Secure File and Storage Systems

Description

We are investigating the use of strong authentication, encryption, and other mechanisms to safeguard data stored in network-attached storage systems and long-term archival storage systems. Adding security to large storage systems presents a serious challenge to scalability that we are addressing with the use of aggregate capabilities. We are also exploring protocols to verify remote storage and formal verification of secure network-attached storage.

Status

We have designed and implemented Horus, a system that offers fine-grained encryption-based security for large-scale storage. Horus encrypts large datasets using keyed hash trees (KHT) to generate different keys for each region of the dataset, providing fine-grained security. KHT also reduces key management and distribution overhead. The design of Horus provides end-to-end data encryption and can reduce the need to trust system operators or cloud service providers. Performance evaluation shows that our prototype’s key distribution is highly scalable and robust. There is a preliminary version of the library available for download.

We have integrated security into Ceph. Our approach to security in Ceph allows secure access by hundreds of thousands of clients to a single file spread across tens of thousands of object-based storage devices without taxing the metadata servers or any other part of the system. The prototype implementation we developed imposes only a 6–7% overhead on a metadata-heavy workload involving file opens spread across hundreds of clients. Building on this approach, we are investigating scalable encryption and limiting the effects of compromised computation nodes. We next plan to investigate the potential for including other strong security measures in Ceph.

We are investigating a system that integrates the seemingly incompatible features of encryption and deduplication. Combining the two can allow for efficient storage of data under arbitrary classification. However, difficult issues arise in combining these features, such as safe data destruction and privacy preservation in the face of network analysis.

In our work on indexing, we are investigating making search both faster and more secure. We use index partitioning schemes based on file system security metadata. By creating partitions where users can see either every file or no files at all, we can prevent statistical attacks made possible in indexing systems that ignore security restrictions. In addition, the number of indexes we need to search is proportional to the number of files the searcher can see, making search more efficient. The indexing and HECURA pages have more information on the application of security and partitioning to large-scale file systems.

We are also implementing a secure long-term archival storage system, POTSHARDS, that does not rely on encryption, instead using secret splitting and approximate pointers to keep data hidden. The archival storage project page has more details on POTSHARDS.

Publications

2013

• Yan Li, Nakul Dhotre, Yasuhiro Ohara, Thomas Kroeger, Ethan L. Miller, Darrell D. E. Long, Horus: Fine-Grained Encryption-Based Security for Large-Scale Storage, Proceedings of the 11th Conference on File and Storage Systems (FAST 2013), February 2013.
• James Plank, Kevin Greenan, Ethan L. Miller, Screaming Fast Galois Field Arithmetic Using Intel SIMD Extensions, Proceedings of the 11th Conference on File and Storage Systems (FAST 2013), February 2013.

2011

• Ranjana Rajendran, Ethan L. Miller, Darrell D. E. Long, Horus: Fine-Grained Encryption-Based Security for High Performance Petascale Storage, Proceedings of the 6th Parallel Data Storage Workshop (PDSW '11), November 2011.
• Alex Nelson, George Dinolt, Bret Michael, Man-Tak Shing, A security and usability perspective of cloud file systems, 6th IEEE International Conference on System of Systems Engineering (SoSE), June 2011.
• Stephanie Jones, Christina Strong, Darrell D. E. Long, Ethan L. Miller, Tracking Emigrant Data via Transient Provenance, Proceedings of the 3rd USENIX Workshop on the Theory and Practice of Provenance (TaPP '11), June 2011.

2010

• Thomas Schwarz, Darrell D. E. Long, Clasas: A Key-Store for the Cloud, Proceedings of the 18th Annual Meeting of the IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems (MASCOTS 2010), August 2010.

2009

• Mark W. Storer, Kevin Greenan, Ethan L. Miller, Kaladhar Voruganti, POTSHARDS—A Secure, Long-Term Storage System, ACM Transactions on Storage 5(2), June 2009.

2008

• Mark W. Storer, Kevin Greenan, Darrell D. E. Long, Ethan L. Miller, Secure Data Deduplication, Proceedings of the 4th International Workshop on Storage Security and Survivability (StorageSS 2008), held in conjunction with the 15th ACM Conference on Computer and Communications Security (CCS 2008), October 2008.

2007

• Andrew Leung, Ethan L. Miller, Stephanie Jones, Scalable Security for Petascale Parallel File Systems, Proceedings of SC '07, November 2007.
• Neerja Bhatnagar, Ethan L. Miller, A Secure and Reliable File System for Sensor Nodes, Proceedings of the 3rd International Workshop on Storage Security and Survivability (StorageSS 2007), October 2007.
• Kristal Pollack, Darrell D. E. Long, Richard Golding, Ralph Becker-Szendy, Benjamin C. Reed, Quota Enforcement for High-Performance Distributed Storage Systems, Proceedings of the 24th IEEE Conference on Mass Storage Systems and Technologies (MSST 2007), September 2007, pages 72-84.
• Kevin Greenan, Ethan L. Miller, Thomas Schwarz, Analysis and Construction of Galois Fields for Efficient Storage Reliability, Technical Report UCSC-SSRC-07-09, August 2007. Revised version published in MASCOTS 2008.
• Mark W. Storer, Kevin Greenan, Ethan L. Miller, Kaladhar Voruganti, POTSHARDS: Secure Long-Term Storage Without Encryption, Proceedings of the 2007 USENIX Technical Conference, June 2007, pages 143-156.
• Andrew Leung, Scalable Security for High Performance, Petascale Storage, Technical Report UCSC-SSRC-07-07, June 2007.

2006

• Andrew Leung, Ethan L. Miller, Scalable Security for Large, High Performance Storage Systems, Proceedings of the 2nd ACM Workshop on Storage Security and Survivability (StorageSS 2006), October 2006.
• Mark W. Storer, Kevin Greenan, Ethan L. Miller, Long-Term Threats to Secure Archives, Proceedings of the 2nd ACM Workshop on Storage Security and Survivability (StorageSS 2006), October 2006.
• Mark W. Storer, Kevin Greenan, Ethan L. Miller, Kaladhar Voruganti, POTSHARDS: Secure Long-Term Archival Storage Without Encryption, Technical Report UCSC-SSRC-06-03, Storage Systems Research Center, University of California, Santa Cruz, September 2006. Later version published in USENIX 2007.
• Avik Chaudhuri, Martín Abadi, Formal Analysis of Dynamic, Distributed File-System Access Controls, Proceedings of the 26th IFIP WG6.1 International Conference on Formal Methods for Networked and Distributed Systems (FORTE '06), September 2006, pages 99-114.
• Thomas Schwarz, Ethan L. Miller, Store, forget, and check: Using algebraic signatures to check remotely administered storage, Proceedings of the IEEE Int'l Conference on Distributed Computing Systems (ICDCS '06), July 2006.
• Avik Chaudhuri, Martín Abadi, Secrecy by Typing and File-Access Control, Proceedings of the 19th IEEE Computer Security Foundations Workshop (CSFW '06), July 2006, pages 112-123.

2005

• Mark W. Storer, Kevin Greenan, Ethan L. Miller, Carlos Maltzahn, POTSHARDS: Storing Data for the Long-Term Without Encryption, Proceedings of the 3rd International IEEE Security in Storage Workshop, December 2005.
• Christopher Olson, Ethan L. Miller, Secure Capabilities for a Petabyte-Scale Object-Based Distributed File System, Proceedings of the 2005 ACM Workshop on Storage Security and Survivability (StorageSS 2005), November 2005. Won Best Full Paper award.
• Avik Chaudhuri, Martín Abadi, Formal Security Analysis of Basic Network-Attached Storage, Proceedings of the 3rd ACM Workshop on Formal Methods in Security Engineering (FMSE'05), November 2005, pages 43-52.

2003

• Geoff Kuenning, Ethan L. Miller, Anonymization Techniques for URLs and Filenames, Technical Report UCSC-CRL-03-05, September 2003.

2002

• Scott Banachowski, Zachary Peterson, Ethan L. Miller, Scott A. Brandt, Intra-file security for a distributed file system, Proceedings of the 19th IEEE Symposium on Mass Storage Systems and Technologies, April 2002, pages 153-163.
• Ethan L. Miller, Darrell D. E. Long, William E. Freeman, Benjamin C. Reed, Strong Security for Network-Attached Storage, Proceedings of the 2002 Conference on File and Storage Technologies (FAST), January 2002, pages 1-13.

2001

• Ethan L. Miller, Darrell D. E. Long, William E. Freeman, Benjamin C. Reed, Strong security for distributed file systems, Proceedings of the 20th IEEE International Performance, Computing and Communications Conference (IPCCC '01), April 2001, pages 34–40.

2000

• William E. Freeman, Ethan L. Miller, Design for a decentralized security system for network-attached storage, Proceedings of the 17th IEEE Symposium on Mass Storage Systems and Technologies, March 2000, pages 361–373.