Building Trust in Storage Outsourcing: Secure Accounting of Utility Storage

We are witnessing a revival of storage service providers in the form of new vendors as well as traditional players. While storage outsourcing is cost-effective, many companies are hesitating to outsource their storage due to security concerns. The success of storage outsourcing is highly dependent on how well the providers can establish trust with their consumers. While significant work has been done to ensure confidentiality, integrity, and availability of data, a practical solution for accounting of outsourced storage is still at large missing. This paper presents Saksha, a secure accounting system that enables automated and verifiable metering of the resources utilized by the consumers. A provider that includes Saksha as a part of its storage service can prove to its customers the amount of resources utilized by them. As a result, Saksha will help to enhance trust by preventing any inflation or deflation of the service usage. Saksha is not restricted to any particular pricing model; it can be applied to the popular pay-per-use pricing model for utility storage as well as many of its variants. In addition, it can be used by the consumers to periodically evaluate their usage and reassess their outsourcing requirements. Saksha is developed such that it can be layered on the top of networked file systems. Our performance results demonstrate that Saksha is efficient and can be used in practice.

[1]  Rafail Ostrovsky,et al.  Micropayments via Efficient Coin-Flipping , 1998, Financial Cryptography.

[2]  Andrew M. Odlyzko,et al.  Internet Pricing and the History of Communications , 2001, Comput. Networks.

[3]  Ethan L. Miller,et al.  Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[4]  Yaron Sella On The Computation-Storage Trade-Offs of Hash Chain Traversal , 2003, Financial Cryptography.

[5]  Markus Jakobsson Fractal hash sequence representation and traversal , 2002, Proceedings IEEE International Symposium on Information Theory,.

[6]  Angelos D. Keromytis,et al.  Fileteller: Paying and Getting Paid for File Storage , 2002, Financial Cryptography.

[7]  William Yurcik,et al.  The evolution of storage service providers: techniques and challenges to outsourcing storage , 2005, StorageSS '05.

[8]  Torben P. Pedersen Electronic Payments of Small Amounts , 1995, Security Protocols Workshop.

[9]  Jeffrey S. Chase,et al.  Strong accountability for network storage , 2007, TOS.

[10]  Markus Jakobsson,et al.  Efficient Constructions for One-Way Hash Chains , 2005, ACNS.

[11]  Dennis Shasha,et al.  Secure Untrusted Data Repository (SUNDR) , 2004, OSDI.

[12]  Qian Wang,et al.  USENIX Association Proceedings of FAST ’ 03 : 2 nd USENIX Conference on File and Storage Technologies , 2003 .

[13]  Yael Tauman Kalai,et al.  Improved Online/Offline Signature Schemes , 2001, CRYPTO.

[14]  Adi Shamir,et al.  PayWord and MicroMint: Two Simple Micropayment Schemes , 1996, Security Protocols Workshop.

[15]  E. Miller,et al.  Strong security for distributed file systems , 2001, Conference Proceedings of the 2001 IEEE International Performance, Computing, and Communications Conference (Cat. No.01CH37210).

[16]  Annalisa De Bonis,et al.  Dynamic Multi-threshold Metering Schemes , 2000, Selected Areas in Cryptography.

[17]  James P. Hughes,et al.  Architecture of the Secure File System , 2001, 2001 Eighteenth IEEE Symposium on Mass Storage Systems and Technologies.

[18]  Stelvio Cimato,et al.  A software infrastructure for authenticated Web metering , 2004, Computer.

[19]  Yongdae Kim,et al.  Securing distributed storage: challenges, techniques, and systems , 2005, StorageSS '05.

[20]  Craig Gentry,et al.  Microcredits for Verifiable Foreign Service Provider Metering , 2004, Financial Cryptography.

[21]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.