Title :
Protecting the integrity of an entire file system
Author :
Tomonori, Fujita ; Masanori, Ogawara
Author_Institution :
NTT Network Innovation Labs., Kanagawa, Japan
Abstract :
This paper describes Arbre, a file system designed to run on untrusted remote storage connected to a server by networking fabrics. Arbre structures all blocks as a tree, and stores a pointer pointing to a block and a cryptographic hash of the block´s contents together. This scheme allows Arbre to protect the integrity of the entire file system rather than the integrity of each block or each file individually. In addition, the root of a tree is not written to disk after until all modified data are written to disk, and modified data are always written to new locations on disk. With this scheme, in the event of a system failure, both meta-data and file-data are maintained in a consistent state, and there is no possibility that users see any inconsistency between contents of a block and its hash.
Keywords :
cryptography; data integrity; file organisation; meta data; system recovery; tree data structures; Arbre; cryptographic hash; file system integrity protection; file-data; meta-data; modified data; system failure; untrusted remote storage; Computer crashes; Data security; Fabrics; File servers; File systems; IP networks; Protection; Secure storage; Switches; Technological innovation;
Conference_Titel :
Information Assurance, 2003. IWIAS 2003. Proceedings. First IEEE International Workshop on
Conference_Location :
Darmstadt, Germany
Print_ISBN :
0-7695-1886-9
DOI :
10.1109/IWIAS.2003.1192462
