200 likes | 758 Views
DEPSKY Dependable and Secure Storage in a Cloud-of-Clouds. By : Naif Alamri Abdulrahma Alsahfi Salem Alzahrani Spring-2014. Moving to Clouds. Data is moving to the cloud Main reason: costs (pay-per-use model). Cloud-of-Clouds Object Storage. Benefits of DEPSKY.
E N D
DEPSKY Dependable and Secure Storage in a Cloud-of-Clouds By: Naif Alamri Abdulrahma Alsahfi Salem Alzahrani Spring-2014
Moving to Clouds • Data is moving to the cloud • Main reason: costs (pay-per-use model)
Benefits of DEPSKY • Loss of availability. • replication and diversity • Loss and corruption of data. • Byzantine fault-tolerant replication • Loss of privacy. • secret sharing scheme and erasure codes • Vendor lock-in. • a few clouds and erasure codes.
DepSky Design Principles • No trust on individual cloud providers Distributed trust is built by using multiple clouds • Use storage clouds as they are No server-side code on the replication protocols • Data is updatable Quorum replication protocols for consistency
DEPSKY Data Model • The DEPSKY library deal with the different interfaces of each cloud provider. • Each cloud has its accepted format of data. • Data unit has three abstraction levels: conceptual, generic, implementation. • Data unit object support creation, deletion, write, and read. • Read and write take two communication round trip.
DEPSKY System Model • Hides most of the complexity. • Asynchronous distributed system (writers, readers and cloud storage providers) • Both readers and writers can fail (they can crash) • All writers share a common private key to sign data. • All readers have access to the corresponding public key to verify these signatures. • The protocols require a set of n = 3 f + 1 storage clouds.
Data Verification single-writer multi-reader regular register (but multiple writers are supported through a locking algorithm)
Confidentiality • DEPSKYemploys a secret sharing scheme [Shamir] • Ensure confidentiality and privacy • Each cloud receives just a share of the data • Authorized clients can access f + 1 different clouds and will be able to rebuild the original data.
Replication • The secret sharing scheme integrates replication and confidentiality. • Higher availability. • Simple replication high cost • secret sharing scheme replication reduce cost by half. • Old versions of the data are kept in the clouds.
Evaluation**DEPSKY Cost • These costs don’t include data storage
Related Work Data storage on diverse clouds: • HAIL [Bowers et al 2009]: no confidentiality, no update, and requires code running on the clouds • RACS [Abu-Libdeh et al 2010]: no confidentiality, no integrity, no updates.