160 likes | 248 Views
Distributed, Consistent and Secure USB Storage. Comprehensive Design Review Eddie Lai Matt Dube Sean Busch Zhou Zheng. Backing Up Data. Everyone needs to save their work and data This data needs to be available in multiple locations Data needs to be readily available
E N D
Distributed, Consistent and Secure USB Storage Comprehensive Design Review Eddie Lai Matt Dube Sean Busch Zhou Zheng
Backing Up Data • Everyone needs to save their work and data • This data needs to be available in multiple locations • Data needs to be readily available • Today’s most popular storage device is the thumb drive • Backups have problems • Can be physically broken • Need to be carried around • Can wear out after a number of reads/writes • This leads to using multiple backups • Multiple backups create problems • Data changes create inconsistencies between backups • When many backups are created, data becomes vulnerable
Distributed Consistent Secure USB Hub • Our project: Distributed Consistent Secure USB Hub • Makes maintaining backups simple and intuitive • Uses off-the-shelf USB sticks for storage • Looks like a mass storage device to user’s PC • Can be accessed easily without any software installation • Maintains consistency • Storage Devices at different locations get updated simultaneously • Synchronization as easy as a push of a button • Optional security measures • Secret sharing prevents users’ data from being compromised
Outline • Project Summary • System Design • PC Interface • File Consistency Software • Hub Communication • User Interface • Secret Sharing Software • Prototype • Demonstration • Question and Answer
Project Summary • Step 1: User writes file to local USB hub • Step 2: USB hub stores file on local USB sticks • Step 3: User initiates a sync request • Step 4: Consistency software detects file system updates • Step 5: Hub distributes file system updates
Project Design Implementation • Parts implemented by team • Consistency Software • Network Interface • PC interface • User interface • Additional ports and processing provided by embedded PC
PC Interface • Hub connects to PC without any software installation • Not all users will be allowed to install software on their PC • Hub appears as a USB mass storage device • Use USB OTG port • By interfacing with the PC via this port, board appears as USB device • Shows contents of attached USB drives
File Consistency Software • Custom software to recognize when updates are made • Changes recognized using conventional UNIX tools • Timestamps and checksums recorded, then “diff”ed with previous record • What happens if a file is added? • Software recognizes timestamp and checksum change • Distributes file upon synchronization • What happens if only a timestamp is changed? • Software recognizes only a timestamp change • Distributes timestamp change, but does not re-distribute file
Hub Communication • TCP Client/Server Model • Secure using SSL • Upon synchronization, the hubs will distribute updates across the network • When a hub is distributing updates, it will act as a client • The receiving hub will act as the server • Each client will connect to a server, distribute its updates, then disconnect
User Interface • Hub is manually operated by user • Simple user interface consists of two buttons • One button initiates synchronization • One button ejects USB sticks • Buttons are mounted on Hub via embedded PC’s GPIO ports • Two LEDs provide feedback for users • One alerts user when a sync is in progress • The other shows when it is safe to remove USBs from hub
Secret Sharing • User has option to share information secretly with other hubs • If a USB drive is lost or compromised, no useful information about its contents can be recovered • (k,n) Threshold scheme • Requires a subset, k, of a set, n, to recover data • With fewer than k pieces, no information about the data can be recovered
Secret Sharing • Implements what is known as Shamir's[1] method for secret sharing in the Galois Field 28 • Method relies on the creation of a random polynomial • Samples various coordinates along the curve of the polynomial • Interpolates these points in order to reconstruct the secret • Functionality partially provided by libgfshare UNIX library [1] Shamir, Adi (1979), "How to share a secret", Communications of the ACM22 (11): 612–613, doi:10.1145/359168.359176.
Prototype • Our Hub is currently being prototyped on an Advantech development board powered by the Intel Atom • The next prototype will be built on the BeagleBoard-xM • Board offers a slimmer form factor • Lacks unneeded ports that Advantech board has • Solid state memory vs. HDD • Primary motivation for using BeagleBoard is its USB OTG port • Allows the board to be mounted on User’s PC as USB mass storage device • Approx. cost with peripherals: ~$150
Project Summary • Distributed Consistent Secure USB Hub allows user to keep backups on multiple USB sticks consistent • Hub simplifies process for user • Hub appears as USB mass storage device • Doesn’t require software installation on user’s PC • Simple user interface allows hub to be operated with only two buttons • Hub distributes updates to backups securely across network • User has optional secret sharing functionality • Prototype built using BeagleBoard-xM
Demonstration • Non Secret Sharing • Scenario 1: Hub1 adds multiple files • Scenario 2: Hub2 removes file • Secret Sharing • Scenario 1: Hub1 adds multiple files • Scenario 2: Hub1 recreates a secret with all n shares present • Scenario 3: Hub2 recreates a secret with n-1 shares present