Author : Digambar Waghole 1
Date of Publication :7th April 2016
Abstract: We examine the issue of key foundation for secure numerous correspondences. The issue is enlivened by the multiplication of huge scale dispersed file frameworks supporting parallel access to numerous capacity gadgets. Our work concentrates on the present Internet standard for such file frameworks, i.e. parallel Network File System (pNFS), which makes utilization of Kerberos to establishparallelsessionkeys between clientsandstoragedevices. Our survey of the current Kerberos-based convention demonstrates that it has various impediments: (i) a metadata server encouraging key trade between the customers and the stockpiling gadgets has overwhelming workload that confines the adaptability of the convention; (ii) the convention does not give forward mystery; (iii) the metadata server creates itself all the session keys that are utilized between the customers and capacity gadgets, and this naturally prompts key escrow. In this paper, we propose a mixed bag of confirmed key trade conventions that are intended to address the above issues. We demonstrate that our conventions are fit for decreasing up to give or take 54% of the workload of the metadata server and simultaneously supporting forward mystery and escrow-freeness.
Reference :
-
- M. Abd-El-Malek, W.V. Courtright II, C. Cranor, G.R. Ganger, J. Hendricks,A.J. Klosterman, M.P. Mesnier, M. Prasad, B. Salmon, R.R. Sambasivan,S. Sinnamohideen, J.D. Strunk, E. Thereska, M. Wachs, andJ.J. Wylie. Ursa Minor: Versatile cluster-based storage. In Proceedingsof the 4th USENIX Conference on File and Storage Technologies (FAST),pages 59–72. USENIX Association, Dec 2005.
- C. Adams. The simple public-key GSS-API mechanism (SPKM).TheInternet Engineering Task Force (IETF), RFC 2025, Oct 1996.
- A. Adya, W.J. Bolosky, M. Castro, G. Cermak, R. Chaiken,J.R. Douceur, J. Howell, J.R. Lorch, M. Theimer, and R. Wattenhofer. FARSITE: Federated, available, and reliable storage for an incompletelytrusted environment. In Proceedings of the 5th Symposium on OperatingSystem Design and Implementation (OSDI). USENIX Association, Dec2002.
- M.K. Aguilera, M. Ji, M. Lillibridge, J. MacCormick, E. Oertli,D.G. Andersen, M. Burrows, T. Mann, and C.A. Thekkath. Blocklevelsecurity for network-attached disks.In Proceedings of the 2ndInternational Conference on File and Storage Technologies (FAST)USENIX Association, Mar 2003.
- M. Armbrust, A. Fox, R. Griffith, A.D. Joseph, R.H. Katz, A. Konwinski,G. Lee, D.A. Patterson, A. Rabkin, I.Stoica, and M. Zaharia. A view of cloud computing. Communications of the ACM, 53(4):50–58. ACM Press, Apr 2010.
- Amazon simple storage service (Amazon S3). http://aws.amazon.com/s3/.
- M. Bellare, D. Pointcheval, and P. Rogaway.Authenticated key exchangesecure against dictionary attacks. In Advances in Cryptology– Proceedings of EUROCRYPT, pages 139–155. Springer LNCS 1807.
- Parallel virtual file systems (PVFS) version 2. http://www.pvfs.org
- S. Shepler, B. Callaghan, D. Robinson, R. Thurlow, C. Beame, M. Eisler,and D. Noveck.Network file system (NFS) version 4 protocol. The Internet Engineering Task Force (IETF), RFC 3530, Apr 2003.
- Y. Zhu and Y. Hu. SNARE: A strong security scheme for network attached storage. In Proceedings of the 22nd Symposium on Reliable Distributed Systems (SRDS), pages 250–259. IEEE Computer Society, Oct 2003.