Scale and performance in a distributed file system
ACM Transactions on Computer Systems (TOCS)
Checking the correctness of memories
SFCS '91 Proceedings of the 32nd annual symposium on Foundations of computer science
A cryptographic file system for UNIX
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Unifying File System Protection
Proceedings of the General Track: 2002 USENIX Annual Technical Conference
AEGIS: architecture for tamper-evident and tamper-resistant processing
ICS '03 Proceedings of the 17th annual international conference on Supercomputing
Caches and Hash Trees for Efficient Memory Integrity Verification
HPCA '03 Proceedings of the 9th International Symposium on High-Performance Computer Architecture
Protecting the Integrity of an Entire File System
IEEE-IWIA '03 Proceedings of the First IEEE International Workshop on Information Assurance (IWIA'03)
HOTOS '01 Proceedings of the Eighth Workshop on Hot Topics in Operating Systems
Fast and secure distributed read-only file system
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
A new paradigm for collision-free hashing: incrementality at reduced cost
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Protect Disk Integrity: Solid Security, Fine Performance and Fast Recovery
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
Hi-index | 0.00 |
Protecting data confidentiality and integrity is important to ensure secure computing. Approach that integrates encryption and hash tree based verification is proposed here to protect disk data. Together with sector-level operation, it can provide protection with characters as online checking, high resistance against attacks, any data protection and unified low-level mechanism. To achieve satisfied performance, it adopts a special structure hash tree, and defines hash sub-trees corresponding to the frequently accessed disk regions as hot-access-windows. Utilizing hot-access-windows, simplifying the layout of tree structure and correctly buffering portion nodes of hash tree, it can reduce the cost of protection sufficiently. At the same time, it is convenient for fast recovery to maintain consistency effectively. Related model, approach and system realization are elaborated, as well as testing results. Theoretical analysis and experimental simulation show that it is a practical and available way to build secure disk.