OSDI 2000 Abstract
Self-Securing Storage: Protecting Data in
Compromised Systems
John D. Strunk, Garth R. Goodson, Michael L. Scheinholtz, Craig
A.N. Soules, Gregory R. Ganger, Carnegie Mellon University
Abstract
Self-securing storage prevents intruders from undetectably
tampering with or permanently deleting stored data. To
accomplish this, self-securing storage devices internally audit
all requests and keep old versions of data for a window of time,
regardless of the commands received from potentially compromised
host operating systems. Within the window, system administrators
have this valuable information for intrusion diagnosis and
recovery. Our implementation, called S4, combines log-structuring with
journal-based metadata to minimize the performance costs of
comprehensive versioning. Experiments show that self-securing
storage devices can deliver performance that is comparable with
conventional storage systems. In addition, analyses indicate that
several weeks worth of all versions can reasonably be kept on
state-of-the-art disks, especially when differencing and
compression technologies are employed.
|