Title :
Security vs Performance: Tradeoffs using a Trust Framework
Author :
Singh, Aameek ; Voruganti, Kaladhar ; Gopisetty, Sandeep ; Pease, David ; Duyanovich, Linda ; Liu, Ling
Author_Institution :
Georgia Inst. of Technol., Atlanta, GA, USA
Abstract :
We present an architecture of a trust framework that can be used to intelligently tradeoff between security and performance in a SAN file system. The primary idea is to differentiate between various clients in the system based on their trustworthiness and provide them with differing levels of security and performance. Client trustworthiness reflects its expected behavior and is evaluated in an online fashion using a customizable trust model. We also describe the interface of the trust framework with an example block level security solution for an out-of-band virtualization based SAN file system (SAN FS). The proposed framework can be easily extended to provide differential treatment based on data sensitivity, using a configurable parameter of the trust model. This allows associating stringent security requirements for more sensitive data, while trading off security for better performance for less critical data, a situation regularly desired in an enterprise.
Keywords :
client-server systems; network operating systems; security of data; storage area networks; virtual storage; SAN file system performance; block level security; client trustworthiness; data sensitivity; stringent security requirements; trust framework; Control systems; Cryptography; Data security; File systems; Leg; Network servers; Planning; Protocols; Secure storage; Storage area networks;
Conference_Titel :
Mass Storage Systems and Technologies, 2005. Proceedings. 22nd IEEE / 13th NASA Goddard Conference on
Print_ISBN :
0-7695-2318-8
DOI :
10.1109/MSST.2005.31
