Loading [MathJax]/extensions/MathZoom.js
Cryptographic Security for a High-Performance Distributed File System | IEEE Conference Publication | IEEE Xplore
Subscribe
ADVANCED SEARCH
Conferences >24th IEEE Conference on Mass ...

Cryptographic Security for a High-Performance Distributed File System

PDF
Roman Pletka; Christian Cachin
All Authors

Abstract:

Storage systems are increasingly subject to attacks. Cryptographic file systems mitigate the danger of exposing data by using encryption and integrity protection methods ...Show More

Metadata

Abstract:

Storage systems are increasingly subject to attacks. Cryptographic file systems mitigate the danger of exposing data by using encryption and integrity protection methods and guarantee end-to-end security for their clients. This paper describes a generic design for cryptographic file systems and its realization in a distributed storage-area network (SAN) file system. Key management is integrated with the meta-data service of the SAN file system. The implementation supports file encryption as well as integrity protection through hash trees. Both techniques have been implemented in the client file system driver. Benchmarks demonstrate that the overhead is noticeable for some artificially constructed use cases, but that it is very small for typical file system applications.
Published in: 24th IEEE Conference on Mass Storage Systems and Technologies (MSST 2007)
Date of Conference: 24-27 September 2007
Date Added to IEEE Xplore: 29 October 2007
ISBN Information:

ISSN Information:

DOI: 10.1109/MSST.2007.4367977
Conference Location: San Diego, CA, USA
Contents

1. Introduction

Security is quickly becoming a mandatory feature of data storage systems. Today, storage space is typically provided by complex networked systems. These networks have traditionally been confined to data centers in physically secured locations. But with the availability of high-speed LANs and storage networking protocols such as FCIP and iSCSI, these networks are becoming virtualized and open to access from user machines. Hence, clients may access the storage devices directly, and the existing static security methods no longer make sense. New, dynamic security mechanisms are required for protecting stored data in virtualized and networked storage systems.

Contact IEEE to Subscribe
More Like This
Enhanced Data Security Framework for Storage Area Networks

2009 Second International Conference on Environmental and Computer Science

Published: 2009

Lazy revocation in cryptographic file systems

Third IEEE International Security in Storage Workshop (SISW'05)

Published: 2005

Show More

References

References is not available for this document.

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.