A cryptographic file system for UNIX
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Fast and secure distributed read-only file system
ACM Transactions on Computer Systems (TOCS)
The Design and Implementation of a Transparent Cryptographic File System for UNIX
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Unifying File System Protection
Proceedings of the General Track: 2002 USENIX Annual Technical Conference
Secure untrusted data repository (SUNDR)
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Cryptographic Security for a High-Performance Distributed File System
MSST '07 Proceedings of the 24th IEEE Conference on Mass Storage Systems and Technologies
Pors: proofs of retrievability for large files
Proceedings of the 14th ACM conference on Computer and communications security
Provable data possession at untrusted stores
Proceedings of the 14th ACM conference on Computer and communications security
Integrity checking in cryptographic file systems with constant trusted storage
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Athos: Efficient Authentication of Outsourced File Systems
ISC '08 Proceedings of the 11th international conference on Information Security
Compact Proofs of Retrievability
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Proofs of Retrievability via Hardness Amplification
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Dynamic provable data possession
Proceedings of the 16th ACM conference on Computer and communications security
Proofs of retrievability: theory and implementation
Proceedings of the 2009 ACM workshop on Cloud computing security
Enabling public verifiability and data dynamics for storage security in cloud computing
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Venus: verification for untrusted cloud storage
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
Depot: cloud storage with minimal trust
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
SPORC: group collaboration using untrusted cloud resources
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Fair and dynamic proofs of retrievability
Proceedings of the first ACM conference on Data and application security and privacy
Keypad: an auditing file system for theft-prone devices
Proceedings of the sixth conference on Computer systems
Plutus: scalable secure file sharing on untrusted storage
FAST'03 Proceedings of the 2nd USENIX conference on File and storage technologies
Enabling security in cloud storage SLAs with CloudProof
USENIXATC'11 Proceedings of the 2011 USENIX conference on USENIX annual technical conference
To cloud or not to cloud?: musings on costs and viability
Proceedings of the 2nd ACM Symposium on Cloud Computing
New approaches to security and availability for cloud data
Communications of the ACM
Towards self-repairing replication-based storage systems using untrusted clouds
Proceedings of the third ACM conference on Data and application security and privacy
Robustness in the Salus scalable block store
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
Practical dynamic proofs of retrievability
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
PoWerStore: proofs of writing for efficient and robust storage
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.02 |
We present Iris, a practical, authenticated file system designed to support workloads from large enterprises storing data in the cloud and be resilient against potentially untrustworthy service providers. As a transparent layer enforcing strong integrity guarantees, Iris lets an enterprise tenant maintain a large file system in the cloud. In Iris, tenants obtain strong assurance not just on data integrity, but also on data freshness, as well as data retrievability in case of accidental or adversarial cloud failures. Iris offers an architecture scalable to many clients (on the order of hundreds or even thousands) issuing operations on the file system in parallel. Iris includes new optimization and enterprise-side caching techniques specifically designed to overcome the high network latency typically experienced when accessing cloud storage. Iris also includes novel erasure coding techniques for the first efficient construction of a dynamic Proofs of Retrievability (PoR) protocol over the entire file system. We describe our architecture and experimental results on a prototype version of Iris. Iris achieves end-to-end throughput of up to 260MB per second for 100 clients issuing simultaneous requests on the file system. (This limit is dictated by the available network bandwidth and maximum hard drive throughput.) We demonstrate that strong integrity protection in the cloud can be achieved with minimal performance degradation.