Implementing and Evaluating Security Controls for an Object-Based Storage System

This paper presents the implementation and performance evaluation of a real, secure object-based storage system compliant to the T10 OSD standard. In contrast to previous work, our system implements the entire three security methods of the OSD security protocol defined in the standard, namely CAPKEY, CMDRSP and ALLDATA, and an Oakley-based authentication protocol by which the Metadata Server (MDS) and client can be sure of each other's identities. Moreover, our system supports concurrent operations from multiple clients to multiple OSDs. The MDS, a combination of security manager and storage/policy manager, performs access control, global namespace management, and concurrency control. We also evaluate the performance and scalability of our implementation and compare it with iSCSI, NFS and Lustre storage configurations. The overhead of access control is small: compared with the same system without any security mechanism, bandwidth for reads and writes with the CAPKEY and CMDRSP methods decreases by less than 5%, while latency for metadata operations with any of the security methods increases by less than 0.3 ms (5%). The system with the ALLDATA method suffers a higher performance penalty: large sequential accesses run at 46% and 52% of the maximum bandwidth of unsecured storage for reads and writes respectively. The aggregate throughput scales with the number of OSDs (up to 8 in our experiments). The overhead of the SET KEY commands for partition and working keys refreshed frequently is less than 2 ms.