Long-term threats to secure archives

Archival storage systems are designed for a write-once, read-maybe usage model which places an emphasis on the long-term preservation of their data contents. In contrast to traditional storage systems in which data lifetimes are measured in months or possibly years, data lifetimes in an archival system are measured in decades. Secure archival storage has the added goal of providing controlled access to its long-term contents. In contrast, public archival systems aim to ensure that their contents are available to anyone.Since secure archival storage systems must store data over much longer periods of time, new threats emerge that affect the security landscape in many novel, subtle ways. These security threats endanger the secrecy, availability and integrity of the archival storage contents. Adequate understanding of these threats is essential to effectively devise new policies and mechanisms to guard against them. We discuss many of these threats in this new context to fill this gap, and show how existing systems meet (or fail to meet) these threats.

[1]  Antony I. T. Rowstron,et al.  Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems , 2001, Middleware.

[2]  Pradeep K. Khosla,et al.  Survivable Information Storage Systems , 2000, Computer.

[3]  Sean Quinlan,et al.  Venti: A New Approach to Archival Storage , 2002, FAST.

[4]  Craig A. N. Soules,et al.  Survivable storage systems , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[5]  Darrell D. E. Long,et al.  Strong Security for Network-Attached Storage , 2002, FAST.

[6]  Carlos Maltzahn,et al.  POTSHARDS: storing data for the long-term without encryption , 2005, Third IEEE International Security in Storage Workshop (SISW'05).

[7]  I. Clarke,et al.  A distributed anonymous information storage and retrievalsystem , 2000 .

[8]  Douglas M. Blough,et al.  An approach for fault tolerant and secure data storage in collaborative work environments , 2005, StorageSS '05.

[9]  Peter Druschel,et al.  Pastry: Scalable, distributed object location and routing for large-scale peer-to- , 2001 .

[10]  Marvin Theimer,et al.  Feasibility of a serverless distributed file system deployed on an existing set of desktop PCs , 2000, SIGMETRICS '00.

[11]  Jeannette M. Wing,et al.  Verifiable Secret Redistribution for Threshold Sharing Schemes , 2002 .

[12]  Luigi V. Mancini,et al.  A Secure and Efficient Large Scale Distributed System for Data Sharing , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[13]  Ethan L. Miller,et al.  Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[14]  Antony I. T. Rowstron,et al.  PAST: a large-scale, persistent peer-to-peer storage utility , 2001, Proceedings Eighth Workshop on Hot Topics in Operating Systems.

[15]  Jacob R. Lorch,et al.  Farsite: federated, available, and reliable storage for an incompletely trusted environment , 2002, OSDI '02.

[16]  Erik Riedel,et al.  A Framework for Evaluating Storage System Security , 2002, FAST.

[17]  S. Brand THE CLOCK OF THE LONG NOW , 1999 .

[18]  Mary Baker,et al.  The LOCKSS peer-to-peer digital preservation system , 2005, TOCS.

[19]  Samuel J. Leffler,et al.  A Fast File System for UNIX (Revised July 27, 1983) , 1983 .

[20]  Andreas Haeberlen,et al.  Glacier: highly durable, decentralized storage despite massive correlated failures , 2005, NSDI.

[21]  Qian Wang,et al.  Plutus: Scalable Secure File Sharing on Untrusted Storage , 2003, FAST.

[22]  Aviel D. Rubin,et al.  Publius: a robust, tamper-evident, censorship-resistant web publishing system , 2000 .

[23]  Ethan L. Miller,et al.  Disk infant mortality in large storage systems , 2005, 13th IEEE International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems.

[24]  Ben Y. Zhao,et al.  OceanStore: an architecture for global-scale persistent storage , 2000, SIGP.