Alysson Bessani
Miguel Correia
ABSTRACT
The increasing popularity of cloud storage services has lead companies that handle critical data to think about using these services for their storage needs. Medical record databases, power system historical information and financial data are some examples of critical data that could be moved to the cloud. However, the reliability and security of data stored in the cloud still remain major concerns. In this paper we present DEPSKY, a system that improves the availability, integrity and confidentiality of information stored in the cloud through the encryption, encoding and replication of the data on diverse clouds that form a cloud-of-clouds. We deployed our system using four commercial clouds and used PlanetLab to run clients accessing the service from different countries. We observed that our protocols improved the perceived availability and, in most cases, the access latency when compared with cloud providers individually. Moreover, the monetary costs of using DEPSKY on this scenario is twice the cost of using a single cloud, which is optimal and seems to be a reasonable cost, given the benefits.
- Amazon S3 FAQ: What data consistency model does amazon S3 employ? http://aws.amazon.com/s3/faqs/, 2010.Google Scholar
- Project TCLOUDS -- trustworthy clouds - privacy and resilience for Internet-scale critical infrastructure. http://www.tclouds-project.eu/, 2010.Google Scholar
- UK NHS Systems and Services. http://www.connectingforhealth.nhs.uk/, 2010.Google Scholar
- Ittai Abraham, Gregory Chockler, Idit Keidar, and Dahlia Malkhi. Byzantine disk Paxos: optimal resilience with Byzantine shared memory. Distributed Computing, 18 (5): 387--408, April 2006.Google ScholarDigital Library
- Hussam Abu-Libdeh, Lonnie Princehouse, and Hakim Weatherspoon. RACS: A case for cloud storage diversity. Proc. of the 1st ACM Symposium on Cloud Computing, pages 229--240, June 2010. Google ScholarDigital Library
- Hagit Attiya and Amir Bar-Or. Sharing memory with semi-Byzantine clients and faulty storage servers. In Proc. of the 22rd IEEE Symposium on Reliable Distributed Systems - SRDS 2003, pages 174--183, October 2003.Google ScholarCross Ref
- Alysson N. Bessani, Eduardo P. Alchieri, Miguel Correia, and Joni S. Fraga. DepSpace: a Byzantine fault-tolerant coordination service. In Proc. of the 3rd ACM European Systems Conference -- EuroSys'08, pages 163--176, April 2008. Google ScholarDigital Library
- Kevin D. Bowers, Ari Juels, and Alina Oprea. HAIL: a high-availability and integrity layer for cloud storage. In Proc. of the 16th ACM Conference on Computer and Communications Security - CCS'09, pages 187--198, 2009. Google ScholarDigital Library
- Matthias Brantner, Daniela Florescu, David Graf, Donald Kossmann, and Tim Kraska. Building a database on S3. In Proc. of the 2008 ACM SIGMOD International Conference on Management of Data, pages 251--264, 2008. Google ScholarDigital Library
- Christian Cachin and Stefano Tessaro. Optimal resilience for erasure-coded Byzantine distributed storage. In Proc. of the Int. Conference on Dependable Systems and Networks - DSN 2006, pages 115--124, June 2006. Google ScholarDigital Library
- Gregory Chockler, Rachid Guerraoui, Idit Keidar, and Marko Vukolić. Reliable distributed storage. IEEE Computer, 42 (4): 60--67, 2009. Google ScholarDigital Library
- Gregory Chockler and Dahlia Malkhi. Active disk Paxos with infinitely many processes. In Proc. of the 21st Symposium on Principles of Distributed Computing -- PODC'02, pages 78--87, 2002. Google ScholarDigital Library
- Ariel J. Feldman, William P. Zeller, Michael J. Freedman, and Edward W. Felten. SPORC: Group collaboration using untrusted cloud resources. In Proc. of the 9th USENIX Symposium on Operating Systems Design and Implementation -- OSDI'10, pages 337--350, October 2010. Google ScholarDigital Library
- Eli Gafni and Leslie Lamport. Disk Paxos. Distributed Computing, 16 (1): 1--20, 2003. Google ScholarDigital Library
- Sanjay Ghemawat, Howard Gobioff, and Shun-Tak Leung. The Google file system. In Proc. of the 19th ACM Symposium on Operating Systems Principles -- SOSP'03, pages 29--43, 2003. Google ScholarDigital Library
- Garth Gibson, David Nagle, Khalil Amiri, Jeff Butler, Fay Chang, Howard Gobioff, Charles Hardin, Erik Riedel, David Rochberg, and Jim Zelenka. A cost-effective, high-bandwidth storage architecture. In Proc. of the 8th Int. Conference on Architectural Support for Programming Languages and Operating Systems - ASPLOS'98, pages 92--103, 1998. Google ScholarDigital Library
- Garth Goodson, Jay Wylie, Gregory Ganger, and Micheal Reiter. Efficient Byzantine-tolerant erasure-coded storage. In Proc. of the Int. Conference on Dependable Systems and Networks - DSN'04, pages 135--144, June 2004. Google ScholarDigital Library
- Melvin Greer. Survivability and information assurance in the cloud. In Proc. of the 4th Workshop on Recent Advances in Intrusion-Tolerant Systems -- WRAITS'10, 2010. Google ScholarDigital Library
- James Hamilton. On designing and deploying Internet-scale services. In Proc. of the 21st Large Installation System Administration Conference -- LISA'07, pages 231--242, 2007. Google ScholarDigital Library
- James Hendricks, Gregory Ganger, and Michael Reiter. Low-overhead byzantine fault-tolerant storage. In Proc. of the 21st ACM Symposium on Operating Systems Principles -- SOSP'07, pages 73--86, 2007. Google ScholarDigital Library
- Alyssa Henry. Cloud storage FUD (failure, uncertainty, and durability). Keynote Address at the 7th USENIX Conference on File and Storage Technologies, February 2009.Google Scholar
- Maurice Herlihy, Victor Lucangco, and Mark Moir. Obstruction-free syncronization: double-ended queues as an example. In Proc. of the 23th IEEE Int. Conference on Distributed Computing Systems - ICDCS 2003, pages 522--529, July 2003. Google ScholarDigital Library
- Patrick Hunt, Mahadev Konar, Flavio Junqueira, and Benjamin Reed. Zookeeper: Wait-free coordination for Internet-scale services. In Proc. of the USENIX Annual Technical Conference -- ATC 2010, pages 145--158, June 2010. Google ScholarDigital Library
- Prasad Jayanti, Tushar Deepak Chandra, and Sam Toueg. Fault-tolerant wait-free shared objects. Journal of the ACM, 45 (3): 451--500, May 1998. Google ScholarDigital Library
- Hugo Krawczyk. Secret sharing made short. In Proc. of the 13th Int. Cryptology Conference -- CRYPTO'93, pages 136--146, August 1993. Google ScholarDigital Library
- Leslie Lamport. On interprocess communication (part II). Distributed Computing, 1 (1): 203--213, January 1986.Google Scholar
- Leslie Lamport, Robert Shostak, and Marshall Pease. The Byzantine generals problem. ACM Transactions on Programing Languages and Systems, 4 (3): 382--401, July 1982. Google ScholarDigital Library
- Barbara Liskov and Rodrigo Rodrigues. Tolerating Byzantine faulty clients in a quorum system. In Proc. of the 26th IEEE Int. Conference on Distributed Computing Systems - ICDCS'06, July 2006. Google ScholarDigital Library
- Prince Mahajan, Srinath Setty, Sangmin Lee, Allen Clement, Lorenzo Alvisi, Mike Dahlin, and Michael Walfish. Depot: Cloud storage with minimal trust. In Proc. of the 9th USENIX Symposium on Operating Systems Design and Implementation -- OSDI 2010, pages 307--322, October 2010. Google ScholarDigital Library
- Dahlia Malkhi and Michael Reiter. Byzantine quorum systems. Distributed Computing, 11 (4): 203--213, 1998. Google ScholarDigital Library
- Dahlia Malkhi and Michael Reiter. Secure and scalable replication in Phalanx. In Proc. of the 17th IEEE Symposium on Reliable Distributed Systems - SRDS'98, pages 51--60, October 1998. Google ScholarDigital Library
- Jean-Philippe Martin, Lorenzo Alvisi, and Mike Dahlin. Minimal Byzantine storage. In Proc. of the 16th Int. Symposium on Distributed Computing -- DISC 2002, pages 311--325, 2002. Google ScholarDigital Library
- John C. McCullough, JohnDunagan, Alec Wolman, and Alex C. Snoeren. Stout: An adaptive interface to scalable cloud storage. In Proc. of the USENIX Annual Technical Conference -- ATC 2010, pages 47--60, June 2010. Google ScholarDigital Library
- Cade Metz. DDoS attack rains down on Amazon cloud. The Register, October 2009. http://www.theregister.co.uk/2009/10/05/amazon_bitbucket_outage/.Google Scholar
- Kiran-Kumar Muniswamy-Reddy, Peter Macko, and Margo Seltzer. Provenance for the cloud. In Proc. of the 8th USENIX Conference on File and Storage Technologies -- FAST'10, pages 197--210, 2010. Google ScholarDigital Library
- Erica Naone. Are we safeguarding social data? Technology Review published by MIT Review, http://www.technologyreview.com/blog/editors/22924/, February 2009.Google Scholar
- James S. Plank. Jerasure: A library in C/C facilitating erasure coding for storage applications. Technical Report CS-07-603, University of Tennessee, September 2007.Google Scholar
- Michael Rabin. Efficient dispersal of information for security, load balancing, and fault tolerance. Journal of the ACM, 36 (2): 335--348, February 1989. Google ScholarDigital Library
- David Sarno. Microsoft says lost sidekick data will be restored to users. Los Angeles Times, Oct. 15th 2009.Google Scholar
- Berry Schoenmakers. A simple publicly verifiable secret sharing scheme and its application to electronic voting. In Proc. of the 19th Int. Cryptology Conference -- CRYPTO'99, pages 148--164, August 1999. Google ScholarDigital Library
- Adi Shamir. How to share a secret. Communications of ACM, 22 (11): 612--613, November 1979. Google ScholarDigital Library
- Alexander Shraer, Christian Cachin, Asaf Cidon, Idit Keidar, Yan Michalevsky, and Dani Shaket. Venus: Verification for untrusted cloud storage. In Proc. of the ACM Cloud Computing Security Workshop -- CCSW'10, 2010. Google ScholarDigital Library
- Mark W. Storer, Kevin M. Greenan, Ethan L. Miller, and Kaladhar Voruganti. Potshards: Secure long-term storage without encryption. In Proc. of the USENIX Annual Technical Conference -- ATC 2007, pages 143--156, June 2007. Google ScholarDigital Library
- Werner Vogels. Eventually consistent. Communications of the ACM, 52 (1): 40--44, 2009. Google ScholarDigital Library
- Michael Vrable, Stefan Savage, and Geoffrey M. Voelker. Cumulus: Filesystem backup to the cloud. ACM Transactions on Storage, 5 (4): 1--28, 2009. Google ScholarDigital Library
- Marko Vukolic. The Byzantine empire in the intercloud. ACM SIGACT News, 41 (3): 105--111, 2010. Google ScholarDigital Library
- Sage A. Weil, Scott A. Brandt, Ethan L. Miller, Darrell D. E. Long, and Carlos Maltzahn. Ceph: A scalable, high-performance distributed file system. In Proc. of the 7th USENIX Symposium on Operating Systems Design and Implementation -- OSDI 2006, pages 307--320, 2006. Google ScholarDigital Library
Index Terms
- DepSky: dependable and secure storage in a cloud-of-clouds
Recommendations
RACS: a case for cloud storage diversity
SoCC '10: Proceedings of the 1st ACM symposium on Cloud computingThe increasing popularity of cloud storage is leading organizations to consider moving data out of their own data centers and into the cloud. However, success for cloud storage providers can present a significant risk to customers; namely, it becomes ...
DepSky: Dependable and Secure Storage in a Cloud-of-Clouds
The increasing popularity of cloud storage services has lead companies that handle critical data to think about using these services for their storage needs. Medical record databases, large biomedical datasets, historical information about power systems ...
Cloud Storage as the Infrastructure of Cloud Computing
ICICCI '10: Proceedings of the 2010 International Conference on Intelligent Computing and Cognitive InformaticsAs an emerging technology and business paradigm, Cloud Computing has taken commercial computing by storm. Cloud computing platforms provide easy access to a company’s high-performance computing and storage infrastructure through web services. With cloud ...
Comments