1 / 16

OceanStore: Data Security in an Insecure world

Learn about the secure, peer-to-peer model of OceanStore, protection mechanisms, secure routing, and continuous adaptation in a world of ubiquitous computing.

whartin
Download Presentation

OceanStore: Data Security in an Insecure world

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. OceanStore:Data Security in an Insecure world John Kubiatowicz

  2. OceanStore Context: Ubiquitous Computing • Computing everywhere: • Desktop, Laptop, Palmtop • Cars, Cellphones • Shoes? Clothing? Walls? • Connectivity everywhere: • Rapid growth of bandwidth in the interior of the net • Broadband to the home and office • Wireless technologies such as CMDA, Satelite, laser • But: Where is persistent information? • Must be the network! • Utility Model

  3. Canadian OceanStore Sprint AT&T IBM Pac Bell IBM Utility-based Infrastructure • How many files in the OceanStore? • Assume 1010 people, 10,000 files/person (very conservative?) • So 1014 files in OceanStore! • If 1 gig files (ok, a stretch), get almost 1 mole of bytes!

  4. Basic Structure:Untrusted, Peer-to-peer Model

  5. But What About Security? • End-to-End and Everywhere Else! • Protection at all levels • Data Protected Globally • Attacks recognized and squashed locally • How is information protected? • Encryption for privacy • Secure Naming and Signatures for authenticity • Byzantine commitment for integrity • Is it Available/Durable? • Redundancy with continuous repair • Redistribution for long-term durability • Is it hard to manage? • Automatic optimization, diagnosis and repair

  6. Foo Bar Baz Each link is either a GUID (RO) Or a GUID/public key combination Out-of-Band “Root link” Myfile Secure Naming • Unique, location independent identifiers: • Every version of every unique entity has a permanent, Globally Unique ID (GUID) • GUIDs derived fromsecure hashes (e.g. SHA-1) • All OceanStore operations operate on GUIDs • Naming hierarchy: • Users map from names to GUIDs via hierarchy of OceanStore objects (ala SDSI)

  7. Inactive Object Name+Key Archival GUID Signature Global Object Resolution Active GUID Global Object Resolution Archival copy or snapshot Global Object Resolutions Floating Replica (Active Object) Archival copy or snapshot CKPoint GUID Archival GUID Archival GUID Signature Commit Logs RP Keys ACLs MetaData Archival copy or snapshot Active Data Erasure Coded GUIDs Secure Pointers

  8. But What About the Red Arrows?Location-Independent Routing!

  9. 3 4 2 NodeID 0x79FE NodeID 0x23FE NodeID 0x993E NodeID 0x43FE NodeID 0x43FE 1 4 NodeID 0x73FE NodeID 0x44FE 3 2 1 3 NodeID 0xF990 4 4 3 2 NodeID 0x035E NodeID 0x04FE 3 NodeID 0x13FE 4 NodeID 0x555E NodeID 0xABFE 2 NodeID 0x9990 3 1 2 1 2 3 NodeID 0x239E NodeID 0x73FF NodeID 0x1290 NodeID 0x423E 1 Start with: Tapestry Routing Mesh

  10. Then add:Location-Independent Routing

  11. Secure Routing • Node names are hash of public key • Requests can be signed • Validate Responses in Request/response pairs • Data validation built into network: • Pointers signed • Publication process verified • Responses from servers verified by checking GUIDs • Denial of Service resilence: locality/redundancy • MACs along all links: local suppression of DoS • Multiple roots to avoid single points of failure • Multiple links for rapid recovery • Pointers provide locality: Find closest version of object

  12. What about Update Integrity?Byzantine Agreement!

  13. The Path of an OceanStore Update

  14. Consistency Mechanism applied directly to encrypted data!

  15. Archival DisseminationBuilt into Update

  16. Conclusion:End-to-End and Everywhere Else • Secure read-only data • Secure the commitment protocols • Secure the routing infrastructure • Continuous adaptation and repair For more information: http://oceanstore.cs.berkeley.edu/

More Related