Abstract
Object-based storage offloads some works of file systems to storage devices to improve security, scalability, and performance. Security is a main concern when sharing data over network. We examine the security model of object-based storage and find that there is some problem in the model. It can be disabled by modifying specific field in the command. We propose a solution to this problem by encryption that makes unauthenticated clients impossible to alter the field. The overhead of this encryption is quite low. Thus the performance of our enhanced object-based storage system is comparable to that of the original one while offering an enhanced security. In addition, we have compared the performance of OSD systems with that of iSCSI and NFS. The write performance of an object-based storage system is much better because it can offload some tasks to storage devices, and the CPU usage at client side is also largely reduced.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Mesnier, M., Ganger, G.R., Reidel, E.: Object-Based Storage. IEEE Communications Magazine 41(8), 84–90 (2003)
Du, D., He, D., Hong, C., Jeong, J., Kher, V., Kim, Y., Lu, Y., Raghuveer, A., Sharafkandi, S.: Experiences Building an Object-Based Storage System based on the OSD T-10 Standard. In: MSST 2006 (2006)
SCSI Object-Based Storage Device Commands - 2(OSD-2), Project T10/1731-D, revision 0 (2004)
IBM Object Store http://www.haifa.il.ibm.com/projects/storage/objectstore/index.html/
Azagury, A., et al.: Towards an Object Store. In: MSS 2003 (2003)
Intel iSCSI/OSD reference implementation http://sourceforge.net/projects/intel-iscsi/
Satran, J., et al.: Draft-ietf-ips-iscsi-20 (2003)
Meth, K.Z., Santran, J.: Design of the iSCSI Protocol. In: MSS 2003 (2003)
SCSI Architecture Model - 4(SAM-4), Project T10/1683-D, revision 5(2006)
Factor, M., Nagle, D., Naor, D., Reidel, E., Satran, J.: The OSD security protocol. In: Proceedings of 3rd International IEEE Security in Storage Workshop (2005)
The Keyed-Hash Message Authentication Code. Federal Information Processing Standards Publication 198 (2006)
McEliece, R.J.: A public-key cryptosystem based on algebraic coding theory. JPL DSN Progress Report, 42-44, pp. 114–116 (1978)
Li, Y.-X., Li, D.-X., Wu, C.-K.: How to Generate a Random Nonsingular Matrix in McElieces Public-Key Cryptosystem. Singapore ICCS/ISITA, vol.1, pp. 268–269 (1992)
Preneel, B., Bosselaers, A., Govaerts, R., Vandewalle, J.: A Software Implementation of the Mceliece Public-Key Cryptosystem. In: Proceedings of the 13th Symposium on Information Theory in the Benelux, Werkgemeenschap voor Informatie- en Communicatietheorie, pp. 119–126 (1992)
Bonnie++ benchmark suit, http://www.coker.com.au/bonnie++/
Linux-iSCSI Project, http://linux-iscsi.soureforge.net
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Liu, PC., Hong, SK., Hsu, Y. (2007). Security Enhancement and Performance Evaluation of an Object-Based Storage System. In: Perrott, R., Chapman, B.M., Subhlok, J., de Mello, R.F., Yang, L.T. (eds) High Performance Computing and Communications. HPCC 2007. Lecture Notes in Computer Science, vol 4782. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-75444-2_41
Download citation
DOI: https://doi.org/10.1007/978-3-540-75444-2_41
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-75443-5
Online ISBN: 978-3-540-75444-2
eBook Packages: Computer ScienceComputer Science (R0)