Components Based Key Management Algorithm for Storage Area Networks

Data sharing and file distributions are the two primary functions of network attached storages. Fibre Channel based Storage Area Networks (FC-SAN) has become a more popular solution for the enterprise storage requirements and provides high speed data transfer with high availability, scalability and reliable storage solutions. As SAN keeps and shares entire organizations critical information, it is considered to be more vulnerable to the attackers who gain a single point of access. In most of the data sharing operations among network users, uses encrypted data transfer with proper key management. Securing the SAN data with public key algorithm like RSA is the least less discussed topic and generating keys is a difficult task in distributed environment like Storage Area networks. SAN, considered to be a heterogeneous network, needs distributed key management for the scalability which is one of the important advantages of using SAN. This research paper explores the deployment of RSA algorithm with component based key generation without a key server. This paper also uses compression algorithm ALDC to compress the data during transmission for faster data transfer. The SAN performance was analyzed after the implementation RSA and ALDC algorithm in a customized testing SAN scenario and throughput analysis done for the effectiveness of cryptographic key management.

[1]  Hugh Harney,et al.  Group Key Management Protocol (GKMP) Specification , 1997, RFC.

[2]  Emmanuel Bresson,et al.  Constant Round Authenticated Group Key Agreement via Distributed Computation , 2004, Public Key Cryptography.

[3]  Matt Blaze,et al.  Key Management in an Encrypting File System , 1994, USENIX Summer.

[4]  Huang Guangjun Adaptive Lossless Data Compression Algorithm , 2008 .

[5]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[6]  Valérie Issarny,et al.  An efficient group key agreement protocol for ad hoc networks , 2005, Sixth IEEE International Symposium on a World of Wireless Mobile and Multimedia Networks.

[7]  Jim Zelenka,et al.  A cost-effective, high-bandwidth storage architecture , 1998, ASPLOS VIII.

[8]  Shiguang Ju,et al.  Performance Study of Cryptographic Storage Area Network , 2007, 2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007).

[9]  Jiwu Shu,et al.  Design and Implementation of an SAN System Based on the Fiber Channel Protocol , 2005, IEEE Trans. Computers.

[10]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[11]  Bruce Schneier,et al.  Applied cryptography (2nd ed.): protocols, algorithms, and source code in C , 1995 .

[12]  André L. M. dos Santos,et al.  Implementation of fast RSA key generation on smart cards , 2002, SAC '02.

[13]  S. Karthikeyan,et al.  Enhanced Data Security Framework for Storage Area Networks , 2009, 2009 Second International Conference on Environmental and Computer Science.

[14]  J. F. Ma,et al.  Identity-based constant round group key exchange protocol via secret-share , 2008 .

[15]  Yiming Hu,et al.  SNARE: a strong security scheme for network-attached storage , 2003, 22nd International Symposium on Reliable Distributed Systems, 2003. Proceedings..

[16]  Kevin Fu,et al.  Group Sharing and Random Access in Cryptographic Storage File Systems , 1999 .

[17]  Yun Pan,et al.  Simulation of Key Management Protocol in Wireless Sensor Networks , 2009, 2009 International Joint Conference on Computational Sciences and Optimization.