发布求助
文献互助 智能选刊 最新文献

ACM International Workshop on Storage Security And Survivability最新文献

筛选
英文 中文
Secure capabilities for a petabyte-scale object-based distributed file system 用于pb级基于对象的分布式文件系统的安全功能
ACM International Workshop on Storage Security And Survivability Pub Date : 2005-11-11 DOI: 10.1145/1103780.1103791
Christopher Olson, E. L. Miller
{"title":"Secure capabilities for a petabyte-scale object-based distributed file system","authors":"Christopher Olson, E. L. Miller","doi":"10.1145/1103780.1103791","DOIUrl":"https://doi.org/10.1145/1103780.1103791","url":null,"abstract":"Recently, the Network-Attached Secure Disk (NASD) model has become a more widely used technique for constructing large-scale storage systems. However, the security system proposed for NASD assumes that each client will contact the server to get a capability to access one object on a server. While this approach works well in smaller-scale systems in which each file is composed of a few objects, it fails for large-scale systems in which thousands of clients make accesses to a single file composed of thousands of objects spread across thousands of disks. The file system we are building, Ceph, distributes files across many objects and disks to distribute load and improve reliability. In such a system, the metadata server cluster will sometimes see thousands of open requests for the same file within seconds. To address this bottleneck, we propose new authentication protocols for object-based storage systems in which a sequence of fixed-size objects comprise a file and flash crowds are likely. We qualitatively evaluated the security and risks of each protocol, and, using traces of a scientific application, compared the overhead of each protocol. We found that, surprisingly, a protocol using public key cryptography incurred little extra cost while providing greater security than a protocol using only symmetric key cryptography.","PeriodicalId":413919,"journal":{"name":"ACM International Workshop on Storage Security And Survivability","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130350105","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 31
Expecting the unexpected: adaptation for predictive energy conservation 期待意外:适应预测性节能
ACM International Workshop on Storage Security And Survivability Pub Date : 2005-11-11 DOI: 10.1145/1103780.1103800
Jeffrey P. Rybczynski, D. Long, A. Amer
{"title":"Expecting the unexpected: adaptation for predictive energy conservation","authors":"Jeffrey P. Rybczynski, D. Long, A. Amer","doi":"10.1145/1103780.1103800","DOIUrl":"https://doi.org/10.1145/1103780.1103800","url":null,"abstract":"The use of access predictors to improve storage device performance has been investigated for both improving access times, as well as a means of reducing energy consumed by the disk. Such predictors also offer us an opportunity to demonstrate the benefits of an adaptive approach to handling unexpected workloads, whether they are the result of natural variation or deliberate attempts to generate a problematic workload. Such workloads can pose a threat to system availability if they result in the excessive consumption of potentially limited resources such as energy. We propose that actively reshaping a disk access workload, using a dynamically self-adjusting access predictor, allows for consistently good performance in the face of varying workloads. Specifically, we describe how our Best Shifting prefetching policy, by adapting to the needs of the currently observed workload, can use 15% to 35% less energy than traditional disk spin-down strategies and 5% to 10% less energy than the use of a fixed prefetching policy.","PeriodicalId":413919,"journal":{"name":"ACM International Workshop on Storage Security And Survivability","volume":"23 14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121090300","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Storage-based file system integrity checker 基于存储的文件系统完整性检查器
ACM International Workshop on Storage Security And Survivability Pub Date : 2005-11-11 DOI: 10.1145/1103780.1103789
M. Banikazemi, D. Poff, B. Abali
{"title":"Storage-based file system integrity checker","authors":"M. Banikazemi, D. Poff, B. Abali","doi":"10.1145/1103780.1103789","DOIUrl":"https://doi.org/10.1145/1103780.1103789","url":null,"abstract":"In this paper we present a storage based intrusion detection system (IDS) which uses time and space efficient point-in-time copy and performs file system integrity checks to detect intrusions. The storage system software is enhanced to keep track of modified blocks such that the file system scan can be performed more efficiently. Furthermore, when an intrusion occurs a recent undamaged copy of the storage is used to recover the compromised data.","PeriodicalId":413919,"journal":{"name":"ACM International Workshop on Storage Security And Survivability","volume":"119 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131950543","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Toward a threat model for storage systems 建立存储系统的威胁模型
ACM International Workshop on Storage Security And Survivability Pub Date : 2005-11-11 DOI: 10.1145/1103780.1103795
Ragib Hasan, Suvda Myagmar, Adam J. Lee, W. Yurcik
{"title":"Toward a threat model for storage systems","authors":"Ragib Hasan, Suvda Myagmar, Adam J. Lee, W. Yurcik","doi":"10.1145/1103780.1103795","DOIUrl":"https://doi.org/10.1145/1103780.1103795","url":null,"abstract":"The growing number of storage security breaches as well as the need to adhere to government regulations is driving the need for greater storage protection. However, there is the lack of a comprehensive process to designing storage protection solutions. Designing protection for storage systems is best done by utilizing proactive system engineering rather than reacting with ad hoc countermeasures to the latest attack du jour. The purpose of threat modeling is to organize system threats and vulnerabilities into general classes to be addressed with known storage protection techniques. Although there has been prior work on threat modeling primarily for software applications, to our knowledge this is the first attempt at domain-specific threat modeling for storage systems. We discuss protection challenges unique to storage systems and propose two different processes to creating a threat model for storage systems: one based on classical security principles Confidentiality, Integrity, Availability, Authentication, or CIAA) and another based on the Data Lifecycle Model. It is our hope that this initial work will start a discussion on how to better design and implement storage protection solutions against storage threats.","PeriodicalId":413919,"journal":{"name":"ACM International Workshop on Storage Security And Survivability","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127703826","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 82
Securing distributed storage: challenges, techniques, and systems 保护分布式存储:挑战、技术和系统
ACM International Workshop on Storage Security And Survivability Pub Date : 2005-11-11 DOI: 10.1145/1103780.1103783
Vishal Kher, Yongdae Kim
{"title":"Securing distributed storage: challenges, techniques, and systems","authors":"Vishal Kher, Yongdae Kim","doi":"10.1145/1103780.1103783","DOIUrl":"https://doi.org/10.1145/1103780.1103783","url":null,"abstract":"The rapid increase of sensitive data and the growing number of government regulations that require longterm data retention and protection have forced enterprises to pay serious attention to storage security. In this paper, we discuss important security issues related to storage and present a comprehensive survey of the security services provided by the existing storage systems. We cover a broad range of the storage security literature, present a critical review of the existing solutions, compare them, and highlight potential research issues.","PeriodicalId":413919,"journal":{"name":"ACM International Workshop on Storage Security And Survivability","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122189841","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 131
Toward securing untrusted storage without public-key operations 在没有公钥操作的情况下保护不受信任的存储
ACM International Workshop on Storage Security And Survivability Pub Date : 2005-11-11 DOI: 10.1145/1103780.1103788
D. Naor, Amir Shenhav, A. Wool
{"title":"Toward securing untrusted storage without public-key operations","authors":"D. Naor, Amir Shenhav, A. Wool","doi":"10.1145/1103780.1103788","DOIUrl":"https://doi.org/10.1145/1103780.1103788","url":null,"abstract":"Adding security capabilities to shared, remote and untrusted storage file systems leads to performance degradation that limits their use. Public-key cryptographic primitives, widely used in such file systems, are known to have worse performance than their symmetric key counterparts. In this paper we examine design alternatives that avoid public-key cryptography operations to achieve better performance. We present the trade-offs and limitations that are introduced by these substitutions.","PeriodicalId":413919,"journal":{"name":"ACM International Workshop on Storage Security And Survivability","volume":"43 3","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121014513","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 24
Security of erasable memories against adaptive adversaries 可擦除记忆抵御适应性对手的安全性
ACM International Workshop on Storage Security And Survivability Pub Date : 2005-11-11 DOI: 10.1145/1103780.1103798
G. D. Crescenzo
{"title":"Security of erasable memories against adaptive adversaries","authors":"G. D. Crescenzo","doi":"10.1145/1103780.1103798","DOIUrl":"https://doi.org/10.1145/1103780.1103798","url":null,"abstract":"We study cryptographic modeling and encryption-based design techniques for guaranteeing privacy of data that is first stored in some type of computer memory and then deleted. We continue the investigation started in [3] by presenting an enhanced privacy notion that captures practical scenarios of adversaries repeatedly and adaptively attacking the memory to inspect its entire content before trying to obtain information about deleted data. We prove that the new notion is strictly stronger than the previous one considered in [3] (allowing the adversary a single intrusion), and show then that the efficient protocol in [3] still satisfies the new notion. One question implicitly raised by the previous work was whether it is indeed possible to define one meaningful and applicable notion of security even against adversaries that can repeatedly and adaptively obtain total control of the memory. Perhaps unexpectedly, our paper affirmatively answers this question.","PeriodicalId":413919,"journal":{"name":"ACM International Workshop on Storage Security And Survivability","volume":"74 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127364224","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Verifiable audit trails for a versioning file system 版本控制文件系统的可验证审计跟踪
ACM International Workshop on Storage Security And Survivability Pub Date : 2005-11-11 DOI: 10.1145/1103780.1103787
Zachary N. J. Peterson, R. Burns, G. Ateniese, Stephen Bono
{"title":"Verifiable audit trails for a versioning file system","authors":"Zachary N. J. Peterson, R. Burns, G. Ateniese, Stephen Bono","doi":"10.1145/1103780.1103787","DOIUrl":"https://doi.org/10.1145/1103780.1103787","url":null,"abstract":"We present constructs that create, manage, and verify digital audit trails for versioning file systems. Based upon a small amount of data published to a third party, a file system commits to a version history. At a later date, an auditor uses the published data to verify the contents of the file system at any point in time. Audit trails create an analog of the paper audit process for file data, helping to meet the requirements of electronic record legislation, such as Sarbanes-Oxley. Our techniques address the I/O and computational efficiency of generating and verifying audit trails, the aggregation of audit information in directory hierarchies, and constructing verifiable audit trails in the presence of lost data.","PeriodicalId":413919,"journal":{"name":"ACM International Workshop on Storage Security And Survivability","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115250073","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 44
Ensuring data integrity in storage: techniques and applications 确保存储中的数据完整性:技术和应用
ACM International Workshop on Storage Security And Survivability Pub Date : 2005-11-11 DOI: 10.1145/1103780.1103784
Gopalan Sivathanu, Charles P. Wright, E. Zadok
{"title":"Ensuring data integrity in storage: techniques and applications","authors":"Gopalan Sivathanu, Charles P. Wright, E. Zadok","doi":"10.1145/1103780.1103784","DOIUrl":"https://doi.org/10.1145/1103780.1103784","url":null,"abstract":"Data integrity is a fundamental aspect of storage security and reliability. With the advent of network storage and new technology trends that result in new failure modes for storage, interesting challenges arise in ensuring data integrity. In this paper, we discuss the causes of integrity violations in storage and present a survey of integrity assurance techniques that exist today. We describe several interesting applications of storage integrity checking, apart from security, and discuss the implementation issues associated with techniques. Based on our analysis, we discuss the choices and trade-offs associated with each mechanism. We then identify and formalize a new class of integrity assurance techniques that involve logical redundancy. We describe how logical redundancy can be used in today's systems to perform efficient and seamless integrity assurance.","PeriodicalId":413919,"journal":{"name":"ACM International Workshop on Storage Security And Survivability","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128721602","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 122
Pvault: a client server system providing mobile access to personal data Pvault:提供移动访问个人数据的客户端服务器系统
ACM International Workshop on Storage Security And Survivability Pub Date : 2005-11-11 DOI: 10.1145/1103780.1103799
R. Jammalamadaka, S. Mehrotra, N. Venkatasubramanian
{"title":"Pvault: a client server system providing mobile access to personal data","authors":"R. Jammalamadaka, S. Mehrotra, N. Venkatasubramanian","doi":"10.1145/1103780.1103799","DOIUrl":"https://doi.org/10.1145/1103780.1103799","url":null,"abstract":"In this paper we describe the design for the Pvault software, which is a personal data manager that stores and retrieves data from a remote untrusted data server securely. The major advantage of Pvault is that it allows users to access their personal data from any trusted remote computer. We will describe the issues and solutions for maintaining data confidentiality and integrity when the data is stored at the remote sever, since the server itself is untrusted. Pvault also prevents Phishing and Pharming attacks and we will describe the solutions for the same.","PeriodicalId":413919,"journal":{"name":"ACM International Workshop on Storage Security And Survivability","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128819183","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信