| Security of data is the key point of information security technologies. Survivability of distributed storage system mainly relates to the security, reliability, availability and efficiency of data service, it aims to maintain data service when some of the storage nodes being failed or attacked, and to keep the privacy and integrity of sensitive data. Survivability substantially means the tradeoff between security and efficiency.This thesis is concerned with the theory and key technologies of network storage system survivability, including the system model and architecture, data redundancy and consistent mechanisms, reliability model of data service, data distribution algorithm, storage encryption and access control systems.The contributions are listed below:1. Basing on the idea of intrusion masking and defense-in-depth, a model and architecture of survivable storage system is presented. Through analyzing the overall survivability of storage systems, and importing survivable requirement into the design phase of storage systems, security and other attributes is easily compromised.2. Data redundancy mechanism in distributed storage systems is investigated. Threshold Byzantine quorum system (TBQS) is proposed which can be used to design reliable storage strategies where up to one fourth of the servers might exhibit Byzantine faults. Together with erasure coding or threshold schemes, TBQS can provide fault-tolerance and service without interruption. Basing on generic Quorum system and constructed with enhanced intersection properties, TBQS can keep data consensus among storage nodes, and realize fault-tolerance and solid service.3. A data distribution algorithm is presented which can be used in mass storage systems. The algorithm breaks data through linear operations on the field F2. Being both time-efficient and space-efficient, the algorithm provides reasonable security attribute, and keeps a benign tradeoff between security and efficiency.4. Basing on invalid probability of storage nodes, a model is provided to evaluate the reliability of a given distributed storage system. According to this model, the reliability of a storage system is affected by 4 factors: time, invalid probability of storage nodes, data distribution algorithm and storage policy. Such a model could partly solve reliability problem in system designing phase, and make data service more reliable.5. Storage encryption system is investigated. A ciphertext management protocol is provided basing on Hierarchical Quorum Consensus, and a discretional access control protocol is presented as well.
|
PDF Full Text Request