Design and Implementation of Self-securing Disk

Self-securing storage devices prevents intruders from undetectably tampering with or permanently deleting stored data. To accomplish this, We design an efficient self-securing disk architecture, which is based on traditional self-securing storage prototype S4: 1)On the confidentiality protection side, authenticated encryption mode GCM is adapted to process disk block in parallel ,and authentication latency is overlapped with disk access latency so that our scheme is more efficient and secure than Windows BitLocker. 2) On the integrity protection side, GHASH proposed in GCM is used to generate MAC which is more efficient than SHA-1, MD5. Moreover, “Minimum Integrity Verification Tree” is put forward to decrease performance loss at a maximum. 3) On the access control protection side, we propose a cryptographically featured capability based access control model, which is based on existing OSD access control model. We use hybrid hard drive as an instance to build a self-securing disk prototype which is implemented by simulation. The encryption/authentication overheads are significantly reduced due to buffer techniques and combined GCM/Flash scheme. According to the simulation results, the performance overhead is less than 18%, which is efficient and practical.

[1]  Dawu Gu,et al.  Architecture Support for Memory Confidentiality and Integrity in Embedded Systems , 2009 .

[2]  Yiming Hu,et al.  SNARE: a strong security scheme for network-attached storage , 2003, 22nd International Symposium on Reliable Distributed Systems, 2003. Proceedings..

[3]  Dawu Gu,et al.  Efficient disk encryption and verification through trusted nonce , 2008, 2008 IEEE Symposium on Computers and Communications.

[4]  Craig A. N. Soules,et al.  Self-securing storage: protecting data in compromised systems , 2000, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[5]  Erez Zadok,et al.  Cryptfs: A Stackable Vnode Level Encryption File System , 1998 .

[6]  D. McGrew,et al.  The Galois/Counter Mode of Operation (GCM) , 2005 .

[7]  Jim Zelenka,et al.  A cost-effective, high-bandwidth storage architecture , 1998, ASPLOS VIII.

[8]  G. Edward Suh,et al.  Caches and hash trees for efficient memory integrity verification , 2003, The Ninth International Symposium on High-Performance Computer Architecture, 2003. HPCA-9 2003. Proceedings..

[9]  Garth A. Gibson,et al.  A Case for Network-Attached Secure Disks, , 1996 .

[10]  Lars R. Knudsen,et al.  Advanced Encryption Standard (AES) - An Update , 1999, IMACC.

[11]  B. Rogers,et al.  Improving Cost, Performance, and Security of Memory Encryption and Authentication , 2006, ISCA 2006.

[12]  Matt Blaze,et al.  A cryptographic file system for UNIX , 1993, CCS '93.

[13]  David A. Patterson,et al.  A case for intelligent disks (IDISKs) , 1998, SGMD.

[14]  Gregory R. Ganger,et al.  The DiskSim Simulation Environment Version 4.0 Reference Manual (CMU-PDL-08-101) , 1998 .

[15]  John Viega,et al.  The Security and Performance of the Galois/Counter Mode (GCM) of Operation , 2004, INDOCRYPT.

[16]  Erik Riedel,et al.  The OSD security protocol , 2005, Third IEEE International Security in Storage Workshop (SISW'05).

[17]  Christos Faloutsos,et al.  Active Disks for Large-Scale Data Processing , 2001, Computer.

[18]  Benjamin Reed,et al.  Security considerations when designing a distributed file system using object storage devices , 2002, First International IEEE Security in Storage Workshop, 2002. Proceedings..

[19]  Patrick D. McDaniel,et al.  Non-volatile memory and disks:: avenues for policy architectures , 2007, CSAW '07.

[20]  Ramesh Karri,et al.  A High Speed Architecture for Galois/Counter Mode of Operation (GCM) , 2005, IACR Cryptol. ePrint Arch..

[21]  Darrell D. E. Long,et al.  Strong Security for Network-Attached Storage , 2002, FAST.

[22]  Giuseppe Cattaneo,et al.  Design and Implementation of a Transparent Cryptographic File System for Unix , 2007 .