Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

OceanStore: Data Security in an Insecure world John Kubiatowicz

advertisement 
OceanStore:
Data Security in an
Insecure world
John Kubiatowicz
OceanStore Context:
Ubiquitous Computing
• Computing everywhere:
– Desktop, Laptop, Palmtop
– Cars, Cellphones
– Shoes? Clothing? Walls?
• Connectivity everywhere:
– Rapid growth of bandwidth in the interior of the net
– Broadband to the home and office
– Wireless technologies such as CMDA, Satelite, laser
• But: Where is persistent information?
– Must be the network!
– Utility Model
Networking Day
©2001 John Kubiatowicz/UC Berkeley
OceanStore:2
Utility-based Infrastructure
Canadian
OceanStore
Sprint
AT&T
Pac IBM
Bell
IBM
• How many files in the OceanStore?
– Assume 1010 people, 10,000 files/person (very conservative?)
– So 1014 files in OceanStore!
– If 1 gig files (ok, a stretch), get almost 1 mole of bytes!
Networking Day
©2001 John Kubiatowicz/UC Berkeley
OceanStore:3
Basic Structure:
Untrusted, Peer-to-peer Model
Networking Day
©2001 John Kubiatowicz/UC Berkeley
OceanStore:4
But What About Security?
• End-to-End and Everywhere Else!
– Protection at all levels
– Data Protected Globally
– Attacks recognized and squashed locally
• How is information protected?
– Encryption for privacy
– Secure Naming and Signatures for authenticity
– Byzantine commitment for integrity
• Is it Available/Durable?
– Redundancy with continuous repair
– Redistribution for long-term durability
• Is it hard to manage?
– Automatic optimization, diagnosis and repair
Networking Day
©2001 John Kubiatowicz/UC Berkeley
OceanStore:5
Secure Naming
• Unique, location independent identifiers:
– Every version of every unique entity has a permanent,
Globally Unique ID (GUID)
– GUIDs derived from secure hashes (e.g. SHA-1)
– All OceanStore operations operate on GUIDs
• Naming hierarchy:
– Users map from names to GUIDs via hierarchy of
OceanStore objects (ala SDSI)
Out-of-Band
“Root link”
Foo
Bar
Baz
Each link is either a GUID (RO)
Or a GUID/public key combination
Myfile
Networking Day
©2001 John Kubiatowicz/UC Berkeley
OceanStore:6
GUIDs Secure Pointers
Name+Key
Inactive Object
Active GUID
Archival GUID
Signature
Global Object
Resolution
Global Object
Resolution
Global Object
Resolutions
Floating Replica
(Active Object)
RP Keys Commit CKPoint GUID
ACLs
MetaData Logs Archival GUID
Archival GUID
Active Data
Signature
Archival copy
or snapshot
Archival copy
or snapshot
Archival copy
or snapshot
Erasure Coded
Networking Day
©2001 John Kubiatowicz/UC Berkeley
OceanStore:7
But What About the
Red Arrows?
Location-Independent Routing!
Networking Day
©2001 John Kubiatowicz/UC Berkeley
OceanStore:8
Start with:
Tapestry Routing Mesh
3
4
NodeID
0x79FE
NodeID
0x23FE
NodeID
0x993E
4
NodeID
0x035E
3
4
3
1
1
3
NodeID
0xF990
2
3
NodeID
0x555E
1
NodeID
0x73FF
Networking Day
NodeID
0x43FE
4
NodeID
0x73FE
3
NodeID
0x44FE
2
2
2
NodeID
0xABFE
NodeID
0x04FE
NodeID
0x13FE
4
NodeID
0x9990
1
2
2
3
NodeID
0x423E
NodeID
0x239E
©2001 John Kubiatowicz/UC Berkeley
1
NodeID
0x1290
OceanStore:9
Then add:
Location-Independent Routing
Networking Day
©2001 John Kubiatowicz/UC Berkeley
OceanStore:10
Secure Routing
• Node names are hash of public key
– Requests can be signed
– Validate Responses in Request/response pairs
• Data validation built into network:
– Pointers signed
– Publication process verified
– Responses from servers verified by checking GUIDs
• Denial of Service resilence: locality/redundancy
–
–
–
–
Networking Day
MACs along all links: local suppression of DoS
Multiple roots to avoid single points of failure
Multiple links for rapid recovery
Pointers provide locality: Find closest version of object
©2001 John Kubiatowicz/UC Berkeley
OceanStore:11
What about Update Integrity?
Byzantine Agreement!
Networking Day
©2001 John Kubiatowicz/UC Berkeley
OceanStore:12
The Path of an
OceanStore Update
Networking Day
©2001 John Kubiatowicz/UC Berkeley
OceanStore:13
Consistency Mechanism applied
directly to encrypted data!
Networking Day
©2001 John Kubiatowicz/UC Berkeley
OceanStore:14
Archival Dissemination
Built into Update
Networking Day
©2001 John Kubiatowicz/UC Berkeley
OceanStore:15
Conclusion:
End-to-End and Everywhere Else
•
•
•
•
Secure read-only data
Secure the commitment protocols
Secure the routing infrastructure
Continuous adaptation and repair
For more information:
http://oceanstore.cs.berkeley.edu/
Networking Day
©2001 John Kubiatowicz/UC Berkeley
OceanStore:16
Related documents
OceanStore
OceanStore
Oceanstore
Oceanstore
OCEANSTORE
OCEANSTORE
Opportunities for Continuous Tuning in a Global Scale File System John Kubiatowicz
Opportunities for Continuous Tuning in a Global Scale File System John Kubiatowicz
Option 2: The Oceanic Data Utility: Global-Scale Persistent Storage John Kubiatowicz
Option 2: The Oceanic Data Utility: Global-Scale Persistent Storage John Kubiatowicz
Pond The OceanStore Prototype
Pond The OceanStore Prototype
OceanStore Theoretical Issues and Open Problems John Kubiatowicz University of California at Berkeley
OceanStore Theoretical Issues and Open Problems John Kubiatowicz University of California at Berkeley
StanfordOceanStore
StanfordOceanStore
Ocean Store presentation_Vasilis Lekakis
Ocean Store presentation_Vasilis Lekakis
Download
advertisement