Title: Scalable Security in Petabyte Storage Systems

Speaker: Ethan L. Miller, Storage Systems Research Center, University of California, Santa Cruz

Date/Time: Monday, August 7, 2006, 1:00 – 2:00 pm

Location: Building 980, Room 95 (Sandia NM)

Brief Abstract: The next generation of petabyte-scale storage systems promise bandwidth close to a terabyte per second aggregated over thousands of clients, but such systems currently lack efficient scalable mechanisms for strong security.  Traditional approaches to security for network-attached storage either fail outright, or require millions of slow public-key operations to ensure good security.

We have developed a new approach to security in Ceph, the scalable object-based storage system being developed at the SSRC, that provides strong security guarantees with minimal protocol and computational overhead.  This talk will describe our protocol, showing how to batch public-key operations together to provide both fine-grained protection for individual files and extremely scalable protection for files distributed across thousands of devices being accessed by tens of thousands of cooperating clients.  By grouping permissions for both similar clients and similar files and predicting accesses, our approach can further reduce security overhead.  Our experiments show that security overhead for our protocol is negligible for terabyte-scale file access on object-based storage devices, and metadata server load is similarly reduced.

This is joint work with Andrew Leung and other Storage Systems Research Center students and faculty

CSRI POC: Ron Oldfield, (505) 284-9153