Research On Security For Parallel File Systems

The distributed storage technology has been driven by the rapid development of com-puter and network technologies for a long time. From initial Client/Server storage for the purpose of the access to remote files to today's cloud storage that provides online storage services, distributed storage has experienced great changes in the system architecture, scale, performance, reliability and so on. However, these changes also bring great challenges to the distributed storage system, such as more and more users, more broad data distribution, explosively increasing data and the requirement for higher-reliability data. As a result, future distributed storage system must meet the demand on large capacity, high performance, high scalability, high availability, manageability, strong security and low energy consumption.Due to its advantages in addressing large storage capacity, cross-platform data shar-ing and high-performance I/O, etc, the parallel file system has been widely applied to many distributed storage systems with different storage architecture. Today, the parallel file sys-tem has become an important means for super computers to improve I/O bandwidth. And it will become an ideal choice for future high-performance computing and massive information storage. However, large-scale and high-performance parallel file systems require scalable and high-performance access control and cryptographic storage methods.Large-scale parallel file systems may service millions of users from different organi-zations throughout the network. The authentication technology for such a system must be scalable and provide a simple authentication process because of the large number of users and concurrent accesses of both random I/O and high data throughput. A two-phase au-thentication mechanism, which separates identity authentication from file service, divides the authentication process into two phases, i.e., identity authentication and I/O authentication. The two-phase authentication mechanism uses multiple dedicated authentication severs to au-thenticate users concurrently and in a distributed manner. After the user is authenticated by the authentication server, she will obtain a compact identity certificate from the latter. Thus the storage node can validate the user's identity according to her identity certificate. The two-phase authentication mechanism supports any existing authentication infrastructure to implement scalable authentication. It needs only two low-cost hash calculations for the stor-age node to authenticate an I/O request, thus giving a simple and efficient I/O authentication. As a result, the two-phase authentication mechanism addresses the different authentication requirements in different authentication phases in large parallel file systems.Existing parallel file systems employ centralized access control, i.e., capability-based access control. Before the client can access a storage device, she has to request a capability from a centralized metadata server. The storage device authorizes the client according to the capability. In a parallel file system with a large number of users, the operation to request a ca-pability may result in a severe performance bottleneck on the metadata server. A decentralized access control mechanism with a centralized decision-making support stores a global access control list (ACL) at a centralized decision-making server and stores the access control deci-sions of the decision-making server into storage devices in the form of local pre-authorization lists (PALs). Thus the mechanism allows users set arbitrary policies for the global ACL or even change the global ACL system without having to update or even change the security code in their storage devices. With local PALs, decentralized access control enables the storage de-vice to immediately authorize I/O, instead of demanding a client to acquire an authorization from a centralized metadata server at a crucial time.Traditional shared cryptographic file systems issue a shared key to the shared user by using an online or offline method. The shared key at rest or in flight is cryptographically hardened. Since the shared key is uncovered to multiple shared users, revoking a shared key has to encrypt the shared file with a new shared key and re-issue the new shared key. An efficient method of sharing encrypted files generates and stores file keys with a dedicated key server, and en/decrypts files in parallel with multiple encryption servers. Users can use the encryption service provided by the key server and encryption servers without needing to know the file keys. It thus avoids re-encrypting the files and re-issuing the file keys due to revoking the file keys. In addition, sharing and revoking a user can be set at a group server directly, thus avoiding issuing the shared key, which presents a high efficient key sharing. As one of the most promising technological solutions to large-scale and high-performance storage systems or next-generation storage systems, object storage has received increasing attention in the past few years. The standardization of object storage has played an irreplaceable role in popularizing and applying object storage technologies. Existing T10 OSD standard supports capability-based access control. The T10 OSD security enhancement requires minimal changes to the current standard, which includes only an extended identity certificate, a proposed security attribute page and a collection object, but enables the standard to support decentralized access control. A prototype implementation, which complies to the T10 OSD standard and the proposed security extension, supports all functions of the NOSEC, CAPKEY, CMDRSP ALLDATA security methods defined in the standard. Experimental results show that decentralized security systems achieve significantly higher performance and scalability than centralized security systems.