The Research Of High Reliability And Security Mechanism In Object-Based Storage

Object-Based Storage(OBS) is a new emerging development tendency in storage field,which combines the advantages of the Storage Area Network(SAN) and Network Attached Storage(NAS),has the superiority of SAN's high-speed direct access and NAS's data sharing. Compared with the traditional storage systems, the experiment has proved OBS is a high-performance, high reliability, cross-platform data sharing and security of the storage structure. However,because network technology's architecture is somewhat opening,measure is necessary to ensure OBS system's high reliabiity and security.Systemic reliability is measured by reliability and availability,where systemic reliability function obeys exponential distribution,which is the basis of modeling and analyzing reliability in this thesis.Fault Tolerance and Error Removal are two better ways to improve the reliability of the system.Low-Density Parity-Check(LDPC) code is a highly efficient fault-tolerant coding, which encodes k-source data into n (n>k) of the data, using the arbitrary k data can reconstruct the original k data sources. By applying this highly efficient coding method to OBS system, the technology of encoding&decoding of LDPC is realized on Linux Client,LDPC-based objects distribution model is designed on OSD, and some meta data information is added in Meta Data Servers. The theoretical analysis concludes this redundancy scheme to enhance system reliability has more advantages: to obtain the same availability of data, LDPC code-based needs only lower edundancy degree;also in the same degree of redundancy, the scheme based on LDPC code has higher availability.In the existing security schemes of OBS,a client either acquires a capability key for each object or an identity key from the Meta Data Server(MDS).Use of identity keys makes revocation difficult whereas,in the prior case,client needs to acquire a large number of keys.The client has to frequently contact the MDS to acquire a key for each object that he wants to access. This imposes a lot of overhead on the file manager, which also presents a single point of failure and an attractive attack target.So we research a novel mechanism of access control and authentication based on Role-Based Access Control for OBS.This scheme is robust against many networks attacks on theory and provides client to OSD mutual authentication.Besides,it reduces the total cryptographic keys of the existing schemes and the load on the MDS.