Norton Zone: Symantec's Secure Cloud Storage System

Abstract

Cloud storage services are the way of the future, if not the present, but broad adoption is limited by a stark trade-off between privacy and functionality. Many popular cloud services provide search capabilities, but make only nominal efforts to keep user data fully private. Alternatives that search private user data on an untrusted server sacrifice functionality and/or scalability. We describe Norton Zone, Symantec's secure and scalable public storage system based on our valet security model. Whereas most commercial cloud storage systems secure user data with access control and legal mechanisms, Zone's cryptographic techniques provide proven privacy guarantees. This gives users an extra layer of security without compromising functionality. Zone's performance is comparable to unencrypted cloud storage systems that support search and sharing. We report on the design of Zone and the lessons learned in developing and deploying it in commercial, distributed datacenters scalable to millions of users.