Responsive security for stored data

Author

Lakshmanan, Subramanian ; Ahamad, Mustaque ; Venkateswaran, H.

Author_Institution

Coll. of Comput., Georgia Inst. of Technol., Atlanta, GA, USA

Volume

14

Issue

9

fYear

2003

Firstpage

818

Lastpage

828

Abstract

We present the design of a distributed store that offers various levels of security guarantees while tolerating a limited number of nodes that are compromised by an adversary. The store uses secret sharing schemes to offer security guarantees, namely, availability, confidentiality, and integrity. However, a pure secret sharing scheme could suffer from performance problems and high access costs. We integrate secret sharing with replication for better performance and to keep access costs low. The trade offs involved between availability and access cost on one hand and confidentiality and integrity on the other are analyzed. Our system differs from traditional approaches such as state machine or quorum-based replication that have been developed to tolerate Byzantine failures. Unlike such systems, we augment replication with secret sharing and offer weaker consistency guarantees. We demonstrate that such a hybrid scheme offers additional flexibility that is not possible with replication alone.

Keywords

data integrity; data privacy; distributed databases; security of data; software fault tolerance; Byzantine failures; availability; data confidentiality; data integrity; distributed store; fault tolerance; high access costs; performance problems; quorum-based replication; responsive security; secret sharing schemes; state machine; stored data security; Application software; Availability; Collaboration; Costs; Cryptography; Data security; Environmental management; Fault tolerance; Memory; Mobile computing;

fLanguage

English

Journal_Title

Parallel and Distributed Systems, IEEE Transactions on

Publisher

ieee

ISSN

1045-9219

Type

jour

DOI

10.1109/TPDS.2003.1233705

Filename

1233705