Title :
Secure group services for storage area networks
Author :
Kim, Yongdae ; Maino, Fabio ; Narasimha, Maithili ; Tsudik, Gene
Author_Institution :
Minnesota Univ., Minneapolis, MN, USA
Abstract :
Storage Area Networks, with their ability to offer high data availability, reliability and scalability, are a promising solution for the large scale storage needs of many enterprises. As with any distributed storage system, a major design challenge for a Storage Area Network (SAN) is to provide data integrity and confidentiality. In this paper we propose a solution which addresses these core security requirements. In particular, we focus on mechanisms that enable efficient key distribution to allow scalable data sharing. Our scheme uses strong cryptographic techniques to achieve data security and integrity. Further, we delegate the bulk of the cryptographic processing to the SAN entities (e.g., switches, routers or other network elements), thereby removing bottlenecks at the disks and causing minimal inconvenience to the hosts. By recognizing the peer nature of the group of SAN entities, we propose efficient group key mechanisms that do not involve any centralized key distribution servers. This allows our scheme to be scalable and be free from any single point of failure or attack.
Keywords :
cryptography; data integrity; data privacy; distributed databases; network operating systems; SAN entities; cryptographic processing; data availability; data confidentiality; data integrity; distributed storage system; group key agreement; group key mechanisms; reliability; scalability; scalable data sharing; storage area networks; strong cryptographic techniques; Availability; Cities and towns; Cryptography; Data security; Network servers; Power system security; Scalability; Secure storage; Storage area networks; Web server;
Conference_Titel :
Security in Storage Workshop, 2002. Proceedings. First International IEEE
Print_ISBN :
0-7695-1888-5
DOI :
10.1109/SISW.2002.1183514
