Responsive security for stored data

Author

Lakshmanan, Subramanian ; Ahamad, Mustaque ; Venkateswaran, H.

Author_Institution

Coll. of Comput., Georgia Inst. of Technol., Atlanta, GA, USA

fYear

2003

fDate

19-22 May 2003

Firstpage

146

Lastpage

154

Abstract

We present the design of a distributed store that offers various levels of security guarantees while tolerating a limited number of nodes that are compromised by an adversary. The store uses secret sharing schemes to offer security guarantees namely availability, confidentiality and integrity. However, a pure secret sharing scheme could suffer from performance problems and high access costs. We integrate secret sharing with replication for better performance and to keep access costs low. The tradeoffs involved between availability and access cost on one hand and confidentiality and integrity on the other are analyzed. Our system differs from traditional approaches such as state machine or quorum based replication that have been developed to tolerate Byzantine failures. Unlike such systems, we augment replication with secret sharing and demonstrate that such a hybrid scheme offers additional flexibility that is not possible with replication alone.

Keywords

data integrity; fault tolerant computing; secure storage; security of data; storage management; Byzantine fault tolerance; data availability; data confidentiality; data integrity; data security; distributed storage; secret sharing scheme; Application software; Availability; Costs; Cryptography; Data security; Distributed computing; Educational institutions; Fault tolerance; Information security; Protocols;

fLanguage

English

Publisher

ieee

Conference_Titel

Distributed Computing Systems, 2003. Proceedings. 23rd International Conference on

ISSN

1063-6927

Print_ISBN

0-7695-1920-2

Type

conf

DOI

10.1109/ICDCS.2003.1203461

Filename

1203461