Secure authorization and accounting for networked storage

2007 2007

Other formats: Order a copy

Abstract (summary)

In most of today's storage systems, data is stored distributed across various locations, and needs to be globally accessed and shared in an efficient manner. This has resulted in a surge of new storage paradigms starting from disk interfaces, intelligent storage devices, distributed architectures and even new economic models such as storage outsourcing. These trends are exposing the storage systems to an increased risk of security breaches. Towards alleviating some of the emerging security concerns, this dissertation contributes in the form of three systems: Saksha, SGFS, and CoreFS.

While outsourcing storage is cost-effective, many companies are hesitant to outsource their storage mainly due to trust and security concerns. Saksha enables automated and secure accounting of storage and bandwidth utilization without third-party intervention. By including Saksha as part of their service, providers will be able to give non-repudiable, publicly verifiable proofs of storage and bandwidth consumption. To the best of our knowledge, Saksha is the first accounting system that can be layered on the top of networked file systems. SGFS provides efficient authorization and cross-domain file sharing in the presence of network-attached intelligent storage devices. It is designed to support efficient and flexible cross-domain file sharing without administrative interference, policy management, and efficient revocation. To aid developers and researchers in building experimental file systems, which is usually laborious and time-consuming, we have developed CoreFS, a simple user-level networked file system. CoreFS is modular and lets a developer integrate specialized functions with the help of a simple API without changing the CoreFS code. Simplicity and extensibility of CoreFS were verified by building file systems for Saksha and SGFS, as well as an encrypting file system, and a peer-to-peer file system.

Through these systems, this dissertation strengthens the storage systems by providing secure and efficient mechanisms for authorization and accounting.

Indexing (details)

Computer science
0984: Computer science
Identifier / keyword
Applied sciences; Accounting; Authorization; Data storage; File systems; Security; Storage; Storage outsourcing
Secure authorization and accounting for networked storage
Kher, Vishal
Number of pages
Publication year
Degree date
School code
DAI-B 68/11, Dissertation Abstracts International
Place of publication
Ann Arbor
Country of publication
United States
Kim, Yongdae
Committee member
Du, David; Hopper, Nick; Kim, Yongdae; Odlyzko, Andrew
University of Minnesota
Computer Science
University location
United States -- Minnesota
Source type
Dissertations & Theses
Document type
Dissertation/thesis number
ProQuest document ID
Database copyright ProQuest LLC; ProQuest does not claim copyright in the individual underlying works.
Document URL
Access the complete full text

You can get the full text of this document if it is part of your institution's ProQuest subscription.

Try one of the following:

  • Connect to ProQuest through your library network and search for the document from there.
  • Request the document from your library.
  • Go to the ProQuest login page and enter a ProQuest or My Research username / password.