Title :
Static, Dynamic and Incremental MAC Combined Approach for Storage Integrity Protection
Author :
Hou, Fangyong ; He, Hongjun ; Xiao, Nong ; Liu, Fang ; Zhong, Guangjun
Author_Institution :
Sch. of Comput., Nat. Univ. of Defense Technol., Changsha, China
fDate :
June 29 2010-July 1 2010
Abstract :
Storage systems are more distributed and more subject to attacks. One basic security requirement is to authenticate the stored data. This paper describes SDI-MAC, a static, dynamic and incremental MAC combined approach to guarantee end-to-end data integrity to clients in distributed data storage environment. SDI-MAC associates two different integrity codes to different granularities of the stored data, applies incremental conversion between the two different kinds of integrity codes, and enhances the ability of MAC based data authentication to resist against replay attack. At last, SDI-MAC can make balance among performance, cost and security. Related approach and system implementation are elaborated, as well as testing results. Theoretical analysis and experimental simulations show that it is a practical and available way to realize data authentication of network storage system.
Keywords :
data integrity; message authentication; storage management; distributed data storage environment; end-to-end data integrity; incremental conversion; integrity codes; network storage system; security requirement; static-dynamic-incremental MAC combined approach; storage integrity protection; stored data authentication; Authentication; Encryption; File systems; Nonvolatile memory; Servers; MAC; dynamic; incremental; integrity; static; storage;
Conference_Titel :
Computer and Information Technology (CIT), 2010 IEEE 10th International Conference on
Conference_Location :
Bradford
Print_ISBN :
978-1-4244-7547-6
DOI :
10.1109/CIT.2010.286
