Stateless data concealment for distributed systems

Authors:
Rachid Anane;Sukhvir Dhillon;Behzad Bordbar
Affiliations:
Department of Computer and Network Systems, Coventry University, UK;School of Computer Science, University of Birmingham, UK;School of Computer Science, University of Birmingham, UK
Venue:
Journal of Computer and System Sciences
Year:
2008

Citing 12
Cited 2

Scale and performance in a distributed file system

ACM Transactions on Computer Systems (TOCS)
Distributed file systems: concepts and examples

ACM Computing Surveys (CSUR)
Separating key management from file system security

Proceedings of the seventeenth ACM symposium on Operating systems principles
Authenticating Network-Attached Storage

IEEE Micro
Strong Security for Network-Attached Storage

FAST '02 Proceedings of the Conference on File and Storage Technologies
A Framework for Evaluating Storage System Security

FAST '02 Proceedings of the Conference on File and Storage Technologies
Notes on Application-Orientated Access Control

DEXA '02 Proceedings of the 13th International Workshop on Database and Expert Systems Applications
The Design and Implementation of a Transparent Cryptographic File System for UNIX

Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Cryptographic access control in a distributed file system

Proceedings of the eighth ACM symposium on Access control models and technologies
Don't Trust Your File Server

HOTOS '01 Proceedings of the Eighth Workshop on Hot Topics in Operating Systems
Implementation of a proactive load sharing scheme

Proceedings of the 2003 ACM symposium on Applied computing
Cryptographic File Systems Performance: What You Don't Know Can Hurt You

SISW '03 Proceedings of the Second IEEE International Security in Storage Workshop

Horus: fine-grained encryption-based security for high performance petascale storage

Proceedings of the sixth workshop on Parallel Data Storage
Horus: fine-grained encryption-based security for large-scale storage

FAST'13 Proceedings of the 11th USENIX conference on File and Storage Technologies

Quantified Score

Hi-index	0.00

Visualization

Abstract

With the growing number of Web applications and their variety, the need to prevent unauthorised access to data and to ensure data integrity in distributed systems has led to an increasing reliance on encryption. Within a node, a typical encryption process operates at file or directory level and applies indiscriminately one algorithm to its data. In this paper, a scheme is proposed whereby secrecy is achieved through file data and file location concealment, within a client-server distributed system. This involves the division of a file into fragments, their encryption and compression, the random allocation of these fragments to the nodes, the generation and transcription of metadata for reconstructing the original file, and finally the deletion of both the original file and its metadata from the local node. A prototype of the scheme was implemented and evaluated in terms of the performance of the distribution and recovery process.