When a storage node fails, the repair process often requires to transfer a large amount of data. Regenerating code and hierarchical code are two classes of codes proposed to reduce the repair bandwidth cost. Regenerating codes reduce the amount of data transferred by each helping node, while hierarchical codes reduce the number of nodes participating in the repair process. In this paper, we propose a "sub-code nesting framework" to combine them together. The resulting regenerating hierarchical code has low repair degree as hierarchical code and lower repair cost than hierarchical code. Our code can achieve exact regeneration of the failed node, and has the additional property of low updating complexity.     

高斯窃听信道中删余Polar码的设计方法研究

本文针对高斯窃听信道模型下的物理层安全问题,提出一种基于删余Polar码的、拥有编码比特的可信度计算的物理层安全编码方案。方案考虑到信道噪声对译码结果的影响,通过Bhattacharyya参数评估各信息比特的恢复差错概率,并将这恢复差错概率应用于编码比特的可信度计算。理论证明所提出的方案可使窃听者保持较高误码率,同时合法用户在高于自身信噪比门限时保证较低误码率。数值仿真结果表明所提出的安全编码方案能够有效地减小安全间隙。当窃听信道质量比合法信道质量稍差时窃听者误码率能迅速逼近0.5,而合法信道的误码率能够降到10-5以下,大大地降低了Bob和Eve间的安全间隙。      

A secure regenerating code‐based cloud storage with efficient integrity verification

Cloud storage is gaining popularity as it relieves the data owners from the burden of data storage and maintenance cost. However, outsourcing data to third‐party cloud servers raise several concerns such as data availability, confidentiality, and integrity. Recently, regenerating codes have gained popularity because of their low repair bandwidth while ensuring data availability. In this paper, we propose a secure regenerating code‐based cloud storage (SRCCS) scheme, which utilizes the verifiable computation property of homomorphic encryption scheme to check the integrity of outsourced data. In this work, an error‐correcting code (ECC)–based homomorphic encryption scheme (HES) is employed to simultaneously provide data privacy as well as error correction while supporting efficient integrity verification. In SRCCS, server regeneration process is initiated on detection of data corruption events in order to ensure data availability. The ECC‐based HES significantly reduces the probability of server regeneration and minimizes the repair cost. Extensive theoretical analysis and simulation results validate the security, efficiency, and practicability of the proposed scheme.