On the Optimal Placement of Secure Data Objects over Internet
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Papers - Volume 01
An approach for fault tolerant and secure data storage in collaborative work environments
Proceedings of the 2005 ACM workshop on Storage security and survivability
Robust computational secret sharing and a unified account of classical secret-sharing goals
Proceedings of the 14th ACM conference on Computer and communications security
DARAW: a new write buffer to improve parallel I/O energy-efficiency
Proceedings of the 2009 ACM symposium on Applied Computing
Subquery allocation problem and heuristics for secret sharing distributed database system
Journal of Computer Systems, Networks, and Communications
DISC'07 Proceedings of the 21st international conference on Distributed Computing
| Hi-index | 0.00 |
We present the design of a distributed store that offers various levels of security guarantees while tolerating a limited number of nodes that are compromised by an adversary. The store uses secret sharing schemes to offer security guarantees, namely, availability, confidentiality, and integrity. However, a pure secret sharing scheme could suffer from performance problems and high access costs. We integrate secret sharing with replication for better performance and to keep access costs low. The trade offs involved between availability and access cost on one hand and confidentiality and integrity on the other are analyzed. Our system differs from traditional approaches such as state machine or quorum-based replication that have been developed to tolerate Byzantine failures. Unlike such systems, we augment replication with secret sharing and offer weaker consistency guarantees. We demonstrate that such a hybrid scheme offers additional flexibility that is not possible with replication alone.