ArchiveSpace Name Record
Publication Search Results
Now showing 1 - 10 of 46
ItemWrite-Optimized Indexing for Log-Structured Key-Value Stores(Georgia Institute of Technology, 2014) Tang, Yuzhe ; Iyengar, Arun ; Tan, Wei ; Fong, Liana ; Liu, LingThe recent shift towards write-intensive workload on big data (e.g., financial trading, social user-generated data streams) has pushed the proliferation of the log-structured key-value stores, represented by Google’s BigTable, HBase and Cassandra; these systems optimize write performance by adopting a log-structured merge design. While providing key-based access methods based on a Put/Get interface, these key-value stores do not support value-based access methods, which significantly limits their applicability in many web and Internet applications, such as real-time search for all tweets or blogs containing “government shutdown”. In this paper, we present HINDEX, a write-optimized indexing scheme on the log-structured key-value stores. To index intensively updated big data in real time, the index maintenance is made lightweight by a design tailored to the unique characteristic of the underlying log-structured key-value stores. Concretely, HINDEX performs append-only index updates, which avoids the reading of historic data versions, an expensive operation in the log-structure store. To fix the potentially obsolete index entries, HINDEX proposes an offline index repair process through tight coupling with the routine compactions. HINDEX’s system design is generic to the Put/Get interface; we implemented a prototype of HINDEX based on HBase without internal code modification. Our experiments show that the HINDEX offers significant performance advantage for the write-intensive index maintenance.
Item𝜖-PPI: Searching Information Networks with Quantitative Privacy Guarantee(Georgia Institute of Technology, 2014) Tang, Yuzhe ; Liu, Ling ; Iyengar, ArunIn information sharing networks, having a privacy preserving index (or PPI) is critically important for providing efficient search on access controlled content across distributed providers while preserving privacy. An understudied problem for PPI techniques is how to provide controllable privacy preservation, given the innate difference of privacy of the different content and providers. In this paper we present a configurable privacy preserving index, coined 𝜖-PPI, which allows for quantitative privacy protection levels on fine-grained data units. We devise a new common-identity attack that breaks existing PPI’s and propose an identity-mixing protocol against the attack in 𝜖-PPI. The proposed 𝜖-PPI construction protocol is the first without any trusted third party and/or trust relationship between providers. We have implemented our 𝜖-PPI construction protocol by using generic MPC techniques (secure multiparty computation) and optimized the performance to a practical level by minimizing the costly MPC computation part.
ItemAuthentication of Freshness for OutsourcedMulti-Version Key-Value Stores(Georgia Institute of Technology, 2014) Tang, Yuzhe ; Wang, Ting ; Hu, Xin ; Jang, Jiyong ; Liu, Ling ; Pietzuch, PeterData outsourcing offers cost-effective computing power to manage massive data streams and reliable access to data. For example, data owners can forward their data to clouds, and the clouds provide data mirroring, backup, and online access services to end users. However, outsourcing data to untrusted clouds requires data authentication and query integrity to remain in the control of the data owners and users. In this paper, we address this problem specifically for multiversion key-value data that is subject to continuous updates under the constraints of data integrity, data authenticity, and “freshness” (i.e., ensuring that the value returned for a key is the latest version).We detail this problem and propose INCBMTREE, a novel construct delivering freshness and authenticity. Compared to existing work, we provide a solution that offers (i) lightweight signing and verification on massive data update streams for data owners and users (e.g., allowing for small memory footprint and CPU usage on mobile user devices), (ii) integrity of both real-time and historic data, and (iii) support for both real-time and periodic data publication. Extensive benchmark evaluations demonstrate that INCBMTREE achieves more throughput (in an order of magnitude) for data stream authentication than existing work. For data owners and end users that have limited computing power, INCBM-TREE can be a practical solution to authenticate the freshness of outsourced data while reaping the benefits of broadly available cloud services.
ItemCT-T: MedVault-ensuring security and privacy for electronic medical records(Georgia Institute of Technology, 2011-08-31) Blough, Douglas M. ; Liu, Ling ; Sainfort, Francois ; Ahamad, Mustaque
ItemSpatial Alarm Processing and Algorithms(Georgia Institute of Technology, 2011) Doo, Myungcheol ; Liu, LingOne of the most challenging problems in scaling spatial alarm processing is to compute alarm free regions (AFR) such that mobile objects traveling within an AFR can safely hibernate the alarm evaluation process until approaching the nearest alarm of interest. In this paper we argue that maintaining an index of both spatial alarms and empty regions (AFR in the context of spatial alarm processing) is critical for scalable processing of spatial alarms. Unfortunately, conventional spatial indexing methods, such as R-tree family, k-d tree, Quadtree, and Grid, are not well suited to index empty regions. We present Mondrian Tree - a region partitioning tree for indexing both spatial alarms and alarm free regions. We first introduce the Mondrian tree indexing algorithms, including index construction, search, and maintenance. Then we describe a suite of Mondrian tree optimizations to further enhance the performance of spatial alarm processing. Our experimental evaluation shows that the Mondrian tree index outperforms traditional index methods, such as R-tree, Grid, Quadtree, and k-d tree, for spatial alarm processing.
ItemMondrian Tree: Efficient Indexing Structure for Scalable Spatial Triggers Processing over Mobile Environment(Georgia Institute of Technology, 2010) Doo, Myungcheol ; Liu, Ling ; Narasimhan, Nitya ; Vasudevan, VenuSpatial Alarms are reminders for mobile users upon their arrival of certain spatial location of interest. Spatial alarm processing requires meeting two demanding objectives: high accuracy, which ensures zero or very low alarm misses, and high scalability, which requires highly efficient and optimal processing of spatial alarms. Existing techniques for processing spatial alarms cannot solve these two problems at the same time. In this paper we present the design and implementation of a new indexing technique, Mondrian tree. The Mondrian tree indexing method partitions the entire universe of discourse into spatial alarm monitoring regions and alarm-free regions. This enables us to reduce the number of on-demand alarm-free region computations, significant saving of both server load and client to server communication cost. We evaluate the efficiency of the Mondrian tree indexing approach using a road network simulator and show that the Mondrian tree offers significant performance enhancements on spatial alarm processing at both the server side and the client side.
ItemGeoCast: An Efficient Overlay System for Multicast Applications(Georgia Institute of Technology, 2009) Liu, Ling ; Pu, Calton ; Wang, Yuehua ; Zhang, GongIn this paper, we present GeoCast, a geographical location aware overlay network framework designed for providing efficient group communication services. GeoCast can be seen as an extension to the CAN network in the term of topology management and routing protocol. Geocast design has three important properties that attractive to group communication applications. First, it uses geographical mapping of nodes to regions to take advantage of the similarity between physical and network proximity. Second, a shortcut enabled geo-distance routing protocol is employed in GeoCast, which is more resilient than Chord-like or Pastry-like overlay networks due to the availability of multiple independent routing paths. Third and most importantly, a novel routing table management scheme is designed to allow the applications based on that have ability to manage their maintenance overhead in terms of network resource constrains.
ItemMobile Identity Management: Concepts, Issues, and Techniques(Georgia Institute of Technology, 2009) Li, Yun ; Liu, LingThis paper takes a systematic approach to examining the basic concepts, the research issues and the state of art technologies in mobile identity management. We examine the concept of mobile identity and argue that mobile identity should be defined by combining mobile device identity and mobile user identity in a location-aware computing environment. Thus mobile identity management deals with the management of user identity and mobile device identity, as well as the management of the linking of human, devices, and locations in different mobile contexts. Based on this understanding, we review the state of art research on techniques for mobile user identity support, techniques for mobile device identity support, techniques for linking of a human and her mobile devices, and techniques and issues of linking a mobile device and its location. The survey ends with a summary and an outlook of the future research and technology development trends.
ItemA Patient-centric, Attribute-based, Source-verifiable Framework for Health Record Sharing(Georgia Institute of Technology, 2009) Mohan, Apurva ; Bauer, David ; Blough, Douglas M. ; Ahamad, Mustaque ; Bamba, Bhuvan ; Krishnan, Ramkumar ; Liu, Ling ; Mashima, Daisuke ; Palanisamy, BalajiThe storage of health records in electronic format, and the wide-spread sharing of these records among different health care providers, have enormous potential benefits to the U.S. healthcare system. These benefits include both improving the quality of health care delivered to patients and reducing the costs of delivering that care. However, maintaining the security of electronic health record systems and the privacy of the information they contain is paramount to ensure that patients have confidence in the use of such systems. In this paper, we propose a framework for electronic health record sharing that is patient centric, i.e. it provides patients with substantial control over how their information is shared and with whom; provides for verifiability of original sources of health information and the integrity of the data; and permits fine-grained decisions about when data can be shared based on the use of attribute-based techniques for authorization and access control. We present the architecture of the framework, describe a prototype system we have built based on it, and demonstrate its use within a scenario involving emergency responders' access to health record information.
ItemITR/SI: Guarding the next internet frontier: countering denial of information(Georgia Institute of Technology, 2008-12-19) Ahamad, Mustaque ; Omiecinski, Edward ; Pu, Calton ; Mark, Leo ; Liu, Ling