Responsive security for stored data

We present the design of a distributed store that offers various levels of security guarantees while tolerating a limited number of nodes that are compromised by an adversary. The store uses secret sharing schemes to offer security guarantees namely availability, confidentiality and integrity. However, a pure secret sharing scheme could suffer from performance problems and high access costs. We integrate secret sharing with replication for better performance and to keep access costs low. The tradeoffs involved between availability and access cost on one hand and confidentiality and integrity on the other are analyzed. Our system differs from traditional approaches such as state machine or quorum based replication that have been developed to tolerate Byzantine failures. Unlike such systems, we augment replication with secret sharing and demonstrate that such a hybrid scheme offers additional flexibility that is not possible with replication alone.

[1]  Fred B. Schneider,et al.  Tolerating malicious gossip , 2003, Distributed Computing.

[2]  Leslie Lamport,et al.  How to Make a Multiprocessor Computer That Correctly Executes Multiprocess Programs , 2016, IEEE Transactions on Computers.

[3]  Michael K. Reiter,et al.  Dynamic byzantine quorum systems , 2000, Proceeding International Conference on Dependable Systems and Networks. DSN 2000.

[4]  Maurice Herlihy,et al.  Linearizability: a correctness condition for concurrent objects , 1990, TOPL.

[5]  Michael K. Reiter,et al.  Secure and scalable replication in Phalanx , 1998, Proceedings Seventeenth IEEE Symposium on Reliable Distributed Systems (Cat. No.98CB36281).

[6]  Michael K. Reiter,et al.  Persistent objects in the Fleet system , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[7]  Marvin Theimer,et al.  Session guarantees for weakly consistent replicated data , 1994, Proceedings of 3rd International Conference on Parallel and Distributed Information Systems.

[8]  Hugo Krawczyk Distributed fingerprints and secure information dispersal , 1993, PODC '93.

[9]  G. R. BLAKLEY Safeguarding cryptographic keys , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[10]  Michael O. Rabin,et al.  Efficient dispersal of information for security, load balancing, and fault tolerance , 1989, JACM.

[11]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[12]  Michael K. Reiter,et al.  Decentralized Storage Consistency via Versioning Servers (CMU-CS-02-180) , 2002 .

[13]  Martin Tompa,et al.  How to share a secret with cheaters , 1988, Journal of Cryptology.

[14]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[15]  H. Venkateswaran,et al.  A secure and highly available distributed store for meeting diverse data storage needs , 2001, 2001 International Conference on Dependable Systems and Networks.

[16]  Hugo Krawczyk,et al.  Secret Sharing Made Short , 1994, CRYPTO.

[17]  Dahlia Malkhi,et al.  Optimal Unconditional Information Diffusion , 2001, DISC.

[18]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[19]  Craig A. N. Soules,et al.  Self-securing storage: protecting data in compromised systems , 2000, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[20]  Gil Neiger,et al.  Causal memory: definitions, implementation, and programming , 1995, Distributed Computing.

[21]  Maurice Herlihy,et al.  How to Make Replicated Data Secure , 1987, CRYPTO.

[22]  Amin Vahdat,et al.  Design and evaluation of a continuous consistency model for replicated services , 2000, OSDI.

[23]  Alfredo De Santis,et al.  Multiple ramp schemes , 1999, IEEE Trans. Inf. Theory.

[24]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[25]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[26]  Michael K. Reiter,et al.  Decentralized Storage Consistency via Versioning Servers , 2002 .

[27]  Yishay Mansour,et al.  On diffusing updates in a Byzantine environment , 1999, Proceedings of the 18th IEEE Symposium on Reliable Distributed Systems.

[28]  Yves Deswarte,et al.  Intrusion-Tolerance Using Fine-Grain Fragmentation-Scattering , 1986, 1986 IEEE Symposium on Security and Privacy.

[29]  Leslie Lamport,et al.  On interprocess communication , 1986, Distributed Computing.

[30]  Doug Terry,et al.  Epidemic algorithms for replicated database maintenance , 1988, OPSR.

[31]  Moni Naor,et al.  Access Control and Signatures via Quorum Secret Sharing , 1998, IEEE Trans. Parallel Distributed Syst..

[32]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[33]  Hugo Krawczyk,et al.  Proactive Secret Sharing Or: How to Cope With Perpetual Leakage , 1995, CRYPTO.

[34]  Pradeep K. Khosla,et al.  Survivable Information Storage Systems , 2000, Computer.