Abstract
This article presents the design, implementation, and evaluation of CATS, a network storage service with strong accountability properties. CATS offers a simple web services interface that allows clients to read and write opaque objects of variable size. This interface is similar to the one offered by existing commercial Internet storage services. CATS extends the functionality of commercial Internet storage services by offering support for strong accountability.
A CATS server annotates read and write responses with evidence of correct execution, and offers audit and challenge interfaces that enable clients to verify that the server is faithful. A faulty server cannot conceal its misbehavior, and evidence of misbehavior is independently verifiable by any participant. CATS clients are also accountable for their actions on the service. A client cannot deny its actions, and the server can prove the impact of those actions on the state views it presented to other clients.
Experiments with a CATS prototype evaluate the cost of accountability under a range of conditions and expose the primary factors influencing the level of assurance and the performance of a strongly accountable storage server. The results show that strong accountability is practical for network storage systems in settings with strong identity and modest degrees of write-sharing. We discuss how the accountability concepts and techniques used in CATS generalize to other classes of network services.
- Aiyer, A. S., Alvisi, L., Clement, A., Dahlin, M., Martin, J.-P., and Porth, C. 2005. BAR fault tolerance for cooperative services. In Proceedings of the 20th ACM Symposium on Operating Systems Principles (SOSP). Google Scholar
Digital Library
- Amazon.com, Inc. 2007. Amazon simple storage service (Amazon S3). http://www.amazon.com/gp/browse.html?node=16427261.Google Scholar
- Anagnostopoulos, A., Goodrich, M. T., and Tamassia, R. 2001. Persistent authenticated dictionaries and their applications. In 4th International Conference on Information Security. Google Scholar
Digital Library
- Anderson, R. J. 1994. Why cryptosystems fail. Commun. ACM 37, 11 (Nov.), 32--40. Google Scholar
Digital Library
- Bayer, R. and McCreight, E. M. 1972. Organization and maintenance of large ordered indices. Acta Informatica 1, 173--189.Google Scholar
Digital Library
- Benaloh, J. and de Mare, M. 1997. One-Way accumulators: A decentralized alternative to digital signatures (extended abstract). In Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques on Advances on Cryptology, 480--494. Google Scholar
Digital Library
- Buldas, A., Laud, P., and Lipmaa, H. 2000. Accountable certificate management using undeniable attestations. In Proceedings of the 7th ACM Conference of Computer and Communications Security, 9--17. Google Scholar
Digital Library
- Buldas, A., Laud, P., Lipmaa, H., and Villemson, J. 1998. Time-Stamping with binary linking schemes. In Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques on Advances on Cryptology. Google Scholar
Digital Library
- Castro, M. and Liskov, B. 1999. Practical Byzantine fault tolerance. In Proceedings of the 3rd USENIX Symposium on Operating Systems Design and Implementation. Google Scholar
Digital Library
- Driscoll, J., Sarnak, N., Sleator, D. D., and Tarjan, R. 1989. Making data structures persistent. J. Comput. Syst. Sci. 38, 86--124. Google Scholar
Digital Library
- Ferraiolo, D. and Kuhn, R. 1992. Role-Based access controls. In 15th National Computer Security Conference.Google Scholar
- Fu, K., Kaashoek, M. F., and Maziéres, D. 2000. Fast and secure distributed read-only file system. In Proceedings of the 4th USENIX Symposium on Operating Systems Design and Implementation, 181--196. Google Scholar
Digital Library
- Fu, Y., Chase, J., Chun, B., Schwab, S., and Vahdat, A. 2003. SHARP: An architecture for secure resource peering. In Proceedings of the 19th ACM Symposium on Operating System Principles (SOSP), 133--148. Google Scholar
Digital Library
- Goodrich, M., Tamassia, R., and Schwerin, A. 2001. Implementation of an authenticated dictionary with skip lists and commutative hashing. In Proceedings of the DARPA Information Survivability Conference and Exposition, 68--82.Google Scholar
- Kallahalla, M., Riedel, E., Swaminathan, R., Wang, Q., and Fu, K. 2003. Plutus: scalable secure file sharing on untrusted storage. In Proceedings of the 2nd USENIX Conference on File and Storage Technologies. Google Scholar
Digital Library
- Lampson, B. W. 2000. Computer security in the real world. In Proceedings of the Annual Computer Security Applications Conference.Google Scholar
- Laskowski, P. and Chuang, J. 2006. Network monitors and contracting systems: Competition and innovation. In Proceedings of the ACM SIGCOMM Data Communications Festival. Google Scholar
Digital Library
- Lehman, P. L. and Yao, S. B. 1981. Efficient locking for concurrent operations on B-trees. ACM Trans. Database Syst. 6, 650--670. Google Scholar
Digital Library
- Li, J., Krohn, M. N., Mazières, D., and Shasha, D. 2004. Secure untrusted data repository (SUNDR). In Proceedings of the 6th USENIX Symposium on Operating Systems Design and Implementation, 91--106. Google Scholar
Digital Library
- MacCormick, J., Murphy, N., Najork, M., Thekkath, C. A., and Zhou, L. 2004. Boxwood: Abstractions as the foundation for storage infrastructure. In Proceedings of the 6th USENIX Symposium on Operating Systems Design and Implementation, 105--120. Google Scholar
Digital Library
- Maheshwari, U., Vingralek, R., and Shapiro, W. 2000. How to build a trusted database system on untrusted storage. In Proceedings of the 4th USENIX Symposium on Operating System Design and Implementation. Google Scholar
Digital Library
- Maniatis, P. 2003. Historic integrity in distributed systems. Ph.D. thesis, Stanford University. Google Scholar
Digital Library
- Maniatis, P. and Baker, M. 2002a. Enabling the archival storage of signed documents. In Proceedings of the 1st USENIX Conference on File and Storage Technologies, 31--45. Google Scholar
Digital Library
- Maniatis, P. and Baker, M. 2002b. Secure history preservation through timeline entanglement. In Proceedings of the 11th USENIX Security Sysmposium. Google Scholar
Digital Library
- Mazières, D. and Shasha, D. 2002. Building secure file systems out of Byzantine storage. In Proceedings of the 21st Annual ACM Symposium on Principles of Distributed Computing, 108-- 117. Google Scholar
Digital Library
- Merkle, R. C. 1980. Protocols for public key cryptosystems. In Proceedings of the Sysmposium on Security and Privacy, 122--133.Google Scholar
Cross Ref
- Naor, M. and Nissim, K. 2000. Certificate revocation and certificate update. IEEE J. Select. Areas Commun. 18, 4, 561--570. Google Scholar
Digital Library
- Pearlman, L., Welch, V., Foster, I., Kesselman, C., and Tuecke, S. 2002. A community authorization service for group collaboration. In Proceedings of the 3rd IEEE International Workshop on Policies for Distributed Systems and Networks. Google Scholar
Digital Library
- Quinlan, S. and Dorward, S. 2002. Venti: A new approach to archival storage. In the 1st USENIX Conference on File and Storage Technologies. Google Scholar
Digital Library
- Rosenblum, M. and Ousterhout, J. K. 1991. The design and implementation of a log-structured file system. In Proceedings of the 13th ACM Symposium on Operating Systems Principles (SOSP). Google Scholar
Digital Library
- Schneider, F. B. 1990. Implementing fault-tolerant services using the state machine approach: A tutorial. ACM Comput. Surv. 22, 4 (Dec.), 299--319. Google Scholar
Digital Library
- Schneier, B. and Kelsey, J. 1998. Cryptographic support for secure logs on untrusted machines. In Proceedings of the 7th USENIX Security Symposium, 53--62. Google Scholar
Digital Library
- Schneier, B. and Kelsey, J. 1999. Secure audit logs to support computer forensics. ACM Trans. Inf. Syst. Secur. 2, 2 (May), 159--176. Google Scholar
Digital Library
- Smith, S. W., Palmer, E. R., and Weingart, S. 1998. Using a high-performance, programmable secure coprocessor. In Financial Cryptography, Springer, 73--89. Google Scholar
Digital Library
- Tamassia, R. and Triandopoulos, N. 2003. On the cost of authenticated data structures. Tech. Rep., Brown University.Google Scholar
- Trusted Computing Group. 2007. Trusted platform module specification. https://www. trustedcomputinggroup.org/groups/tpm/.Google Scholar
- Welsh, M., Culler, D. E., and Brewer, E. A. 2001. SEDA: An architecture for well-conditioned, scalable internet services. In Proceedings of the 18th ACM Symposium on Operating Systems Principles (SOSP). Google Scholar
Digital Library
- Yumerefendi, A. and Chase, J. S. 2004. Trust but verify: Accountability for network services. In Proceedings of the 11th ACM SIGOPS European Workshop. Google Scholar
Digital Library
Index Terms
Strong accountability for network storage
Recommendations
Strong accountability for network storage
FAST '07: Proceedings of the 5th USENIX conference on File and Storage TechnologiesThis paper presents the design, implementation, and evaluation of CATS, a network storage service with strong accountability properties. A CATS server annotates read and write responses with evidence of correct execution, and offers audit and challenge ...
Accountable Anonymity: A Proxy Re-Encryption Based Anonymous Communication System
ICPADS '12: Proceedings of the 2012 IEEE 18th International Conference on Parallel and Distributed SystemsWhile several well-developed anonymous services have been made available on-line to protect Internet user's privacy, we have seen that due to the lack of accountability, they have often been exploited by criminals to conduct various illegal activities (...
Balancing accountability and privacy in the network
SIGCOMM'14Though most would agree that accountability and privacy are both valuable, today's Internet provides little support for either. Previous efforts have explored ways to offer stronger guarantees for one of the two, typically at the expense of the other; ...






Comments