Efficiently binding data to owners in distributed content-addressable storage systems

Distributed content-addressable storage systems use self-verifying data to protect data integrity and to enable graceful scaling. One feature commonly missing from these systems, however, is the ability to identify the owner of a piece of data in a non-repudiable manner. While a solution that associates a certificate with each block of data is conceptually simple, researchers have traditionally claimed that the cost of creating and maintaining certificates is too great. In this paper, we demonstrate that systems can, in fact, efficiently map data to its owner in a secure and non-repudiable fashion. To reduce the cost of creating and maintaining certificates, we extend the traditional content-addressable interface to allow the aggregation of many small data blocks into larger containers. The aggregation is performed in a way that also supports self-verifying data at the granularity of the block and container, fine-granularity access, and incremental updates. We describe two prototype implementations and present preliminary performance results from deployments on PlanetLab and a local cluster

[1]  Ralph C. Merkle,et al.  A Digital Signature Based on a Conventional Encryption Function , 1987, CRYPTO.

[2]  Sean Quinlan,et al.  Venti: A New Approach to Archival Storage , 2002, FAST.

[3]  Wei Hu,et al.  Scalability in the XFS File System , 1996, USENIX Annual Technical Conference.

[4]  David R. Karger,et al.  Wide-area cooperative storage with CFS , 2001, SOSP.

[5]  R. S. Fabry,et al.  A fast file system for UNIX , 1984, TOCS.

[6]  Robert Tappan Morris,et al.  Ivy: a read/write peer-to-peer file system , 2002, OSDI '02.

[7]  Antony I. T. Rowstron,et al.  Storage management and caching in PAST, a large-scale, persistent peer-to-peer storage utility , 2001, SOSP.

[8]  John Kubiatowicz,et al.  Handling churn in a DHT , 2004 .

[9]  Stefan Savage,et al.  Total Recall: System Support for Automated Availability Management , 2004, NSDI.

[10]  Andreas Haeberlen,et al.  Glacier: highly durable, decentralized storage despite massive correlated failures , 2005, NSDI.

[11]  David Mazières,et al.  Fast and secure distributed read-only file system , 2000, TOCS.

[12]  Ben Y. Zhao,et al.  Towards a Common API for Structured Peer-to-Peer Overlays , 2003, IPTPS.

[13]  DruschelPeter,et al.  Storage management and caching in PAST, a large-scale, persistent peer-to-peer storage utility , 2001 .

[14]  Andrew S. Tanenbaum,et al.  A distributed file service based on optimistic concurrency control , 1985, SOSP '85.

[15]  GhemawatSanjay,et al.  The Google file system , 2003 .

[16]  Dennis Shasha,et al.  Secure Untrusted Data Repository (SUNDR) , 2004, OSDI.

[17]  Ben Y. Zhao,et al.  Pond: The OceanStore Prototype , 2003, FAST.