The OSD security protocol

Author

Factor, Michael ; Nagle, David ; Naor, Dalit ; Riedel, Erik ; Satran, Julian

Author_Institution

IBM Haifa Res. Lab.

fYear

2005

fDate

13-13 Dec. 2005

Lastpage

39

Abstract

The ANSI T10 object-based storage devices (OSD) standard is a new standard. It evolves the storage interface from fixed size blocks to variable size objects and includes an integrated security protocol that protects storage. This paper presents the requirements, the design tradeoffs, and the final security protocol as defined in the standard. The resulting protocol is based on a secure capability-based model, enabling fine-grained access control that protects both the entire storage device and individual objects from unauthorized access. The protocol defines three methods of security based on the applications´ requirements. Furthermore, the protocol´s key management algorithm allows keys to be changed quickly, without disrupting normal operations. Finally, the protocol is currently being enhanced for version 2.0 of the ANSI T10 OSD standard; future extensions include data-encryption and access-control on sections of storage objects

Keywords

authorisation; cryptography; protocols; storage management; ANSI T10 OSD standard; fine-grained access control; integrated security protocol; key management algorithm; object-based storage device; secure capability-based model; storage interface; ANSI standards; Access control; Access protocols; Conferences; Cryptography; Data security; Design engineering; Protection; Prototypes; Secure storage;

fLanguage

English

Publisher

ieee

Conference_Titel

Security in Storage Workshop, 2005. SISW '05. Third IEEE International

Conference_Location

San Francisco, CA

Print_ISBN

0-7695-2537-7

Type

conf

DOI

10.1109/SISW.2005.12

Filename

1628480