Secure Data Replication over Untrusted Hosts
نویسندگان
چکیده
Data replication is a widely used technique for achieving fault tolerance and improved performance. With the advent of content delivery networks, it is becoming more and more frequent that data content is placed on hosts that are not directly controlled by the content owner, and because of this, security mechanisms to protect data integrity are necessary. In this paper we present a system architecture that allows arbitrary queries to be supported on data content replicated on untrusted servers. To prevent these servers from returning erroneous answers to client queries, we make use of a small number of trusted hosts that randomly check these answers and take corrective action whenever necessary. Additionally, our system employs an audit mechanism that guarantees that any untrusted server acting maliciously will eventually be detected and excluded from the
منابع مشابه
Security for Replicated Web Documents
The WWW is experiencing explosive growth and an increasing number of security-sensitive applications make now use of it. To achieve worldwide scalability and reduce latency in handling user requests, many of these applications make extensive use of data replication through caches and Content Delivery Networks. However, such replication mechanisms place data on untrusted hosts, which introduces ...
متن کاملUsing Replication and Partitioning to Build Secure Distributed Systems
A challenging unsolved security problem is how to specify and enforce system-wide security policies; this problem is even more acute in distributed systems with mutual distrust. This paper describes a way to enforce policies for data confidentiality and integrity in such an environment. Programs annotated with security specifications are statically checked and then transformed by the compiler t...
متن کاملSecure Personal Content Networking Over Untrusted Devices
Securely sharing and managing personal content is a challenging task in multidevice environments. In this paper, we design and implement a new platform called personal content networking (PCN). Our work is inspired by content-centric networking (CCN) becausewe aim to enable access to personal content using its name instead of its location. The unique challenge of PCN is to support secure file o...
متن کاملSecure Compartmented Data Access over an Untrusted Network using a COTS-based Architecture
In this paper, we present an approach to secure compartmented data access over an untrusted network using a secure network computing architecture. We describe the architecture and show how application-level firewalls and other commercial-off-the-shelf (COTS) products may be used to implement compartmentalized access to sensitive information and to provide access control over an untrusted networ...
متن کاملPerformance Study of Untrusted Relay Network Utilizing Cooperative Jammer
Abstract—In this paper, the problem of secure transmission in two-hop amplify-and-forward (AF) systems with an untrusted relay is investigated. To prevent the untrusted relay from intercepting the source message and to achieve positive secrecy rate, the destination-based cooperative jamming (DBCJ) technique is used. In this method the destination sends an intended jamming signal to the relay. T...
متن کامل