Abstract
With the unprecedented growth of storage systems in all of today’s society, threats on stored sensitive information have become the critical issues that need to be addressed. Further, compared to the transient risks of data in-flight, the risks associated with data-at-rest are more enduring. While there have been many strategies and mechanisms to implement storage security on data-at-rest, these solutions implemented on application level or operating system level have several shortcomings, including weak security and heavy burden on sever load. In this paper, we propose two hardware security structures based on block level, namely, store-and-forward architecture and cut-through architecture. In our approach, we design and implement these architectures based on FPGA. Our experimental results show that our schemes achieve transparency and completeness in real time without decreasing performance of system.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Stanton, P.: Security Data in Storage: A Review of Current Research. ACM Computing Research Repository (CORR) Technical Report 0409034 (September 2004)
Beaver, D.: Network Security and Storage Security: Symmetries and Symmetry-Breaking. In: First International IEEE Security in Storage Workshop (December 2002)
Halevi, S.: Draft proposal for tweakable wide-block encryption. In: First international IEEE security in storage workshop (December 2002)
Blaklay, G.R.: Safeguarding Cryptographic Keys. AFIPS Conference Proceedings 48, 313–317 (1979)
Blaze, M.: A Cryptographic File System for Unix. In: First ACM Conference on Communications and Computing Security, Firefox, VA (November 1993)
National Institute of Standards and Technology (NIST), Advanced Encryption Standard (AES), National Technical Information Service, Springfield, VA 22161 (November 2001)
Mangard, S., Aigner, M., Dominikus, S.: A highly regular and scalable AES hardware architecture. IEEE trans. Computers 52(4), 483–491 (2003)
Russinovich, M.: Inside Encrypted File System, windowsITPro (July 1997), http://www.windowsitpro.com/article
Doraswamy, N., Harkins, D.: IPSec-The New Security Standard for the Internet, Intranets, and Virtual Private Networks. Prentice Hall PTR, Englewood Cliffs (2003)
Kent, S., Atkinson, R.: Security Architecture for the Internet Protocol. RFC2401 (November 1998)
Alshamsi, A.: A technical comparision of IPSec and SSL. In: Proceedings of the 19th international conference on advanced information networking and applications (AINA 2005) (2005)
Hughes, J.: IEEE standard for encrypted storage. IEEE computer (November 2004)
IOMeter Project, http://www.iometer.org/
Gibson, G., Nagle, D., Amiri, K., Chang, F., Gobioff, H., Riedel, E., Rochberg, D., Zelenka, J.: Filesystems for Network-Attached Secure Disks CMU Computer Science Technical Report, CMU-CS-97-118 (July 1997)
Goh, E.-J., Shacham, H., Modadugu, N., Boneh, D.: SiRiUS: Securing Remote Untrusted Storage. In: The Proceedings of the Internet Society (ISOC) Network and Distributed Systems Security (NDSS) Symposium (2003)
Kallahalla, M., Riedel, E., Swaminathan, R., Wang, Q., Fu, K.: PLUTUS: Scalable secure file sharing on untrusted storage. In: Conference on File andStorage Technology (FAST 2003), pp. 29–42 (2003) (31 Mar - 2 Apr 2003, San Francisco, CA), Published by USENIX, Berkeley, CA
Miller, E.L., Long, D.D.E., et al.: Strong Security for Network-Attached Storage. In: Proceedings of the FAST 2002 Conference on File and Storage Technologies, Monterey, California, USA (January 28-30 2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ma, S., Han, J., Wang, Z. (2006). Block-Level Storage Security Architectures. In: Gavrilova, M., et al. Computational Science and Its Applications - ICCSA 2006. ICCSA 2006. Lecture Notes in Computer Science, vol 3980. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11751540_110
Download citation
DOI: https://doi.org/10.1007/11751540_110
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-34070-6
Online ISBN: 978-3-540-34071-3
eBook Packages: Computer ScienceComputer Science (R0)