Secure Storage
Status
This project has ended.
Researchers
Prof. Dr. Bernhard Plattner, Communications Systems Group, ETH
Dr. Germano Caronni, Google
Raphael Rom
Glenn Scott
Marcel Baur
Background
If storage were just about putting bits in a safe place, and retrieving them at a later point in time, then storage would be an easy matter. However, storage means putting massive amounts of data (e.g. 1020 bytes) in several carefully selected places, make sure it stays accessible, name the data such that it can be found, control access (storing, updating, and retrieval), and manage storage space, data aging, and users that have access. All this needs do be done in an efficient and secure fashion.
Efficient and secure storage, using new approaches like DHT-based P2P networks, new concepts of version and update management, and other aspects geared towards enterprise use of distributed storage are part of the Sun Laboratories Celeste project. Celeste in turn is somewhat related to the Berkeley OceanStore project.
In effect, Celeste is to provide a highly scalable, self-organizing, and efficient fully distributed storage solution with both archival and concurrent update capabilities. In such a setting, security is paramount. The following issues need addressing, and some will be covered by the ZISC collaboration on Secure Storage.
- Access Control for Objects and Services (Definition and Enforcement)
- Survivability in Light of External Attacks (e.g. DoS)
- Evaluation of Component Behaviour to Derive Trust Information,
and thus protect against Internal Attacks
- Insurance of Data Availability, and of Timely Data Deletion
- Insurance of Data Authenticity, and thus provision of a Chain of Trust
During Object Evolution