The design and implementation of a log-structured file system
SOSP '91 Proceedings of the thirteenth ACM symposium on Operating systems principles
Practical Byzantine fault tolerance
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Web caching with consistent hashing
WWW '99 Proceedings of the eighth international conference on World Wide Web
Separating key management from file system security
Proceedings of the seventeenth ACM symposium on Operating systems principles
A compact and fast hybrid signature scheme for multicast packet authentication
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Communications of the ACM
A Digital Signature Based on a Conventional Encryption Function
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Digital Signatures for Flows and Multicasts
ICNP '98 Proceedings of the Sixth International Conference on Network Protocols
How to build a trusted database system on untrusted storage
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Proactive recovery in a Byzantine-fault-tolerant system
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
The exact security of digital signatures-how to sign with RSA and Rabin
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
SSL splitting: securely serving data from untrusted caches
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
Securing distributed storage: challenges, techniques, and systems
Proceedings of the 2005 ACM workshop on Storage security and survivability
Verifiable audit trails for a versioning file system
Proceedings of the 2005 ACM workshop on Storage security and survivability
Improved proxy re-encryption schemes with applications to secure distributed storage
ACM Transactions on Information and System Security (TISSEC)
Secure code distribution in dynamically programmable wireless sensor networks
Proceedings of the 5th international conference on Information processing in sensor networks
Design and implementation of a secure wide-area object middleware
Computer Networks: The International Journal of Computer and Telecommunications Networking
Slinky: static linking reloaded
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Secure data replication over untrusted hosts
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Secure untrusted data repository (SUNDR)
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
SSL splitting: securely serving data from untrusted caches
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Efficient fork-linearizable access to untrusted shared memory
Proceedings of the twenty-sixth annual ACM symposium on Principles of distributed computing
Proceedings of the 2007 ACM workshop on Storage security and survivability
Non-volatile memory and disks:: avenues for policy architectures
Proceedings of the 2007 ACM workshop on Computer security architecture
Stork: package management for distributed VM environments
LISA'07 Proceedings of the 21st conference on Large Installation System Administration Conference
Integrity checking in cryptographic file systems with constant trusted storage
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Decentralized access control in distributed file systems
ACM Computing Surveys (CSUR)
Efficient Content Authentication in Peer-to-Peer Networks
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
Athos: Efficient Authentication of Outsourced File Systems
ISC '08 Proceedings of the 11th international conference on Information Security
Proceedings of the 15th ACM conference on Computer and communications security
Efficient integrity checking of untrusted network storage
Proceedings of the 4th ACM international workshop on Storage security and survivability
Resilient software mirroring with untrusted third parties
Proceedings of the 1st International Workshop on Hot Topics in Software Upgrades
Scrivener: providing incentives in cooperative content distribution systems
Proceedings of the ACM/IFIP/USENIX 2005 International Conference on Middleware
Generating realistic impressions for file-system benchmarking
FAST '09 Proccedings of the 7th conference on File and storage technologies
Protect Disk Integrity: Solid Security, Fine Performance and Fast Recovery
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
MPISec I/O: Providing Data Confidentiality in MPI-I/O
CCGRID '09 Proceedings of the 2009 9th IEEE/ACM International Symposium on Cluster Computing and the Grid
Generating realistic impressions for file-system benchmarking
ACM Transactions on Storage (TOS)
SSL splitting: Securely serving data from untrusted caches
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
On protecting integrity and confidentiality of cryptographic file system for outsourced storage
Proceedings of the 2009 ACM workshop on Cloud computing security
Proceedings of the 5th international conference on Emerging networking experiments and technologies
PACISSO: P2P access control incorporating scalability and self-organization for storage systems
PACISSO: P2P access control incorporating scalability and self-organization for storage systems
Managing trust and reputation in the XenoServer open platform
iTrust'03 Proceedings of the 1st international conference on Trust management
EC-Web'07 Proceedings of the 8th international conference on E-commerce and web technologies
Super-efficient aggregating history-independent persistent authenticated dictionaries
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
TrustStore: Making Amazon S3 Trustworthy with Services Composition
CCGRID '10 Proceedings of the 2010 10th IEEE/ACM International Conference on Cluster, Cloud and Grid Computing
CCCP: secure remote storage for computational RFIDs
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Keypad: an auditing file system for theft-prone devices
Proceedings of the sixth conference on Computer systems
Authenticated Dictionaries: Real-World Costs and Trade-Offs
ACM Transactions on Information and System Security (TISSEC)
Communications of the ACM
Depot: Cloud Storage with Minimal Trust
ACM Transactions on Computer Systems (TOCS)
Efficient audit service outsourcing for data integrity in clouds
Journal of Systems and Software
Scrivener: providing incentives in cooperative content distribution systems
Middleware'05 Proceedings of the ACM/IFIP/USENIX 6th international conference on Middleware
Dissent in numbers: making strong anonymity scale
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Iris: a scalable cloud file system with efficient integrity checks
Proceedings of the 28th Annual Computer Security Applications Conference
Towards verifiable resource accounting for outsourced computation
Proceedings of the 9th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Robustness in the Salus scalable block store
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
ACM SIGOPS 24th Symposium on Operating Systems Principles
Replication, history, and grafting in the Ori file system
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
Hi-index | 0.02 |
Internet users increasingly rely on publicly available data for everything from software installation to investment decisions. Unfortunately, the vast majority of public content on the Internet comes with no integrity or authenticity guarantees. This paper presents the self-certifying read-only file system, a content distribution system providing secure, scalable access to public, read-only data.The read-only file system makes the security of published content independent from that of the distribution infrastructure. In a secure area (perhaps off-line), a publisher creates a digitally signed database out of a file system's contents. The publisher then replicates the database on untrusted content-distribution servers, allowing for high availability.The read-only file system avoids performing any cryptographic operations on servers and keeps the overhead of cryptography low on clients, allowing servers to scale to a large number of clients. Measurements of an implementation show that an individual server running on a 550-Mhz Pentium III with FreeBSD can support 1,012 connections per second and 300 concurrent clients compiling a large software package.