Design and Implementation of a Self-Securing Storage Device (CMU-CS-00-129)

Self-securing storage prevents intruders from undetectably tampering with or permanently deleting stored data. To accomplish this, self-securing storage devices internally audit all requests and keep all versions of all data for a window of time, regardless of the commands received from potentially compromised host operating systems. Within the window, system administrators are guaranteed to have this valuable information for intrusion diagnosis and recovery. The S4 implementation combines log-structuring with novel metadata journaling and data replication techniques to minimize the performance costs of comprehensive versioning. Experiments show that self-securing storage devices can deliver performance that is comparable with conventional storage. Further, analyses indicate that several weeks worth of all versions can reasonably be kept on state-of-the-art disks, especially when di erencing and compression technologies are employed. The authors would like to thank the member companies of the Parallel Data Consortium (CLARiiON Array Development, EMC Corporation, Hewlett-Packard Labs, Hitachi, In neon Technologies, Intel Corporation, LSI Logic, MTI Technology Corporation, Novell, Inc., PANASAS, L.L.C., Procom Technology, Quantum Corporation, Seagate Technology, Sun Microsystems, Veritas Software Corporation, and 3Com Corporation). The authors also thank IBM Corporation and CMU's Data Storage Systems Center for their support of this project.

[1]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1986, 1986 IEEE Symposium on Security and Privacy.

[2]  Robert B. Hagmann,et al.  Reimplementing the Cedar file system using logging and group commit , 1987, SOSP '87.

[3]  Sun Microsystems,et al.  RPC: Remote Procedure Call Protocol specification: Version 2 , 1988, RFC.

[4]  Mahadev Satyanarayanan,et al.  Scale and performance in a distributed file system , 1988, TOCS.

[5]  J. Howard Et El,et al.  Scale and performance in a distributed file system , 1988 .

[6]  Butler W. Lampson,et al.  On-line data compression in a log-structured file system , 1992, ASPLOS V.

[7]  Mendel Rosenblum,et al.  The design and implementation of a log-structured file system , 1991, SOSP '91.

[8]  Sailesh Chutani,et al.  The Episode File System , 1992 .

[9]  James Lau,et al.  File System Design for an NFS File Server Appliance , 1994, USENIX Winter.

[10]  Eugene H. Spafford,et al.  The design and implementation of tripwire: a file system integrity checker , 1994, CCS '94.

[11]  D. J. Wheeler,et al.  A Block-sorting Lossless Data Compression Algorithm , 1994 .

[12]  Sara McMains,et al.  File System Logging versus Clustering: A Performance Comparison , 1995, USENIX.

[13]  Mahadev Satyanarayanan,et al.  An empirical study of a wide-area distributed file system , 1996, TOCS.

[14]  Chandramohan A. Thekkath,et al.  Petal: distributed virtual disks , 1996, ASPLOS VII.

[15]  Tatu Ylonen,et al.  SSH: secure login connections over the internet , 1996 .

[16]  James E. Johnson,et al.  Overview of the Spiralog File System , 1996, Digit. Tech. J..

[17]  Jeffrey Katcher,et al.  PostMark: A New File System Benchmark , 1997 .

[18]  Garth A. Gibson,et al.  Active Disks: Remote Execution for Network-Attached Storage (CMU-CS-97-198) , 1997 .

[19]  Jeanna Neefe Matthews,et al.  Improving the performance of log-structured file systems with adaptive methods , 1997, SOSP.

[20]  David A. Patterson,et al.  A case for intelligent disks (IDISKs) , 1998, SGMD.

[21]  Stephen T. Kent,et al.  Security Architecture for the Internet Protocol , 1998, RFC.

[22]  Paul N. Hilfinger,et al.  PRCS: The Project Revision Control System , 1998, SCM.

[23]  Jim Zelenka,et al.  High-bandwidth storage architecture , 1998, ASPLOS 1998.

[24]  Marc Unangst,et al.  NASD Scalable Storage Systems , 1999 .

[25]  David A. Patterson,et al.  Virtual log based file systems for a programmable disk , 1999, OSDI '99.

[26]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[27]  Margo I. Seltzer,et al.  Journaling Versus Soft Updates: Asynchronous Meta-data Protection in File Systems , 2000, USENIX Annual Technical Conference, General Track.

[28]  W. Vogels File system usage in Windows NT 4.0 , 2000, OPSR.

[29]  Hai Jin,et al.  Active Disks: Programming Model, Algorithms and Evaluation , 2002 .