Secure clustered distributed storage against eavesdroppers

This paper considers the security issue of practical distributed storage systems (DSSs) which consist of multiple clusters of storage nodes. Noticing that actual storage nodes constituting a DSS are distributed in multiple clusters, two novel eavesdropper models — the node-restricted model and the cluster-restricted model — are suggested which reflect the clustered nature of DSSs. In the node-restricted model, an eavesdropper cannot access the individual nodes, but can eavesdrop incoming/outgoing data for Lc compromised clusters. In the cluster-restricted model, an eavesdropper can access a total of l individual nodes but the number of accessible clusters is limited to Lc. We provide an upper bound on the securely storable data for each model, while a specific network coding scheme which achieves the upper bound is obtained for the node-restricted model, given some mild condition on the node storage size.

[1]  Lawrence H. Ozarow,et al.  Wire-tap channel II , 1984, AT&T Bell Lab. Tech. J..

[2]  Alexandros G. Dimakis,et al.  Network Coding for Distributed Storage Systems , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[3]  Kannan Ramchandran,et al.  Exact Regenerating Codes for Distributed Storage , 2009, ArXiv.

[4]  Kannan Ramchandran,et al.  Securing Dynamic Distributed Storage Systems Against Eavesdropping and Adversarial Attacks , 2010, IEEE Transactions on Information Theory.

[5]  Stefan Savage,et al.  Total Recall: System Support for Automated Availability Management , 2004, NSDI.

[6]  Camilla Hollanti,et al.  Capacity and Security of Heterogeneous Distributed Storage Systems , 2013, IEEE Journal on Selected Areas in Communications.

[7]  Jaekyun Moon,et al.  Capacity of clustered distributed storage , 2016, 2017 IEEE International Conference on Communications (ICC).

[8]  Robert Tappan Morris,et al.  Designing a DHT for Low Latency and High Throughput , 2004, NSDI.

[9]  Nihar B. Shah,et al.  Information-Theoretically Secure Regenerating Codes for Distributed Storage , 2011, 2011 IEEE Global Telecommunications Conference - GLOBECOM 2011.

[10]  David A. Maltz,et al.  Network traffic characteristics of data centers in the wild , 2010, IMC '10.

[11]  Hairong Kuang,et al.  The Hadoop Distributed File System , 2010, 2010 IEEE 26th Symposium on Mass Storage Systems and Technologies (MSST).

[12]  Cory Hill,et al.  f4: Facebook's Warm BLOB Storage System , 2014, OSDI.