Design and Implementation of Object-Oriented Encryption Storage System Based on Trusted Computing Platform

Abstract

Object-oriented storage system is a distributed storage systems with a storage device directly connected to the network. In existing encryption schemes the protection of the sensitive data is achieved mainly through an encrypted data storage system, but the encryption key is protected only by a weak password. This is a security risk to storage system, so the key protection is an important issue that needs to be resolved. This paper presents an Object-oriented Encryption Storage System based on Trusted Computing Platform (OESSTCP). A trusted computing platform is adapted in OESSTCP to the file system to protect the encryption keys, thereby enhancing the security of the entire storage system. We have designed and implemented OESSTCP scheme on an object-oriented storage system. Experimental results show that the OESSTCP key cryptographic security protection occupies only 0.3% of the entire encryption overhead and it does not bring great impact on performance of the storage system.