How to Manage Persistent State in DRM Systems
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
Farsite: federated, available, and reliable storage for an incompletely trusted environment
ACM SIGOPS Operating Systems Review - OSDI '02: Proceedings of the 5th symposium on Operating systems design and implementation
Farsite: federated, available, and reliable storage for an incompletely trusted environment
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Strong Security for Network-Attached Storage
FAST '02 Proceedings of the 1st USENIX Conference on File and Storage Technologies
A Framework for Evaluating Storage System Security
FAST '02 Proceedings of the 1st USENIX Conference on File and Storage Technologies
Plutus: Scalable Secure File Sharing on Untrusted Storage
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
Block-Level Security for Network-Attached Disks
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
Toward securing untrusted storage without public-key operations
Proceedings of the 2005 ACM workshop on Storage security and survivability
Protecting file systems with transient authentication
Wireless Networks
GnatDb: a small-footprint, secure database system
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Towards a theory of data entanglement
Theoretical Computer Science
Stateless data concealment for distributed systems
Journal of Computer and System Sciences
Protect Disk Integrity: Solid Security, Fine Performance and Fast Recovery
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
PACISSO: P2P access control incorporating scalability and self-organization for storage systems
PACISSO: P2P access control incorporating scalability and self-organization for storage systems
Strong security for network-attached storage
FAST'02 Proceedings of the 1st USENIX conference on File and storage technologies
A framework for evaluating storage system security
FAST'02 Proceedings of the 1st USENIX conference on File and storage technologies
Plutus: scalable secure file sharing on untrusted storage
FAST'03 Proceedings of the 2nd USENIX conference on File and storage technologies
Block-level security for network-attached disks
FAST'03 Proceedings of the 2nd USENIX conference on File and storage technologies
LotusNet: Tunable privacy for distributed online social network services
Computer Communications
An NFSv4-Based security scheme for NAS
ISPA'05 Proceedings of the 2005 international conference on Parallel and Distributed Processing and Applications
An efficient way to build secure disk
ISPEC'06 Proceedings of the Second international conference on Information Security Practice and Experience
Protecting mass data basing on small trusted agent
ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
Multi-user dynamic proofs of data possession using trusted hardware
Proceedings of the third ACM conference on Data and application security and privacy
| Hi-index | 0.00 |
Abstract: All too often, decisions about whom to trust in computer systems are driven by the needs of system management rather than data security. In particular, data storage is often entrusted to people who have no role in creating or using the data-through outsourcing of data management, hiring of outside consultants to administer servers, or even collocation servers in physically insecure machine rooms to gain better network connectivity. This paper outlines the design of SUNDR, a network file system designed to run on untrusted servers. SUNDR servers can safely be managed by people who have no permission to read or write data stored in the file system. Thus, people can base their trust decisions on who needs to use data and their administrative decisions on how best to manage the data. Moreover, with SUNDR, attackers will no longer be able to wreak havoc by compromising servers and tampering with data. They will need to compromise clients while legitimate users are logged on. Since clients do not need to accept incoming network connections, they can more easily be firewalled and protected from compromise than servers.