Responsive Security for Stored Data
نویسندگان
چکیده
We present the design of a distributed store that offers various levels of security guarantees while tolerating a limited number of nodes that are compromised by an adversary. The store uses secret sharing schemes to offer security guarantees namely availability, confidentiality and integrity. However, a pure secret sharing scheme could suffer from performance problems and high access costs. We integrate secret sharing with replication for better performance and to keep access costs low. The tradeoffs involved between availability and access cost on one hand and confidentiality and integrity on the other are analyzed. Our system differs from traditional approaches such as state machine or quorum based replication that have been developed to tolerate Byzantine failures. Unlike such systems, we augment replication with secret sharing and offer weaker consistency guarantees. We demonstrate that such a hybrid scheme offers additional flexibility that is not possible with replication alone.
منابع مشابه
Enforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملIncorporating Wind Power Generation And Demand Response into Security-Constrained Unit Commitment
Wind generation with an uncertain nature poses many challenges in grid integration and secure operation of power system. One of these operation problems is the unit commitment. Demand Response (DR) can be defined as the changes in electric usage by end-use customers from their normal consumption patterns in response to the changes in the price of electricity over time. Further, DR can be also d...
متن کاملSeparating indexes from data: a distributed scheme for secure database outsourcing
Database outsourcing is an idea to eliminate the burden of database management from organizations. Since data is a critical asset of organizations, preserving its privacy from outside adversary and untrusted server should be warranted. In this paper, we present a distributed scheme based on storing shares of data on different servers and separating indexes from data on a distinct server. Shamir...
متن کاملSecurity issues in nosql databases pdf
Have developed or adopted different flavors of NoSQL databases for their growing data. Several NoSQL security issues, this white paper summarizes an opensource research on. 11SullivanBHUS11SullivanServerSideWP.pdf.commonly referred to as NoSQL databases, and as the applications they serve. Data is being stored in NoSQL databases, security issues become growing.concepts such as NoSQL databases w...
متن کاملOnline data storage using implicit security
It is advantageous to use implicit security for online data storage in a cloud computing environment. We describe the use of a data partitioning scheme for implementing such security involving the roots of a polynomial in finite field. The partitions are stored on randomly chosen servers on the network and they need to be retrieved to recreate the original data. Data reconstruction requires acc...
متن کاملSome Potential Issues with the Security of HTML5 IndexedDB
The new HTML5 standard provides much more access to client resources, such as user location and local data storage. Unfortunately, this greater access may create new security risks that potentially can yield new threats to user privacy and web attacks. One of these security risks lies with the HTML5 client-side database. It appears that data stored on the client file system is unencrypted. Ther...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2003