Scale and performance in a distributed file system
ACM Transactions on Computer Systems (TOCS)
Distributed file systems: concepts and examples
ACM Computing Surveys (CSUR)
Separating key management from file system security
Proceedings of the seventeenth ACM symposium on Operating systems principles
Authenticating Network-Attached Storage
IEEE Micro
Strong Security for Network-Attached Storage
FAST '02 Proceedings of the Conference on File and Storage Technologies
A Framework for Evaluating Storage System Security
FAST '02 Proceedings of the Conference on File and Storage Technologies
Notes on Application-Orientated Access Control
DEXA '02 Proceedings of the 13th International Workshop on Database and Expert Systems Applications
The Design and Implementation of a Transparent Cryptographic File System for UNIX
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Cryptographic access control in a distributed file system
Proceedings of the eighth ACM symposium on Access control models and technologies
HOTOS '01 Proceedings of the Eighth Workshop on Hot Topics in Operating Systems
Implementation of a proactive load sharing scheme
Proceedings of the 2003 ACM symposium on Applied computing
Cryptographic File Systems Performance: What You Don't Know Can Hurt You
SISW '03 Proceedings of the Second IEEE International Security in Storage Workshop
Horus: fine-grained encryption-based security for high performance petascale storage
Proceedings of the sixth workshop on Parallel Data Storage
Horus: fine-grained encryption-based security for large-scale storage
FAST'13 Proceedings of the 11th USENIX conference on File and Storage Technologies
Hi-index | 0.00 |
With the growing number of Web applications and their variety, the need to prevent unauthorised access to data and to ensure data integrity in distributed systems has led to an increasing reliance on encryption. Within a node, a typical encryption process operates at file or directory level and applies indiscriminately one algorithm to its data. In this paper, a scheme is proposed whereby secrecy is achieved through file data and file location concealment, within a client-server distributed system. This involves the division of a file into fragments, their encryption and compression, the random allocation of these fragments to the nodes, the generation and transcription of metadata for reconstructing the original file, and finally the deletion of both the original file and its metadata from the local node. A prototype of the scheme was implemented and evaluated in terms of the performance of the distribution and recovery process.