POTSHARDS—a secure, recoverable, long-term archival storage system

Users are storing ever-increasing amounts of information digitally, driven by many factors including government regulations and the public's desire to digitally record their personal histories. Unfortunately, many of the security mechanisms that modern systems rely upon, such as encryption, are poorly suited for storing data for indefinitely long periods of time; it is very difficult to manage keys and update cryptosystems to provide secrecy through encryption over periods of decades. Worse, an adversary who can compromise an archive need only wait for cryptanalysis techniques to catch up to the encryption algorithm used at the time of the compromise in order to obtain “secure” data. To address these concerns, we have developed POTSHARDS, an archival storage system that provides long-term security for data with very long lifetimes without using encryption. Secrecy is achieved by using unconditionally secure secret splitting and spreading the resulting shares across separately managed archives. Providing availability and data recovery in such a system can be difficult; thus, we use a new technique, approximate pointers, in conjunction with secure distributed RAID techniques to provide availability and reliability across independent archives. To validate our design, we developed a prototype POTSHARDS implementation. In addition to providing us with an experimental testbed, this prototype helped us to understand the design issues that must be addressed in order to maximize security.

[1]  Andrew V. Goldberg,et al.  Towards an archival Intermemory , 1998, Proceedings IEEE International Forum on Research and Technology Advances in Digital Libraries -ADL'98-.

[2]  Mary Baker,et al.  The LOCKSS peer-to-peer digital preservation system , 2005, TOCS.

[3]  Norman C. Hutchinson,et al.  Deciding when to forget in the Elephant file system , 1999, SOSP.

[4]  Dirk Beyer,et al.  Designing for Disasters , 2004, FAST.

[5]  Michael O. Rabin,et al.  Efficient dispersal of information for security, load balancing, and fault tolerance , 1989, JACM.

[6]  Mihir Bellare,et al.  The Security of Chaffing and Winnowing , 2000, ASIACRYPT.

[7]  Ian Clarke,et al.  Freenet: A Distributed Anonymous Information Storage and Retrieval System , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[8]  Jun Xu,et al.  Packet vaccine: black-box exploit detection and signature generation , 2006, CCS '06.

[9]  Pradeep K. Khosla,et al.  Survivable Information Storage Systems , 2000, Computer.

[10]  Ramakrishna Kotla,et al.  SafeStore: A Durable and Practical Storage System , 2007, USENIX Annual Technical Conference.

[11]  L MillerEthan,et al.  POTSHARDSa secure, recoverable, long-term archival storage system , 2009 .

[12]  Timothy Roscoe,et al.  Mnemosyne: Peer-to-Peer Steganographic Storage , 2002, IPTPS.

[13]  Andrea C. Arpaci-Dusseau,et al.  Deconstructing Commodity Storage Clusters , 2005, ISCA 2005.

[14]  Carlos Maltzahn,et al.  POTSHARDS: storing data for the long-term without encryption , 2005, Third IEEE International Security in Storage Workshop (SISW'05).

[15]  Michael Stonebraker,et al.  Distributed RAID-a new multiple copy algorithm , 1990, [1990] Proceedings. Sixth International Conference on Data Engineering.

[16]  Michael K. Reiter,et al.  Efficient Byzantine-tolerant erasure-coded storage , 2004, International Conference on Dependable Systems and Networks, 2004.

[17]  Daniel C. DuVarney,et al.  Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits , 2003, USENIX Security Symposium.

[18]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .

[19]  Sharon E. Perl,et al.  Myriad: Cost-Effective Disaster Tolerance , 2002, FAST.

[20]  David H. Ackley,et al.  Building diverse computer systems , 1997, Proceedings. The Sixth Workshop on Hot Topics in Operating Systems (Cat. No.97TB100133).

[21]  Ben Y. Zhao,et al.  Awarded Best Student Paper! - Pond: The OceanStore Prototype , 2003 .

[22]  Craig A. N. Soules,et al.  Survivable storage systems , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[23]  Andrea C. Arpaci-Dusseau,et al.  Deconstructing commodity storage clusters , 2005, 32nd International Symposium on Computer Architecture (ISCA'05).

[24]  Peng Ning,et al.  Automatic diagnosis and response to memory corruption vulnerabilities , 2005, CCS '05.

[25]  Miguel Castro,et al.  Farsite: federated, available, and reliable storage for an incompletely trusted environment , 2002, OPSR.

[26]  Robert S. Cahn,et al.  Design and Implementation of a Secure Distributed Data Repository , 1998 .

[27]  Jeannette M. Wing,et al.  Verifiable Secret Redistribution for Threshold Sharing Schemes , 2002 .

[28]  Sean Quinlan,et al.  Venti: A New Approach to Archival Storage , 2002, FAST.

[29]  Nicole M. Follansbee Implications of the Health Information Portability and Accountability Act , 2002, The Journal of nursing administration.

[30]  Darrell D. E. Long,et al.  Strong Security for Network-Attached Storage , 2002, FAST.

[31]  Darrell D. E. Long,et al.  Deep Store: an archival storage system architecture , 2005, 21st International Conference on Data Engineering (ICDE'05).

[32]  Raymond A. Lorie,et al.  Trustworthy 100-year digital objects: durable encoding for when it's too late to ask , 2004, TOIS.

[33]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[34]  Hee Yong Youn,et al.  An Efficient Dispersal and Encryption Scheme for Secure Distributed Information Storage , 2003, International Conference on Computational Science.

[35]  Samuel T. King,et al.  Backtracking intrusions , 2003, SOSP '03.

[36]  Ethan L. Miller,et al.  Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[37]  Ethan L. Miller,et al.  POTSHARDS: Secure Long-Term Storage Without Encryption , 2007, USENIX Annual Technical Conference.

[38]  Ethan L. Miller,et al.  Long-term threats to secure archives , 2006, StorageSS '06.

[39]  Wei Chen,et al.  BitVault: a highly reliable distributed data retention platform , 2007, OPSR.

[40]  James S. Plank A tutorial on Reed-Solomon coding for fault-tolerance in RAID-like systems , 1997 .

[41]  Ben Y. Zhao,et al.  Pond: The OceanStore Prototype , 2003, FAST.

[42]  Douglas M. Blough,et al.  An approach for fault tolerant and secure data storage in collaborative work environments , 2005, StorageSS '05.

[43]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice,Second Edition , 2002 .

[44]  Andreas Haeberlen,et al.  Glacier: highly durable, decentralized storage despite massive correlated failures , 2005, NSDI.

[45]  Qian Wang,et al.  Plutus: Scalable Secure File Sharing on Untrusted Storage , 2003, FAST.

[46]  Mary Baker,et al.  A fresh look at the reliability of long-term digital storage , 2005, EuroSys.

[47]  James S. Plank,et al.  A tutorial on Reed–Solomon coding for fault‐tolerance in RAID‐like systems , 1997, Softw. Pract. Exp..

[48]  Carmela Troncoso,et al.  Improving secure long-term archival of digitally signed documents , 2008, StorageSS '08.

[49]  Aviel D. Rubin,et al.  Publius: a robust, tamper-evident, censorship-resistant web publishing system , 2000 .