Skip to main content
SpringerLink
Log in

Block-Level Storage Security Architectures

  • Conference paper
Computational Science and Its Applications - ICCSA 2006 (ICCSA 2006)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 3980))

Included in the following conference series:

  • 1167 Accesses

Abstract

With the unprecedented growth of storage systems in all of today’s society, threats on stored sensitive information have become the critical issues that need to be addressed. Further, compared to the transient risks of data in-flight, the risks associated with data-at-rest are more enduring. While there have been many strategies and mechanisms to implement storage security on data-at-rest, these solutions implemented on application level or operating system level have several shortcomings, including weak security and heavy burden on sever load. In this paper, we propose two hardware security structures based on block level, namely, store-and-forward architecture and cut-through architecture. In our approach, we design and implement these architectures based on FPGA. Our experimental results show that our schemes achieve transparency and completeness in real time without decreasing performance of system.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Stanton, P.: Security Data in Storage: A Review of Current Research. ACM Computing Research Repository (CORR) Technical Report 0409034 (September 2004)

    Google Scholar 

  2. Beaver, D.: Network Security and Storage Security: Symmetries and Symmetry-Breaking. In: First International IEEE Security in Storage Workshop (December 2002)

    Google Scholar 

  3. Halevi, S.: Draft proposal for tweakable wide-block encryption. In: First international IEEE security in storage workshop (December 2002)

    Google Scholar 

  4. Blaklay, G.R.: Safeguarding Cryptographic Keys. AFIPS Conference Proceedings 48, 313–317 (1979)

    Google Scholar 

  5. Blaze, M.: A Cryptographic File System for Unix. In: First ACM Conference on Communications and Computing Security, Firefox, VA (November 1993)

    Google Scholar 

  6. National Institute of Standards and Technology (NIST), Advanced Encryption Standard (AES), National Technical Information Service, Springfield, VA 22161 (November 2001)

    Google Scholar 

  7. Mangard, S., Aigner, M., Dominikus, S.: A highly regular and scalable AES hardware architecture. IEEE trans. Computers 52(4), 483–491 (2003)

    Article  Google Scholar 

  8. Russinovich, M.: Inside Encrypted File System, windowsITPro (July 1997), http://www.windowsitpro.com/article

  9. Doraswamy, N., Harkins, D.: IPSec-The New Security Standard for the Internet, Intranets, and Virtual Private Networks. Prentice Hall PTR, Englewood Cliffs (2003)

    Google Scholar 

  10. Kent, S., Atkinson, R.: Security Architecture for the Internet Protocol. RFC2401 (November 1998)

    Google Scholar 

  11. Alshamsi, A.: A technical comparision of IPSec and SSL. In: Proceedings of the 19th international conference on advanced information networking and applications (AINA 2005) (2005)

    Google Scholar 

  12. Hughes, J.: IEEE standard for encrypted storage. IEEE computer (November 2004)

    Google Scholar 

  13. IOMeter Project, http://www.iometer.org/

  14. Gibson, G., Nagle, D., Amiri, K., Chang, F., Gobioff, H., Riedel, E., Rochberg, D., Zelenka, J.: Filesystems for Network-Attached Secure Disks CMU Computer Science Technical Report, CMU-CS-97-118 (July 1997)

    Google Scholar 

  15. Goh, E.-J., Shacham, H., Modadugu, N., Boneh, D.: SiRiUS: Securing Remote Untrusted Storage. In: The Proceedings of the Internet Society (ISOC) Network and Distributed Systems Security (NDSS) Symposium (2003)

    Google Scholar 

  16. Kallahalla, M., Riedel, E., Swaminathan, R., Wang, Q., Fu, K.: PLUTUS: Scalable secure file sharing on untrusted storage. In: Conference on File andStorage Technology (FAST 2003), pp. 29–42 (2003) (31 Mar - 2 Apr 2003, San Francisco, CA), Published by USENIX, Berkeley, CA

    Google Scholar 

  17. Miller, E.L., Long, D.D.E., et al.: Strong Security for Network-Attached Storage. In: Proceedings of the FAST 2002 Conference on File and Storage Technologies, Monterey, California, USA (January 28-30 2002)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Computing Technology, Chinese Academy of Sciences, Beijing, 100080, PRC

    Shichao Ma, Jizhong Han & Zhensong Wang

  2. Graduate School, Chinese Academic of Sciences, Beijing, 100080, PRC

    Shichao Ma

Authors
  1. Shichao Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jizhong Han
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zhensong Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, University of Calgary, 2500 University Drive N.W., T2N 1N4, Calgary, AB, Canada

    Marina Gavrilova

  2. Department of Mathematics and Computer Science, University of Perugia, via Vanvitelli, 1, I-06123, Perugia, Italy

    Osvaldo Gervasi

  3. William Norris Professor, Head of the Computer Science and Engineering Department, University of Minnesota, USA

    Vipin Kumar

  4. OptimaNumerics Ltd., Cathedral House, 23-31 Waring Street, BT1 2DX, Belfast, UK

    C. J. Kenneth Tan

  5. Clayton School of IT, Monash University, 3800, Clayton, Australia

    David Taniar

  6. Department of Chemistry, University of Perugia, Via Elce di Sotto, 8, I-06123, Perugia, Italy

    Antonio Laganá

  7. School of Computing, Soongsil University, Seoul, Korea

    Youngsong Mun

  8. School of Information and Communication Engineering, Sungkyunkwan University, Korea

    Hyunseung Choo

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ma, S., Han, J., Wang, Z. (2006). Block-Level Storage Security Architectures. In: Gavrilova, M., et al. Computational Science and Its Applications - ICCSA 2006. ICCSA 2006. Lecture Notes in Computer Science, vol 3980. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11751540_110

Download citation

  • DOI: https://doi.org/10.1007/11751540_110

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-34070-6

  • Online ISBN: 978-3-540-34071-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation