HASS: Highly Available, Scalable and Secure Distributed Data Storage Systems
- 1 January 2009
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
- Vol. 2, 772-780
- https://doi.org/10.1109/cse.2009.70
Abstract
As computers become pervasive and data size increases dramatically, data management systems' security, scalability and availability features turn into major design issues, especially in distributed computing environments. This paper proposes a highly available, scalable and secure distributed data storage system (HASS) for high performance and secure data management. Distributed and parallel data storage or file systems such as Object-based Storage Devices (OSD) and flexible key distribution schemes such as stateless Identity Based Encryption (IBE) are integrated to achieve scalability in terms of performance and key management. OSD provides high performance parallel I/O whereas IBE eliminates pre-shared secrete/symmetric keys and simplifies key distribution. Data at rest (static) and in transit (dynamic) are protected with different encryption strategies for privacy and integrity. With IBE, public keys are not stored whereas private and session keys are generated dynamically for data in transit protection/encryption. SecretSharing is used for data at rest protection. Replication on OSD sites duplicates data shares for high availability. Overall, the proposed HASS system delivers high performance data management with security, scalability and high availability features.Keywords
This publication has 13 references indexed in Scilit:
- Secure Data Objects Replication in Data GridIEEE Transactions on Dependable and Secure Computing, 2008
- Scalable security for petascale parallel file systemsPublished by Association for Computing Machinery (ACM) ,2007
- Implementing and Evaluating Security Controls for an Object-Based Storage SystemPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2007
- CRUSH: Controlled, Scalable, Decentralized Placement of Replicated DataPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2006
- Decentralized Authentication Mechanisms for Object-based Storage DevicesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- Responsive security for stored dataIEEE Transactions on Parallel and Distributed Systems, 2003
- The Google file systemPublished by Association for Computing Machinery (ACM) ,2003
- Interposed request routing for scalable network storageACM Transactions on Computer Systems, 2002
- The Byzantine Generals ProblemACM Transactions on Programming Languages and Systems, 1982
- How to share a secretCommunications of the ACM, 1979