Survivable information storage systems

Dept. of Electr. & Comput. Eng., Carnegie Mellon Univ., Pittsburgh, PA
Computer (Impact Factor: 1.44). 09/2000; 33(8):61 - 68. DOI: 10.1109/2.863969
Source: IEEE Xplore


As society increasingly relies on digitally stored and accessed
information, supporting the availability, integrity and confidentiality
of this information is crucial. We need systems in which users can
securely store critical information, ensuring that it persists, is
continuously accessible, cannot be destroyed and is kept confidential. A
survivable storage system would provide these guarantees over time and
despite malicious compromises of storage node subsets. The PASIS
architecture flexibly and efficiently combines proven technologies
(decentralized storage system technologies, data redundancy and
encoding, and dynamic self-maintenance) for constructing information
storage systems whose availability, confidentiality and integrity
policies can survive component failures and malicious attacks

Download full-text


Available from: Pradeep K. Khosla, Jan 30, 2014
  • Source
    • "Only a minimum scope of data is allowed to be provided after files are converted through interface software, e.g. the data storage access control proposed by ISO/IEC 15816 [31]. On the other hand, this research proposes a framework of security for database systems (as indicated in Fig. 2) [32] [33], with the corresponding two aspects of DiD and defense in horizontal (DiH), respectively. In DiD, each data is processed by authentication, access control, certification of input data, and control of output data, to ensure the rationality of input data and the consistency of output data. "
    [Show abstract] [Hide abstract]
    ABSTRACT: In the process of standardization, whether the announcement of a standard represents a cause or an outcome, it is opportunity of the trend of standardization or achievement. The process of standardization is to understand "why" and "how" to explore the detailed outline of a time flow. From a long-term perspective, a standard is the milestone of the standardization process. On May 26th 2010, with the announcement of the Personal Data Protection Act in Taiwan, information security management (ISM) of the Personal Data Protection Act has received much attention from the public. This study is centered on the working items of standards announced by the International Organization for Standardization (ISO) and the ongoing information security management system (ISMS) standards and standardization in order to propose standards which comply with the ISMS of the Personal Data Protection Act and methods which increase implementation control measures.
    Preview · Article · Dec 2011
  • Source
    • "Data-intensive applications rely on stored and accessed data; supporting the availability, integrity, and confidentiality of these data is crucial. While et al. developed a survivable storage system which guarantees that the data is persist, continuously accessible, cannot be destroyed, and is kept confidential [22]. Leung and Miller proposed a scalable and efficient protocol for security in high-performance storage systems, which increases the performance without sacrificing security primitives [8]. "
    [Show abstract] [Hide abstract]
    ABSTRACT: In the past decade, parallel disk systems have been highly scalable and able to alleviate the problem of disk I/O bottleneck, thereby being widely used to support data-intensive applications. Although a variety of parallel disk systems were developed, most existing disk systems lack a means to adaptively control the quality of security for dynamically changing workloads. We address this gap in disk technology by designing, implementing, and evaluating a quality of security control framework for parallel disk systems, or ASPAD for short, that makes it possible for parallel disk systems to adapt to changing security requirements and workload conditions. The ASPAD framework comprises four major components, namely, a security service middleware, a dynamic data-partitioning mechanism, a response time estimator, and an adaptive security quality controller. The framework is conducive to adaptively and expeditiously determining security services for requests submitted to a parallel disk system in a way to improve security of the disk system while making an effort to guarantee desired response times of the requests. We conduct extensive experiments to quantitatively evaluate the performance of the proposed ASPAD framework. Empirical results show that ASPAD significantly improves the overall performance of parallel disk systems over the same disk systems without using the ASPAD framework.
    Full-text · Article · Feb 2011 · Journal of Parallel and Distributed Computing
  • Source
    • "For databases such as those containing personal data, confidentiality, dependability, and robustness are becoming increasingly important. We have proposed a Secret Sharing Distributed Database (SSDDB) [2] that combines a secure distributed storage system [3] [4] [5] with a relational database system. The relations are divided into fragments in the SSDDB, and the fragments are managed by encrypting with a (k, n) threshold scheme [6]. "
    [Show abstract] [Hide abstract]
    ABSTRACT: We discuss query optimization in a secure distributed database system, called the Secret Sharing Distributed DataBase System (SSDDBS). We have to consider not only subquery allocations to distributed servers and data transfer on the network but also decoding distributed shared data. At first, we formulated the subquery allocation problem as a constraints satisfaction problem. Since the subquery allocation problem is NP-complete in general, it is not easy to obtain the optimal solution in practical time. Secondly, we proposed a heuristic evaluation function for the best-first search. We constructed an optimization model on an available optimization software, and evaluated the proposed method. The results showed that feasible solutions could be obtained by using the proposed method in practical time, and that quality of the obtained solutions was good.
    Full-text · Article · Feb 2010 · Journal of Computer Systems Networks and Communications
Show more