Strong Security for Distributed File Systems - PowerPoint PPT Presentation

1 / 31
About This Presentation
Title:

Strong Security for Distributed File Systems

Description:

Reader has sufficient information to verify the end-to-end integrity of the data ... Cryptographic hashes are used to insure data integrity ... – PowerPoint PPT presentation

Number of Views:37
Avg rating:3.0/5.0
Slides: 32
Provided by: jonathan306
Category:

less

Transcript and Presenter's Notes

Title: Strong Security for Distributed File Systems


1
Strong Security for Distributed File Systems
  • Group A3
  • Ka Hou Wong
  • Jahanzeb Faizan
  • Jonathan Sippel

2
Introduction
  • Presenter Ka Hou Wong

3
Introduction
  • Security is important because a violation could
    cost billions of dollars
  • As network-attached disks are getting popular, we
    need to improve existing file systems to support
    security
  • This paper presents Secure Network-Attached Disks
    (SNAD)

4
Features
  • Store and transfer all data encrypted
  • Decrypt data only in a client workstation
  • If the disk is physically stolen, the thief
    cannot access the information
  • Ability to detect forged data
  • Little overhead because the disk performs secure
    hashes only

5
Shortcomings of Existing File Systems
  • Store information in clear text
  • Rely upon trusted file servers not to alter the
    original information
  • Do not deal with issues such as sharing files
    between users

6
Design Goals
  • End-to-end encryption of all file system data and
    metadata
  • Only authorized people can access the data
  • Data integrity
  • Ability to detect modified data
  • Flexibility
  • Easy to share files
  • Performance and scalability
  • No one wants to use a file system as slow as a
    turtle

7
Basic Mechanisms
  • Encrypt all data at client
  • Server has sufficient info to authenticate the
    writer
  • Reader has sufficient information to verify the
    end-to-end integrity of the data
  • Uses standard cryptographic tools
  • Public-key cryptography
  • Extensive use of cryptographic hashes and keyed
    hashes such as Hashed Message Authentication
    Codes (HMAC)

8
SNAD Data Structures
  • Presenter Jahanzeb Faizan

9
SNAD Data Structures
  • Four basic structures
  • Data Objects
  • File Objects
  • Key Objects
  • Certificate Objects
  • Storage
  • Contiguous blocks of data, or
  • Data (actual) in file system and remainder in
    some special structures (I-nodes in UNIX)

10
Secure Data Object (SDO)
  • Minimum unit of data that can be read or written
  • Corresponds to a file block

Block Security Info
Block ID
User IDs
Timestamp
Initialization Vector
Data
11
File Object
  • Composed of one or more data objects along with
    per file metadata
  • Metadata consists of
  • Block pointers
  • File size
  • Time stamping
  • Pointer to a key object

12
Key Object
  • Uses encryption key to encrypt files
  • Used for more than one file
  • Corresponds to a UNIX group

13
Key Object (cont.)
Key File ID User ID Signature
User ID Encrypted Key Permission
User ID Encrypted Key Permission
User ID Encrypted Key Permission
14
Certificate Object
  • Each server contains a single Certificate Object
  • Contains administrative and cryptographic
    information about each SNAD user
  • Used to authenticate users and do basic storage
    management

15
Certificate Object (cont.)
User ID Public Key HMAC Key Timestamp
User ID Public Key HMAC Key Timestamp
User ID Public Key HMAC Key Timestamp
16
Overall Organization
File objects sharing a single key object (the two
files have the same access controls)
17
Overhead
18
SNAD Security Schemes
  • Presenter Jonathan Sippel

19
SNAD Security Schemes
  • Goal
  • To provide authenticated, encrypted storage
  • Problem
  • Encryption/decryption times are not easily
    reduced
  • Solution
  • Symmetric algorithms are relatively fast
  • Different methods of authentication are available
    which vary in security and speed

20
SNAD Security Schemes (cont.)
  • Reading and writing of authenticated data
  • User is required to give a private key to the
    client
  • User opens the file and reads the key object
  • Appropriate field of key object is decrypted to
    obtain symmetric encryption key for the file
  • Symmetric encryption key is used to encrypt data
    before sending it to the server and after
    receiving it from the server

21
Scheme 1
  • Most secure
  • Requires the user to sign the checksum of every
    block written using public-key encryption
  • Requires the server to authenticate every block
    before writing it
  • Allows the system to track the writer for each
    block
  • Signature generation and checking are slow

22
Scheme 1 (cont.)
  • Read
  • Server operations are not required
  • Client verification of hash and signature
  • Write
  • Client encrypts each data block
  • Client computes a hash over entire data object
  • Client signs hash using the users private key
  • Server compares recomputed hash against signed
    hash

23
Scheme 1 (cont.)
Operation Read Read Write Write
Operation Client NAS Client NAS
En/Decrypt X X
Hash X X X
Signature X
Verification X X
24
Scheme 2
  • Signature check on server is replaced with a
    Message Authentication Code (MAC) check
  • Client still generates a signature and checks it
    upon reading a block
  • Server is freed from time consuming verification
  • Overall performance is improved

25
Scheme 2 (cont.)
  • Read
  • Server operations are not required
  • Client verification of hash and signature
  • Write
  • Client performs a cryptographic hash on the block
    and signs it
  • Client calculates a HMAC on the SDO using the
    shared secret HMAC key
  • Server computes HMAC using shared secret key from
    the certificate object and compares it to the one
    received from the client

26
Scheme 2 (cont.)
Operation Read Read Write Write
Operation Client NAS Client NAS
En/Decrypt X X
Hash X X X
Signature X
Verification X
27
Scheme 3
  • Signatures are eliminated
  • Cryptographic hashes are used to insure data
    integrity
  • Considerably faster because no signature
    generation/checking is involved
  • Not possible to verify who wrote the block last

28
Scheme 3 (cont.)
  • Read
  • Server calculates the HMAC using the key provided
    by the user requesting the data
  • Client verifies the hash and performs a checksum
    on the decrypted data
  • Write
  • Client encrypts the SDO and calculates a HMAC
    over the encrypted data
  • Server authenticates the write by computing the
    HMAC using the shared secret key from the
    certificate object

29
Scheme 3 (cont.)
Operation Read Read Write Write
Operation Client NAS Client NAS
En/Decrypt X X
Hash X X X X
Signature
Verification
30
Performance Results
31
Conclusions
  • SNAD
  • Solves many performance and security problems
    found today
  • Provides user confidentiality and integrity
  • Performs better and is more reliable than
    centralized file servers
  • Improves performance and scalability with
    decentralized security functionality
  • Eliminates a single point of failure
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Strong Security for Distributed File Systems" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!