Trusted storage

We study the properties, design, implementation and performance of trusted storage, an architecture that ensures the integrity, confidentiality and accountability of data, by enforcing storage policies at the lowest layer of a storage system, within the hardware and firmware of disk enclosures. The guarantees provided by trusted storage depend only on the integrity and correctness of the trusted device/enclosure firmware and hardware, not on the absence of bugs and security vulnerabilities in any higher level software of a system and operator error or malice. Trusted storage primitives enable applications to associate and enforce a policy with each data object they create, and to obtain firmware-generated, cryptographically signed certificates, which attest to a given stored data object’s name and content hash, the policy in effect for the object, access history for the object, as well as certain properties of the device including its approximate location. A typical policy states the conditions under which a data object may be read, updated, or deleted, to what extent access to the object should be recorded, how often the object should be scrubbed, and the conditions under which the policy may be changed. To implement this functionality, each trusted storage device has a globally unique identifier and a unique hardware-protected asymmetric cryptographic private key, whose corresponding public key is certified by the manufacturer. Using this private key, the device can cryptographically sign messages, generate short-term session keys and establish secure connections to other trusted storage devices, trusted servers (e.g. time, location, firmware update) and client computers by tunnelling securely through the (untrusted) operating system. Trusted storage addresses the problems created by two complementary trends in computing. On the one hand, both the volume and the value of digitally stored data