DISP: Practical, efficient, secure and fault-tolerant distributed data storage

DISP is a practical client-server protocol for the distributed storage of immutable data objects. Unlike most other contemporary protocols, DISP permits applications to make explicit tradeoffs between total storage space, computational overhead, and guarantees of availability, integrity, and privacy on a per-object basis. Applications specify the degree of redundancy with which each item is encoded, what level of integrity checks are computed and stored with each item, and whether items are stored in an encrypted format. At one extreme, clients willing to pay the overhead are guaranteed privacy, integrity, and availability of data stored in the system as long as fewer than half the servers are Byzantine. At the other extreme, objects that do not require privacy or integrity in the face of Byzantine servers can be stored with very low computational and storage overhead.DISP is efficient in terms of message count, message size, and storage requirements: even in the worst case, the read and write protocols require a number of messages that are linear with respect to the number of servers. In terms of message size, DISP requires transferring only marginally more than L bytes to correctly read an object of size L, even in the face of Byzantine server failures. In this article we provide a description of DISP and an analysis of its fault-tolerant properties. We also analyze the complexity of the protocol and discuss several potential applications. We conclude with a description of our prototype implementation and measurements of its performance on commodity hardware.

[1]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[2]  R. Anderson The Eternity Service , 1996 .

[3]  Andrea C. Arpaci-Dusseau,et al.  Association Proceedings of the Third USENIX Conference on File and Storage Technologies San Francisco , CA , USA March 31 – April 2 , 2004 , 2004 .

[4]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[5]  John Kubiatowicz,et al.  Handling churn in a DHT , 2004 .

[6]  John Kubiatowicz,et al.  Erasure Coding Vs. Replication: A Quantitative Comparison , 2002, IPTPS.

[7]  Sean Quinlan,et al.  Venti: A New Approach to Archival Storage , 2002, FAST.

[8]  Bruce Schneier,et al.  Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish) , 1993, FSE.

[9]  Noga Alon,et al.  Scalable Secure Storage when Half the System Is Faulty , 2000, ICALP.

[10]  Eric A. Brewer,et al.  Harvest, yield, and scalable tolerant systems , 1999, Proceedings of the Seventh Workshop on Hot Topics in Operating Systems.

[11]  Margo I. Seltzer,et al.  Structure and Performance of the Direct Access File System , 2002, USENIX ATC, General Track.

[12]  Tal Rabin,et al.  Secure distributed storage and retrieval , 2000, Theor. Comput. Sci..

[13]  Michael Mitzenmacher,et al.  Accessing multiple mirror sites in parallel: using Tornado codes to speed up downloads , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[14]  Michael K. Reiter,et al.  Efficient Byzantine-tolerant erasure-coded storage , 2004, International Conference on Dependable Systems and Networks, 2004.

[15]  Michael K. Reiter,et al.  The Safety and Liveness Properties of a Protocol Family for Versatile Survivable Storage Infrastructures (CMU-PDL-03-105) , 2004 .

[16]  Debanjan Saha,et al.  Transport layer security: how much does it really cost? , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[17]  Ben Y. Zhao,et al.  OceanStore: an architecture for global-scale persistent storage , 2000, SIGP.

[18]  James Megquier,et al.  The India protocol - Project report , 1997 .

[19]  David R. Karger,et al.  Wide-area cooperative storage with CFS , 2001, SOSP.

[20]  Hugo Krawczyk Distributed fingerprints and secure information dispersal , 1993, PODC '93.

[21]  Eric A. Brewer,et al.  Cluster-based scalable network services , 1997, SOSP.

[22]  Peter F. Corbett,et al.  Row-Diagonal Parity for Double Disk Failure Correction (Awarded Best Paper!) , 2004, USENIX Conference on File and Storage Technologies.

[23]  Michael O. Rabin,et al.  Efficient dispersal of information for security, load balancing, and fault tolerance , 1989, JACM.

[24]  Michael Luby,et al.  A digital fountain approach to reliable distribution of bulk data , 1998, SIGCOMM '98.

[25]  Andrea C. Arpaci-Dusseau,et al.  Awarded Best Student Paper! -- Improving Storage System Availability with D-GRAID , 2004 .

[26]  Abhi Shelat,et al.  Remembrance of Data Passed: A Study of Disk Sanitization Practices , 2003, IEEE Secur. Priv..

[27]  Vicky Reich,et al.  Permanent Web Publishing , 2000, USENIX Annual Technical Conference, FREENIX Track.