Journal of Information Processing Systems

  • 제18권6호
  • /
  • Pages.741-754
  • /
  • 2022
  • /
  • 1976-913X(pISSN)
  • /
  • 2092-805X(eISSN)
한국정보처리학회 (Korea Information Processing Society)
권호 표지
DOI QR코드

DOI QR Code

PBFT Blockchain-Based OpenStack Identity Service

  • 투고 : 2021.10.08
  • 심사 : 2021.12.19
  • 발행 : 2022.12.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

Openstack is widely used as a representative open-source infrastructure of the service (IaaS) platform. The Openstack Identity Service is a centralized approach component based on the token including the Memcached for cache, which is the in-memory key-value store. Token validation requests are concentrated on the centralized server as the number of differently encrypted tokens increases. This paper proposes the practical Byzantine fault tolerance (PBFT) blockchain-based Openstack Identity Service, which can improve the performance efficiency and reduce security vulnerabilities through a PBFT blockchain framework-based decentralized approach. The experiment conducted by using the Apache JMeter demonstrated that latency was improved by more than 33.99% and 72.57% in the PBFT blockchain-based Openstack Identity Service, compared to the Openstack Identity Service, for 500 and 1,000 differently encrypted tokens, respectively.

키워드

과제정보

This research was supported by the MSIT (Ministry of Science and ICT) of South Korea under the Innovative Human Resource Development for the Local Intellectualization Support Program (No. IITP2022-RS-2022-00156360) supervised by the IITP (Institute for Information & Communications Technology Planning & Evaluation).

참고문헌

  1. W. K. Sze, A. Srivastava, and R. Sekar, "Hardening openstack cloud platforms against compute node compromises," in Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, Xi'an, China, 2016, pp. 341-352.
  2. T. Rosado and J. Bernardino, "An overview of openstack architecture," in Proceedings of the 18th International Database Engineering & Applications Symposium, Porto, Portugal, 2014, pp. 366-367.
  3. K. Jackson, Openstack Cloud Computing Cookbook, 2nd ed. Birmingham, AL: Packet Publishing Ltd., 2013.
  4. A. Beloglazov, S. F. Piraghaj, M. Alrokayan, and R. Buyya, "Deploying OpenStack on CentOS using the KVM hypervisor and GlusterFS distributed file system," Cloud Computing and Distributed Systems Laboratory, University of Melbourne, Technical Report CLOUDS-TR-2012-3, 2012.
  5. K. Hogan, H. Maleki, R. Rahaeimehr, R. Canetti, M. van Dijk, J. Hennessey, M. Varia, and H. Zhang, "On the universally composable security of Openstack," 2018 [Online]. Available: https://eprint.iacr.org/2018/602.pdf.
  6. OpenStack, "Setting up keystone," [Online]. https://docs.Openstack.org/keystone/pike/contributor/set-upkeystone.html.
  7. J. Jose, H. Subramoni, M. Luo, M. Zhang, J. Huang, M. Wasi-ur-Rahman, et al, "Memcached design on high performance RDMA capable interconnects," in Proceedings of 2011 International Conference on Parallel Processing, Taipei, Taiwan, 2011, pp. 743-752.
  8. "Memcached: overview," 2020 [Online]. Available: https://github.com/memcached/memcached/wiki/Overview (accessed on 10 Sept 2020).
  9. A. K. Gupta and K. Ostner, "Database backup system using data and user-defined routines replicators for maintaining a copy of database on a secondary server," U.S. Patent 7383293, Jun 3, 2008.
  10. P. De Filippi, "The interplay between decentralization and privacy: the case of blockchain technologies," Journal of Peer Production, 2016 [Online]. https://ssrn.com/abstract=2852689.
  11. N. Tapas, G. Merlino, and F. Longo, "Blockchain-based IoT-cloud authorization and delegation," in Proceedings of 2018 IEEE International Conference on Smart Computing (SMARTCOMP), Taormina, Italy, 2018, pp. 411-416.
  12. P. Ganguly, "Selecting the right IoT cloud platform," in Proceedings of 2016 International Conference on Internet of Things and Applications (IOTA), Pune, India, 2016, pp. 316-320.
  13. F. Buccafurri, G. Lax, A. Russo, and G. Zunino, "Integrating digital identity and blockchain," in On the Move to Meaningful Internet Systems (OTM 2018 Conferences). Cham, Switzerland: Springer, 2018, pp. 568-585.
  14. X. Xu, I. Weber, M. Staples, L. Zhu, J. Bosch, L. Bass, C. Pautasso, and P. Rimba, "A taxonomy of blockchain-based systems for architecture design," in Proceedings of 2017 IEEE international conference on software architecture (ICSA), Gothenburg, Sweden, 2017, pp. 243-252.
  15. Z. Zheng, S. Xie, H. Dai, X. Chen, and H. Wang, "An overview of blockchain technology: architecture, consensus, and future trends," in Proceedings of 2017 IEEE International Congress on Big Data (BigData Congress), Honolulu, HI, 2017, pp. 557-564.
  16. M. Castro and B. Liskov, "Practical byzantine fault tolerance," in Proceedings of the Third USENIX Symposium on Operating Systems Design and Implementation (OSDI), New Orleans, LA, 1999, pp. 173-186.
  17. M. Castro and B. Liskov, "Practical Byzantine fault tolerance and proactive recovery," ACM Transactions on Computer Systems, vol. 20, no. 4, pp. 398-461, 2002. https://doi.org/10.1145/571637.571640
  18. S. Duan, M. K. Reiter, and H. Zhang, "BEAT: asynchronous BFT made practical," in Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, Toronto, Canada, 2018, pp. 2028-2041.
  19. Y. Kim and J. Park, "Hybrid decentralized PBFT blockchain framework for OpenStack message queue," Human-centric Computing and Information Sciences, vol. 10, article no. 31, 2020. https://doi.org/10.1186/s13673-020-00238-6
  20. OpenStack, "OpenStack API documentation v3," 2021 [Online]. Available: https://developer.Openstack.org/api-ref/identity/v3/#authentication-and-Token-management.
  21. F. Yang, K. Dou, S. Chen, M. Hou, J. U. Kang, and S. Cho, "Optimizing NoSQL DB on flash: a case study of RocksDB," in Proceedings of 2015 IEEE 12th Intl Conf on Ubiquitous Intelligence and Computing and 2015 IEEE 12th Intl Conf on Autonomic and Trusted Computing and 2015 IEEE 15th Intl Conf on Scalable Computing and Communications and Its Associated Workshops (UIC-ATC-ScalCom), Beijing, China, 2015, pp. 1062-1069.
  22. The Go programming language [Online]. Available: https://golang.org.
  23. C. Cachin, "Architecture of the Hyperledger blockchain fabric," 2016 [Online]. https://www.zurich.ibm.com/dccl/papers/cachin_dccl.pdf.
  24. H. Sukhwani, J. M. Martinez, X. Chang, K. S. Trivedi, and A. Rindos, "Performance modeling of PBFT consensus process for permissioned blockchain network (Hyperledger Fabric)," in Proceedings of 2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS), Hong Kong, China, 2017, pp. 253-255.
  25. HAProxy: a reliable, high performance TCP/HTTP load balancer [Online]. Available: http://www.haproxy.org
  26. OpenStack, "Configuring stateless services," 2021 [Online]. Available: https://docs.Openstack.org/ha-guide/control-plane-stateless.html#api-services.
  27. Y. Jing, Z. Lan, W. Hongyuan, S. Yuqiang, and C. Guizhen, "JMeter-based aging simulation of computing system," in Proceedings of 2010 International Conference on Computer, Mechatronics, Control and Electronic Engineering, Changchun, China, 2010, pp. 282-285.
  28. T. Faber, J. Touch, and W. Yue, "The TIME-WAIT state in TCP and its effect on busy servers," in Proceedings of IEEE Conference on Computer Communications (INFORCOM) and the 18th Annual Joint Conference of the IEEE Computer and Communications Societies: The Future is Now, New York, NY, 1999, pp. 1573-1583.