Eavesdropping prevention for network coding encrypted cloud storage systems

Network coding is an important cloud storage technique, which can recover data with small repair bandwidth and high reliability compared to the existing erasure coding and replication methods. However, regardless of which data recovery technique is used, the repaired data in a geographically distributed cloud storage system are easy to be eavesdropped at the transmission link between the local datacenter and its remote backup site. This kind of network security issue is called link eavesdropping in this paper. For a network coded cloud storage system, we propose a systematic design methodology to determine the important data recovery system parameters for any specified security level. Through analysis, we present the performance curves to relate the remote repair bandwidth and the number of coded data fragments. Consequently, all the important system parameters of a network coded data recovery system, including the number of storage nodes and the link capacity between the datacenter and the backup site, can be precisely designed for satisfying different security level requirements.