skip to main content
10.1145/1103780.1103791acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
Article

Secure capabilities for a petabyte-scale object-based distributed file system

Published: 11 November 2005 Publication History

Abstract

Recently, the Network-Attached Secure Disk (NASD) model has become a more widely used technique for constructing large-scale storage systems. However, the security system proposed for NASD assumes that each client will contact the server to get a capability to access one object on a server. While this approach works well in smaller-scale systems in which each file is composed of a few objects, it fails for large-scale systems in which thousands of clients make accesses to a single file composed of thousands of objects spread across thousands of disks. The file system we are building, Ceph, distributes files across many objects and disks to distribute load and improve reliability. In such a system, the metadata server cluster will sometimes see thousands of open requests for the same file within seconds. To address this bottleneck, we propose new authentication protocols for object-based storage systems in which a sequence of fixed-size objects comprise a file and flash crowds are likely. We qualitatively evaluated the security and risks of each protocol, and, using traces of a scientific application, compared the overhead of each protocol. We found that, surprisingly, a protocol using public key cryptography incurred little extra cost while providing greater security than a protocol using only symmetric key cryptography.

References

[1]
M. K. Aguilera, M. Ji, M. Lillibridge, J. MacCormick, E. Oertli, D. Andersen, M. Burrows, T. Mann, and C. A. Thekkath. Block-level security for network-attached disks. In Proceedings of the Second USENIX Conference on File and Storage Technologies (FAST), pages 159--174, San Francisco, CA, 2003.
[2]
A. Azagury, R. Canetti, M. Factor, S. Halevi, E. Henis, D. Naor, N. Rinetzky, O. Rodeh, and J. Satran. A two layered approach for securing an object store network. In IEEE Security in Storage Workshop, pages 10--23, 2002.
[3]
K. Fu, M. F. Kaashoek, and D. Mazières. Fast and secure distributed read-only file system. In Proceedings of the 4th Symposium on Operating Systems Design and Implementation (OSDI), pages 181--196, San Diego, CA, Oct. 2000.
[4]
G. A. Gibson, D. F. Nagle, K. Amiri, J. Butler, F. W. Chang, H. Gobioff, C. Hardin, E. Riedel, D. Rochberg, and J. Zelenka. A cost-effective, high-bandwidth storage architecture. In Proceedings of the 8th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), pages 92--103, San Jose, CA, Oct. 1998.
[5]
H. Gobioff, G. Gibson, and D. Tygar. Security for network attached storage devices. Technical Report TR CMU-CS-97-185, Carniege Mellon, Oct. 1997.
[6]
H. Gobioff, D. Nagel, and G. Gibson. Embedded security for network attached storage. Technical Report TR CMU-CS-99-154, Carnegie-Mellon University, June 1999.
[7]
E.-J. Goh, H. Shacham, N. Modadugu, and D. Boneh. SiRiUS: Securing remote untrusted storage. In Proceedings of the 2003 Network and Distributed System Security Symposium, pages 131--145. Internet Society, Feb. 2003.
[8]
R. J. Honicky and E. L. Miller. Replication under scalable hashing: A family of algorithms for scalable decentralized data distribution. In Proceedings of the 18th International Parallel & Distributed Processing Symposium (IPDPS 2004), Santa Fe, NM, Apr. 2004.
[9]
J. H. Howard, M. L. Kazar, S. G. Menees, D. A. Nichols, M. Satyanarayanan, R. N. Sidebotham, and M. J. Wes. Scale and performance in a distributed file system. ACM Transactions on Computer Systems, 6(1):51--81, Feb. 1988.
[10]
M. Kallahalla, E. Riedel, R. Swaminathan, Q. Wang, and K. Fu. Plutus: scalable secure file sharing on untrusted storage. In Proceedings of the Second USENIX Conference on File and Storage Technologies (FAST), pages 29--42, San Francisco, CA, Mar. 2003.
[11]
J. Li, M. Krohn, D. Mazières, and D. Shasha. Secure untrusted data repository (SUNDR). In Proceedings of the 6th Symposium on Operating Systems Design and Implementation (OSDI), San Francisco, CA, Dec. 2004.
[12]
D. Mazières, M. Kaminsky, M. F. Kaashoek, and E. Witchel. Separating key management from file system security. In Proceedings of the 17th ACM Symposium on Operating Systems Principles (SOSP '99), pages 124--139, Dec. 1999.
[13]
M. K. McKusick, W. N. Joy, S. J. Leffler, and R. S. Fabry. A fast file system for UNIX. ACM Transactions on Computer Systems, 2(3):181--197, Aug. 1984.
[14]
E. L. Miller, D. D. E. Long, W. E. Freeman, and B. C. Reed. Strong security for network-attached storage. In Proceedings of the 2002 Conference on File and Storage Technologies (FAST), pages 1--13, Monterey, CA, Jan. 2002.
[15]
B. C. Neumann, J. G. Steiner, and J. I. Schiller. Kerberos: An authentication service for open network systems. In Proceedings of the Winter 1988 USENIX Technical Conference, pages 191--201, Dallas, TX, 1988.
[16]
K. T. Pollack and S. A. Brandt. Efficient access control for distributed hierarchical file systems. In Proceedings of the 22nd IEEE / 13th NASA Goddard Conference on Mass Storage Systems and Technologies, Apr. 2005.
[17]
B. C. Reed, E. G. Chron, R. C. Burns, and D. D. E. Long. Authenticating network-attached storage. IEEE Micro, 20(1):49--57, Jan. 2000.
[18]
J. T. Regan and C. D. Jensen. Capability file names: Separating authorisation from user management in an internet file system. In Proceedings of the Tenth USENIX Security Symposium, pages 221--234. USENIX, Aug. 2001.
[19]
R. Sandberg, D. Goldberg, S. Kleiman, D. Walsh, and B. Lyon. Design and implementation of the Sun network file system. In Proceedings of the Summer 1985 USENIX Technical Conference, pages 119--130, 1985.
[20]
F. Wang, S. A. Brandt, E. L. Miller, and D. D. E. Long. OBFS: A file system for object-based storage devices. In Proceedings of the 21st IEEE / 12th NASA Goddard Conference on Mass Storage Systems and Technologies, pages 283--300, College Park, MD, Apr. 2004.
[21]
S. A. Weil, K. T. Pollack, S. A. Brandt, and E. L. Miller. Dynamic metadata management for petabyte-scale file systems. In Proceedings of the 2004 ACM/IEEE Conference on Supercomputing (SC '04), Pittsburgh, PA, Nov. 2004.
[22]
Q. Xin, E. L. Miller, T. J. Schwarz, D. D. E. Long, S. A. Brandt, and W. Litwin. Reliability mechanisms for very large storage systems. In Proceedings of the 20th IEEE / 11th NASA Goddard Conference on Mass Storage Systems and Technologies, pages 146--156, Apr. 2003.

Cited By

View all
  • (2019)Multitenant Access Control for Cloud-Aware Distributed FilesystemsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2017.271583916:6(1070-1085)Online publication date: 1-Nov-2019
  • (2016)Authenticated Key Exchange Protocols for Parallel Network File SystemsIEEE Transactions on Parallel and Distributed Systems10.1109/TPDS.2015.238844727:1(92-105)Online publication date: 1-Jan-2016
  • (2010)A Proof-Carrying File SystemProceedings of the 2010 IEEE Symposium on Security and Privacy10.1109/SP.2010.28(349-364)Online publication date: 16-May-2010
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
StorageSS '05: Proceedings of the 2005 ACM workshop on Storage security and survivability
November 2005
150 pages
ISBN:159593233X
DOI:10.1145/1103780
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 November 2005

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. capabilities
  2. object-based storage
  3. scalability

Qualifiers

  • Article

Conference

CCS05
Sponsor:

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)2
  • Downloads (Last 6 weeks)0
Reflects downloads up to 16 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2019)Multitenant Access Control for Cloud-Aware Distributed FilesystemsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2017.271583916:6(1070-1085)Online publication date: 1-Nov-2019
  • (2016)Authenticated Key Exchange Protocols for Parallel Network File SystemsIEEE Transactions on Parallel and Distributed Systems10.1109/TPDS.2015.238844727:1(92-105)Online publication date: 1-Jan-2016
  • (2010)A Proof-Carrying File SystemProceedings of the 2010 IEEE Symposium on Security and Privacy10.1109/SP.2010.28(349-364)Online publication date: 16-May-2010
  • (2010)An Implementation of Object-Based Storage System Access Control Based on IBEProceedings of the 2010 Third International Symposium on Intelligent Information Technology and Security Informatics10.1109/IITSI.2010.53(635-639)Online publication date: 2-Apr-2010
  • (2010)The comparisons between public key and symmetric key cryptography in protecting storage systems2010 International Conference on Computer Application and System Modeling (ICCASM 2010)10.1109/ICCASM.2010.5620632(V4-494-V4-502)Online publication date: Oct-2010
  • (2010)Key Management for Large-Scale Distributed Storage SystemsPublic Key Infrastructures, Services and Applications10.1007/978-3-642-16441-5_7(99-113)Online publication date: 2010
  • (2009)Key management for large-scale distributed storage systemsProceedings of the 6th European conference on Public key infrastructures, services and applications10.5555/1927830.1927840(99-113)Online publication date: 10-Sep-2009
  • (2009)IBE Applied to Identity Authentication for Object-Based Storage SystemProceedings of the 2009 Fifth International Joint Conference on INC, IMS and IDC10.1109/NCM.2009.104(1681-1684)Online publication date: 25-Aug-2009
  • (2009)Identification and Authentication in Large-Scale Storage SystemsProceedings of the 2009 IEEE International Conference on Networking, Architecture, and Storage10.1109/NAS.2009.72(421-427)Online publication date: 9-Jul-2009
  • (2008)Design and Analysis of a Scalable Third-Party Storage Security ProtocolProceedings of the 2008 International Conference on Networking, Architecture, and Storage10.1109/NAS.2008.11(20-27)Online publication date: 12-Jun-2008
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media