Self-Securing Storage: Protecting Data in Compromised Systems
نویسندگان
چکیده
Self-securing storage prevents intruders from undetectably tampering with or permanently deleting stored data. To accomplish this, self-securing storage devices internally audit all requests and keep old versions of data for a window of time, regardless of the commands received from potentially compromised host operating systems. Within the window, system administrators have this valuable information for intrusion diagnosis and recovery. Our implementation, called S4, combines log-structuring with journal-based metadata to minimize the performance costs of comprehensive versioning. Experiments show that self-securing storage devices can deliver performance that is comparable with conventional storage systems. In addition, analyses indicate that several weeks worth of all versions can reasonably be kept on state-of-the-art disks, especially when di erencing and compression technologies are employed.
منابع مشابه
Architecture and Interface of a Self-Securing Object Store
Self-securing storage prevents intruders from undetectably tampering with or permanently deleting stored data. To accomplish this, self-securing storage devices internally audit all requests and keep all versions of all data for a window of time, regardless of the commands received from potentially compromised host operating systems. Within this window, system administrators have valuable infor...
متن کاملDesign and implementation of a self-securing storage device
Self-securing storage prevents intruders from undetectably tampering with or permanently deleting stored data. To accomplish this, self-securing storage devices internally audit all requests and keep all versions of all data for a window of time, regardless of the commands received from potentially compromised host operating systems. Within the window, system administrators are guaranteed to ha...
متن کاملDesign and Implementation of a Self-Securing Storage Device (CMU-CS-00-129)
Self-securing storage prevents intruders from undetectably tampering with or permanently deleting stored data. To accomplish this, self-securing storage devices internally audit all requests and keep all versions of all data for a window of time, regardless of the commands received from potentially compromised host operating systems. Within the window, system administrators are guaranteed to ha...
متن کاملAn Efficient Versioning File System for Self-Securing Storage
Self-securing storage prevents intruders from undetectably tampering with or permanently deleting stored data. By keeping all versions of all data for a window of time and separating the storage system from the host operating system, self securing storage can protect its data from corruption. This paper describes a versioning file system that combines log-structuring with novel metadata journal...
متن کاملRemote Data Integrity Protection Enhancement in Cloud Storage
Cloud computing is the delivery of computing services over the Internet. Protecting all users’ data in the cloud is highly challenging. Since all our data stored in third party’s computer, security concerns arise. The main focus in cloud storage is data security and integrity. This paper works on securing cloud data from corruptions, checking for its integrity and recovering data during failure...
متن کامل