ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Configurable security for scavenged storage systems
Full text PdfPdf (413 KB)
Source
Conference on Computer and Communications Security archive
Proceedings of the 4th ACM international workshop on Storage security and survivability table of contents
Alexandria, Virginia, USA
SESSION: Untrusted storage table of contents
Pages 55-62  
Year of Publication: 2008
ISBN:978-1-60558-299-3
Authors
Abdullah Gharaibeh  The University of British Columbia, Vancouver, BC, Canada
Samer Al-Kiswany  The University of British Columbia, Vancouver, BC, Canada
Matei Ripeanu  The University of British Columbia, Vancouver, BC, Canada
Sponsors
ACM: Association for Computing Machinery
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 6,   Downloads (12 Months): 84,   Citation Count: 1
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1456469.1456480
What is a DOI?

ABSTRACT

Scavenged storage systems harness unused disk space from individual workstations the same way idle CPU cycles are harnessed by desktop grid applications like Seti@Home. These systems provide a promising low cost, high-performance storage solution in certain high-end computing scenarios. However, selecting the security level and designing the security mechanisms for such systems is challenging as scavenging idle storage opens the door for security threats absent in traditional storage systems that use dedicated nodes under a single administrative domain. Moreover, increased security often comes at the price of performance and scalability. This paper develops a general threat model for systems that use scavenged storage, presents the design of a protocol that addresses these threats and is optimized for throughput, and evaluates the overheads brought by the new security protocol when configured to provide a number of different security properties.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
John Kubiatowicz , David Bindel , Yan Chen , Steven Czerwinski , Patrick Eaton , Dennis Geels , Ramakrishna Gummadi , Sean Rhea , Hakim Weatherspoon , Chris Wells , Ben Zhao, OceanStore: an architecture for global-scale persistent storage, Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, p.190-201, November 2000, Cambridge, Massachusetts, United States
2
Sanjay Ghemawat , Howard Gobioff , Shun-Tak Leung, The Google file system, Proceedings of the nineteenth ACM symposium on Operating systems principles, October 19-22, 2003, Bolton Landing, NY, USA
 
3
Philip H. Carns , Walter B. Ligon, III , Robert B. Ross , Rajeev Thakur, PVFS: a parallel file system for linux clusters, Proceedings of the 4th annual Linux Showcase & Conference, p.28-28, October 10-14, 2000, Atlanta, Georgia
 
4
Samer Al-Kiswany , Matei Ripeanu , Sudharshan S. Vazhkudai , Abdullah Gharaibeh, stdchk: A Checkpoint Storage System for Desktop Grid Computing, Proceedings of the 2008 The 28th International Conference on Distributed Computing Systems, p.613-624, June 17-20, 2008  [doi>10.1109/ICDCS.2008.19]
 
5
Lustre, http://www.lustre.org/. 2007.
 
6
Sage A. Weil , Scott A. Brandt , Ethan L. Miller , Darrell D. E. Long , Carlos Maltzahn, Ceph: a scalable, high-performance distributed file system, Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation, p.22-22, November 06-08, 2006, Seattle, WA
7
Sudharshan S. Vazhkudai , Xiaosong Ma , Vincent W. Freeh , Jonathan W. Strickland , Nandan Tammineedi , Tyler Simon , Stephen L. Scott, Constructing collaborative desktop storage caches for large scientific datasets, ACM Transactions on Storage (TOS), v.2 n.3, p.221-254, August 2006  [doi>10.1145/1168910.1168911]
8
William J. Bolosky , John R. Douceur , David Ely , Marvin Theimer, Feasibility of a serverless distributed file system deployed on an existing set of desktop PCs, Proceedings of the 2000 ACM SIGMETRICS international conference on Measurement and modeling of computer systems, p.34-43, June 18-21, 2000, Santa Clara, California, United States
9
Avishay Traeger , Kumar Thangavelu , Erez Zadok, Round-trip privacy with nfsv4, Proceedings of the 2007 ACM workshop on Storage security and survivability, October 29-29, 2007, Alexandria, Virginia, USA  [doi>10.1145/1314313.1314315]
 
10
Mahesh Kallahalla , Erik Riedel , Ram Swaminathan , Qian Wang , Kevin Fu, Plutus: Scalable Secure File Sharing on Untrusted Storage, Proceedings of the 2nd USENIX Conference on File and Storage Technologies, March 31-31, 2003, San Francisco, CA
 
11
Ts'o, C.N.a.T., Kerberos: an authentication service for computer networks. IEEE Communications Magazine, 1994. 32(9): p. 33--38.
 
12
FUSE, Filesystem in Userspace, http://fuse.sourceforge.net/. 2007.
 
13
The GNU Generic Security Services Library: http://www.gnu.org/software/gss/manual/. 2008.
 
14
Randy Butler , Von Welch , Douglas Engert , Ian Foster , Steven Tuecke , John Volmer , Carl Kesselman, A National-Scale Authentication Infrastructure, Computer, v.33 n.12, p.60-66, December 2000  [doi>10.1109/2.889094]
 
15
Foster, I. and C. Kesselman, Globus: A Metacomputing Infrastructure Toolkit. International Journal of Supercomputer Applications, 1997. 11(2): p. 115--128.
 
16
L. Pearlman , V. Welch , I. Foster , C. Kesselman , S. Tuecke, A Community Authorization Service for Group Collaboration, Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02), p.50, June 05-07, 2002
17
David K. Gifford , Pierre Jouvelot , Mark A. Sheldon , James W. O'Toole, Jr., Semantic file systems, Proceedings of the thirteenth ACM symposium on Operating systems principles, p.16-25, October 13-16, 1991, Pacific Grove, California, United States
 
18
Gobioff, H. B., Security for a High Performance Commodity Storage Subsystem. 1999, Carnegie Mellon University.
19
Andrew W. Leung , Ethan L. Miller, Scalable security for large, high performance storage systems, Proceedings of the second ACM workshop on Storage security and survivability, October 30-30, 2006, Alexandria, Virginia, USA  [doi>10.1145/1179559.1179565]

CITED BY
Abdullah Gharaibeh , Matei Ripeanu, Exploring data reliability tradeoffs in replicated storage systems, Proceedings of the 18th ACM international symposium on High performance distributed computing, June 11-13, 2009, Garching, Germany

INDEX TERMS

Primary Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.3 File Systems Management
          Subjects: Distributed file systems

Additional Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection


General Terms:
Design, Experimentation, Performance, Security


Keywords:
performance evaluation, secure storage systems

Collaborative Colleagues:
Abdullah Gharaibeh: colleagues
Samer Al-Kiswany: colleagues
Matei Ripeanu: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player