Hardening access control and data protection in GFS-like file systems

James Kelley, Roberto Tamassia, Nikos Triandopoulos

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Scopus citations

Abstract

The Google File System (GFS) is a highly distributed, faulttolerant file system designed for large files and high throughput batch processing. We consider the first complete security analysis of GFS systems. We formalize desirable security properties with respect to the successful enforcement of access control mechanisms and data confidentiality by considering a threat model that is much stronger then in previous works. We propose extensions to the GFS protocols that satisfy these properties, and provide a comprehensive analysis of the extensions, both analytically and experimentally. In a proof-of-concept implementation, we demonstrate the practicality of the extensions by showing that they incur only a 12% slowdown while offering higher-assurance guarantees.

Original languageEnglish
Title of host publicationComputer Security, ESORICS 2012 - 17th European Symposium on Research in Computer Security, Proceedings
Pages19-36
Number of pages18
DOIs
StatePublished - 2012
Event17th European Symposium on Research in Computer Security, ESORICS 2012 - Pisa, Italy
Duration: 10 Sep 201212 Sep 2012

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume7459 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference17th European Symposium on Research in Computer Security, ESORICS 2012
Country/TerritoryItaly
CityPisa
Period10/09/1212/09/12

Fingerprint

Dive into the research topics of 'Hardening access control and data protection in GFS-like file systems'. Together they form a unique fingerprint.

Cite this