Abstract
Modern storage systems are often faced with complex trade-offs between the confidentiality, availability, and performance they offer their users. Secret sharing is a data encoding technique that provides information-theoretically provable guarantees on confidentiality unlike conventional encryption. Additionally, secret sharing provides quantifiable guarantees on the availability of the encoded data. We argue that these properties make secret sharing-based encoding of data particularly suitable for the design of increasingly popular and important distributed archival data stores. These guarantees, however, come at the cost of increased resource consumption during reads/writes. Consequently, it is desirable that such a storage system employ techniques that could dynamically transform data representation to operate the store within required confidentiality, availability, and performance regimes (or budgets) despite changes to the operating environment. Since state-of-the-art transformation techniques suffer from prohibitive data transfer overheads, we develop a middleware for dynamic data transformation. Using this, we propose the design and operation of a secure, available, and tunable distributed archival store called FlexArchive. Using a combination of analysis and empirical evaluation, we demonstrate the feasibility of our archival store. In particular, we demonstrate that FlexArchive can achieve dynamic data re-configurations in significantly lower times (factor of 50 or more) without any sacrifice in confidentiality and with a negligible loss in availability (less than 1%).
Chapter PDF
Similar content being viewed by others
References
Bhagwan, R., Tati, K., Cheng, Y., Savage, S., Voelker, G.M.: Totalrecall: Systems support for automated availability management. In: Proceedings of the Usenix Symposium on Networked Systems Design and Implementation (2004)
Blakley, B., Blakley, G.R., Chan, A.H., Massey, J.L.: Threshold schemes with disenrollment. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 540–548. Springer, Heidelberg (1993)
Cachin, C.: On-line secret sharing. In: Boyd, C. (ed.) Cryptography and Coding 1995. LNCS, vol. 1025. Springer, Heidelberg (1995)
Desmedt, Y., Jajodia, S.: Redistributing secret shares to new access structures and its applications. Technical Report ISSE TR-97-01, George Mason University, Fairfax, VA (July 1997)
Adya, A., et al.: Farsite: Federated, available, and reliable storage for an incompletely trusted environment. In: Proceedings of the 5th Symposium on Operating Systems Design and Implementation, OSDI (2002)
Frankel, Y., MacKenzie, P.D., Yung, M.: Adaptive security for the additive-sharing based proactive RSA. In: Kim, K.-c. (ed.) PKC 2001. LNCS, vol. 1992, pp. 240–263. Springer, Heidelberg (2001)
Goodson, G.R., Wylie, J.J., Ganger, G.R., Reiter, M.K.: Efficient byzantine-tolerant erasure-coded storage. In: Proceedings of the 2004 International Conference on Dependable Systems and Networking, DSN 2004 (June 2004)
Haeberlen, A., Mislove, A., Druschel, P.: Highly durable, decentralized storage despite massive correlated failures. In: Proceedings of the 2nd symposium on Networked Systems Design and Implementation (NSDI) (May 2005)
Hey, T., Trefethen, A.: Data deluge - an e-science perspective. In: Grid Computing - Making the Global Infrastructure a Reality (January 2003)
Iyengar, A., Cahn, R., Garay, J.A., Jutla, C.: Design and implementation of a secure distributed data repository. In: Proceedings of the 14th IFIP International Information Security Conference (SEC 1998) (September 1998)
Kallahala, M., Riedel, E., Swaminathan, R., Wang, Q., Fu, K.: Plutus: Scalable secure file sharing on untrusted storage. In: Proceedings of the Second USENIX Conference on File and Storage Technologies (FAST) (March 2003)
Keeton, K., Santos, C., Beyer, D., Chase, J., Wilkes, J.: Designing for disasters. In: Proceedings of the Third USENIX Conference on File and Storage Technologies (FAST) (April 2004)
Kotla, R., Alvisi, L., Dahlin, M.: Safestore: A durable and practical storage system. In: Proceedings of the USENIX Annual Technical Conference (2007)
Miller, E.L., Long, D.D.E., Freeman, W.E., Reed, B.C.: Strong security for network-attached storage. In: Proceedings of the 2002 conference on File and Storage Technologies, FAST (2002)
Nath, S., Yu, H., Gibbons, P.B., Seshan, S.: Subtleties in tolerating correlated failures in wide-area storage systems. In: Proceedings of the 3rd conference on 3rd Symposium on Networked Systems Design and Implementation, NSDI (2006)
Quinlan, S., Dorward, S.: A new approach to archival storage. In: Proceedings of the Conference in File and Storage Technologies, FAST (2002)
Rhea, S., Eaton, P., Geels, D., Weatherspoon, H., Zhao, B., Kubiatowicz, J.: Pond: the oceanstore prototype. In: Proceedings of the Second USENIX Conference on File and Storage Technologies (FAST) (March 2003)
Santry, D.S., Feeley, M.J., Hutchinson, N.C., Veitch, A.C., Carton, R.W., Ofir, J.: Deciding when to forget in the elephant file system. In: Proceedings of the 17th ACM Symposium on Operating Systems Principles, SOSP (1999)
Shamir, A.: How to share a secret. Communications of the ACM (November 1979)
Stanton, P., Yurcik, W., Brumbaugh, L.: Protecting multimedia data in storage: A survey of techniques emphasizing encryption. In: International Symposium Electronic Imaging/Storage and Retrieval Methods and Applications for Multimedia (2005)
Storer, M.W., Greenan, K., Miller, E.L.: Long-term threats to secure archives. In: Proceedings of the Workshop on Storage Security and Survivability (2006)
Storer, M.W., Greenan, K.M., Miller, E.L., Voruganti, K.: Potshards: Secure long-term storage without encryption. In: Proceedings of the USENIX Annual Technical Conference (2007)
Subbiah, A., Blough, D.M.: An approach for fault tolerance and secure data storage in collaborative work environments. In: Proceedings of the 2005 ACM Workshop on Storage Security and Survivability (November 2005)
Wong, T.M., Wang, C., Wing, J.M.: Verifiable secret distribution for threshold sharing schemes. Technical Report. CMU-CS-02-114-R, Carnegie Mellon University (October 2002)
Wylie, J.J., Bigrigg, M.W., Strunk, J.D., Ganger, G.R., Kilicotte, H.P.: K Khosla. Survivable storage systems. IEEE Computer (August 2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 IFIP International Federation for Information Processing
About this paper
Cite this paper
Chaitanya, S., Vijayakumar, D., Urgaonkar, B., Sivasubramaniam, A. (2010). Middleware for a Re-configurable Distributed Archival Store Based on Secret Sharing. In: Gupta, I., Mascolo, C. (eds) Middleware 2010. Middleware 2010. Lecture Notes in Computer Science, vol 6452. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16955-7_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-16955-7_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16954-0
Online ISBN: 978-3-642-16955-7
eBook Packages: Computer ScienceComputer Science (R0)