Advertisement

A Security Scheme for United Storage Network

  • Yihui Luo
  • Changsheng Xie
  • Chengfeng Zhang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3252)

Abstract

USN realizes the integration of SAN and NAS with IP network, but it brings new security consideration such as user authorization, data privacy and integrity. A USN model based on the third party transfer protocol is suggested to realize the security scheme. This security scheme has the following characteristics: A key distribution scheme is used to create credentials for users in order to reduce authorization server performance penalty; Using HMAC authenticates users requests so as to minimize computation overhead; Performing encryption/decryption of data at clients and storing data checksums on the storage will minimize the storage performance penalty; The lockbox is used to integrate keys in order to minimize the sum of keys need managed by authorization server. Experiments show that it takes less than 10% performance overhead to realize the security scheme for USN comparing the baseline USN.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Vorugaanti, K., Sarkar, P.: An Analysis of Three Gigabit Networking Protocols for Storage Area Networks. IEEE, Los Alamitos (2001)Google Scholar
  2. 2.
    Baumert, C.: Secuing IP Storage Networks. Cylink Corporation, USA (October 2002)Google Scholar
  3. 3.
    Gibson, G.A., van Meter, R.: Network Attached Storage Architecture. Communication of Theacm (November 2000)Google Scholar
  4. 4.
    Zhiheny, W., Yingcai, B.: A New Scheme of Integrating NAS with SAN. Journal of Shanghai Jiaotong University E-8(1) (2003)Google Scholar
  5. 5.
    Yingwu, Z.Y.H.: SNARE: A Strong Security Scheme for Network-Attached Storage. In: The 2nd International Symposium on Reliable Distributed Systems, SRDS 2003 (2003)Google Scholar
  6. 6.
    Reidel, E., Kallahalla, M., Swaminathan, R.: A framework for evaluating storage systems security. In: The 1st conference on File and Storage Technologies (FAST) (January 2002)Google Scholar
  7. 7.
    Miller, E., Long, D., Freeman, W., Reed, B.: Strong Security for Network-Attached Storage. In: The FAST 2002 Conference on File and Storage Technologies (January 2002)Google Scholar
  8. 8.
    Reed, B.C., Chron, E.G., Burns, R.l.C., Long, D.E.: Authenticating Network-Attached Storage. IEEE Micro 20(1), 49–57 (2000)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Yihui Luo
    • 1
    • 2
  • Changsheng Xie
    • 1
  • Chengfeng Zhang
    • 1
  1. 1.National Storage System Laboratory, School of Computer ScienceHuazhong University of Science and TechnologyWuhan, HubeiP.R. China
  2. 2.School of Mathematics and Computer ScienceHubei UniversityWuhan, HubeiP.R. China

Personalised recommendations