SeMiNAS: A Secure Middleware for Wide-Area Network-Attached Storage

Proceedings of the 9th ACM International on Systems and Storage Conference Pub Date : 2016-06-06 DOI:10.1145/2928275.2928282

Ming Chen, E. Zadok, A. Vasudevan, Kelong Wang

{"title":"SeMiNAS: A Secure Middleware for Wide-Area Network-Attached Storage","authors":"Ming Chen, E. Zadok, A. Vasudevan, Kelong Wang","doi":"10.1145/2928275.2928282","DOIUrl":null,"url":null,"abstract":"Utility computing is being gradually realized as exemplified by cloud computing. Outsourcing computing and storage to global-scale cloud providers benefits from high accessibility, flexibility, scalability, and cost-effectiveness. However, users are uneasy outsourcing the storage of sensitive data due to security concerns. We address this problem by presenting SeMiNAS---an efficient middleware system that allows files to be securely outsourced to providers and shared among geo-distributed offices. SeMiNAS achieves end-to-end data integrity and confidentiality with a highly efficient authenticated-encryption scheme. SeMiNAS leverages advanced NFSv4 features, including compound procedures and data-integrity extensions, to minimize extra network round trips caused by security meta-data. SeMiNAS also caches remote files locally to reduce accesses to providers over WANs. We designed, implemented, and evaluated SeMiNAS, which demonstrates a small performance penalty of less than 26% and an occasional performance boost of up to 19% for Filebench workloads.","PeriodicalId":20607,"journal":{"name":"Proceedings of the 9th ACM International on Systems and Storage Conference","volume":"3 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2016-06-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 9th ACM International on Systems and Storage Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2928275.2928282","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

Abstract

Utility computing is being gradually realized as exemplified by cloud computing. Outsourcing computing and storage to global-scale cloud providers benefits from high accessibility, flexibility, scalability, and cost-effectiveness. However, users are uneasy outsourcing the storage of sensitive data due to security concerns. We address this problem by presenting SeMiNAS---an efficient middleware system that allows files to be securely outsourced to providers and shared among geo-distributed offices. SeMiNAS achieves end-to-end data integrity and confidentiality with a highly efficient authenticated-encryption scheme. SeMiNAS leverages advanced NFSv4 features, including compound procedures and data-integrity extensions, to minimize extra network round trips caused by security meta-data. SeMiNAS also caches remote files locally to reduce accesses to providers over WANs. We designed, implemented, and evaluated SeMiNAS, which demonstrates a small performance penalty of less than 26% and an occasional performance boost of up to 19% for Filebench workloads.

查看原文本刊更多论文

用于广域网附加存储的安全中间件

以云计算为代表的效用计算正在逐步实现。将计算和存储外包给全球规模的云提供商可以从高可访问性、灵活性、可伸缩性和成本效益中获益。然而，出于安全考虑，用户对外包敏感数据的存储感到不安。我们通过介绍SeMiNAS来解决这个问题——一个高效的中间件系统，它允许文件安全地外包给提供商，并在地理分布的办公室之间共享。semas通过高效的认证加密方案实现端到端的数据完整性和机密性。semas利用先进的NFSv4功能，包括复合过程和数据完整性扩展，以最大限度地减少由安全元数据引起的额外网络往返。semas还在本地缓存远程文件，以减少通过广域网访问提供商。我们设计、实现并评估了semas，结果表明，对于Filebench工作负载，semas的性能损失小于26%，偶尔性能提升高达19%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 9th ACM International on Systems and Storage Conference

自引率

0.00%

发文量