ACM Digital Library Logo
ACM Logo
Advanced Search
research-article
Free Access

DepSky: Dependable and Secure Storage in a Cloud-of-Clouds

Publication: ACM Transactions on StorageNovember 2013 Article No.: 12 https://doi.org/10.1145/2535929
  • 150citation
  • 2,138
    • Downloads
Metrics
Total Citations150
Total Downloads2,138
Last 12 Months155
Last 6 weeks46
ACM Transactions on Storage
Volume 9, Issue 4
November 2013
PreviousArticleNextArticle

Abstract

The increasing popularity of cloud storage services has lead companies that handle critical data to think about using these services for their storage needs. Medical record databases, large biomedical datasets, historical information about power systems and financial data are some examples of critical data that could be moved to the cloud. However, the reliability and security of data stored in the cloud still remain major concerns. In this work we present DepSky, a system that improves the availability, integrity, and confidentiality of information stored in the cloud through the encryption, encoding, and replication of the data on diverse clouds that form a cloud-of-clouds. We deployed our system using four commercial clouds and used PlanetLab to run clients accessing the service from different countries. We observed that our protocols improved the perceived availability, and in most cases, the access latency, when compared with cloud providers individually. Moreover, the monetary costs of using DepSky in this scenario is at most twice the cost of using a single cloud, which is optimal and seems to be a reasonable cost, given the benefits.

References

  1. Abraham, I., Chockler, G., Keidar, I., and Malkhi, D. 2006. Byzantine disk Paxos: Optimal resilience with Byzantine shared memory. Distrib. Comput. 18, 5, 387--408.Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Abu-Libdeh, H., Princehouse, L., and Weatherspoon, H. 2010. RACS: A case for cloud storage diversity. In Proceedings of the 1st ACM Symposium on Cloud Computing. 229--240. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Alchieri, E. A. P., Bessani, A. N., and Fraga, J. D. S. 2008. A dependable infrastructure for cooperative Web services coordination. In Proceedings of the IEEE International Conference on Web Services. 21--28. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Amazon. 2011. Amazon simple storage service FAQS. http://aws.amazon.com/s3/faqs/.Google ScholarGoogle Scholar
  5. Attiya, H. and Bar-Or, A. 2003. Sharing memory with semi-Byzantine clients and faulty storage servers. In Proceedings of the 22nd IEEE Symposium on Reliable Distributed Systems (SRDS). 174--183.Google ScholarGoogle Scholar
  6. Basescu, C., Cachin, C., Eyal, I., Haas, R., Sorniotti, A., Vukolic, M., and Zachevsky, I. 2012. Robust data sharing with key-value stores. In Proceedings of the 42nd International Conference on Dependable Systems and Networks (DSN). Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Bessani, A. N., Alchieri, E. P., Correia, M., and Fraga, J. S. 2008. DepSpace: A Byzantine fault-tolerant coordination service. In Proceedings of the 3rd ACM European Systems Conference (EuroSys). 163--176. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Bowers, K. D., Juels, A., and Oprea, A. 2009. HAIL: A high-availability and integrity layer for cloud storage. In Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS). 187--198. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Brantner, M., Florescu, D., Graf, D., Kossmann, D. and Kraska, T. 2008. Building a database on S3. In Proceedings of the ACM SIGMOD International Conference on Management of Data. 251--264. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Cachin, C. and Tessaro, S. 2006. Optimal resilience for erasure-coded Byzantine distributed storage. In Proceedings of the International Conference on Dependable Systems and Networks (DSN). 115--124. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Chockler, G. and Malkhi, D. 2002. Active disk Paxos with infinitely many processes. In Proceedings of the 21st Symposium on Principles of Distributed Computing (PODC). 78--87. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Chockler, G., Guerraoui, R., Keidar, I., and Vukolić, M. 2009. Reliable distributed storage. IEEE Comput. 42, 4, 60--67. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Dahlin, M., Chandra, B., Gao, L., and Naate, A. 2003. End-to-end WAN service availability. ACM/IEEE Trans. Netw. 11, 2. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Dekker, M. A. C. 2012. Critical cloud computing: A CIIP perspective on cloud computing services (v1.0). Tech. rep., European Network and Information Security Agency (ENISA).Google ScholarGoogle Scholar
  15. Feldman, A. J., Zeller, W. P., Freedman, M. J., and Felten, E. W. 2010. SPORC: Group collaboration using untrusted cloud resources. In Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI). 337--350. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Gafni, E. and Lamport, L. 2003. Disk Paxos. Distrib. Comput. 16, 1, 1--20. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Ghemawat, S., Gobioff, H., and Leung, S.-T. 2003. The Google file system. In Proceedings of the 19th ACM Symposium on Operating Systems Principles (SOSP). 29--43. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Gibson, G., Nagle, D., Amiri, K., Butler, J., Chang, F., Goboff, H., Hardin, C., Riedel, E., Rochberg, D., and Zelenka, J. 1998. A cost-effective, high-bandwidth storage architecture. In Proceedings of the 8th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). 92--103. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Goodson, G., Wylie, J., Ganger, G., and Reiter, M. 2004. Efficient Byzantine-tolerant erasure-coded storage. In Proceedings of the International Conference on Dependable Systems and Networks (DSN). 135--144. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Greer, M. 2010. Survivability and information assurance in the cloud. In Proceedings of the 4th Workshop on Recent Advances in Intrusion-Tolerant System (WRAITS). Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Hamilton, J. 2007. On designing and deploying Internet-scale services. In Proceedings of the 21st Large Installation System Administration Conference (LISA). 231--242. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Hanley, M., Dean, T., Schroeder, W., Houy, M., Trzeciak, R. F., and Montelibano, J. 2011. An analysis of technical observations in insider theft of intellectual property cases. Tech. note CMU/SEI-2011-TN-006, Carnegie Mellon Software Engineering Institute.Google ScholarGoogle Scholar
  23. Hendricks, J., Ganger, G., and Reiter, M. 2007. Low-overhead byzantine fault-tolerant storage. In Proceedings of the 21st ACM Symposium on Operating Systems Principles (SOSP). 73--86. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Henry, A. 2009. Cloud storage FUD (failure, uncertainty, and durability). In Proceedings of the 7th USENIX Conference on File and Storage Technologies (Keynote Address).Google ScholarGoogle Scholar
  25. Herlihy, M. and Wing, J. M. 1990. Linearizability: A correctness condition for concurrent objects. ACM Trans. Program. Lang. Syst. 12, 3, 463--492. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Herlihy, M., Lucangco, V., and Moir, M. 2003. Obstruction-free synchronization: Double-ended queues as an example. In Proceedings of the 23th IEEE Internatiomal Conference on Distributed Computing Systems (ICDCS). 522--529. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Hunt, P., Konar, M., Junqueira, F., and Reed, B. 2010. Zookeeper: Wait-free coordination for Internet-scale services. In Proceedings of the USENIX Annual Technical Conference (USENIX ATC). 145--158. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Jayanti, P., Chandra, T. D., and Toueg, S. 1998. Fault-tolerant wait-free shared objects. J. ACM 45, 3, 451--500. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Kotla, R., Avisi, L., and Dahlin, M. 2007. SafeStore: A durable and practical storage system. In Proceedings of the USENIX Annual Technical Conference (USENIX ATC). Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Krawczyk, H. 1993. Secret sharing made short. In Proceedings of the 13th International Cryptology Conference (CRYPTO). 136--146. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Lamport, L. 1986. On interprocess communication (part II). Distrib. Comput. 1, 1, 203--213.Google ScholarGoogle ScholarCross RefCross Ref
  32. Lamport, L., Shostak, R., and Pease, M. 1982. The Byzantine generals problem. ACM Trans. Program. Lang. Syst. 4, 3, 382--401. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Liskov, B. and Rodrigues, R. 2006. Tolerating Byzantine faulty clients in a quorum system. In Proceedings of the 26th IEEE International Conference on Distributed Computing Systems (ICDCS). Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Mahajan, P., Setty, S., Lee, S., Clement, A., Alvisi, L., Dahlin, M., and Walfish, M. 2011. Depot: Cloud storage with minimal trust. ACM Trans. Comput. Syst. 29, 4. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Malkhi, D. and Reiter, M. 1998a. Byzantine quorum systems. Distrib. Comput. 11, 4, 203--213. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Malkhi, D. and Reiter, M. 1998b. Secure and scalable replication in Phalanx. In Proceedings of the 17th IEEE Symposium on Reliable Distributed Systems (SRDS). 51--60. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Martin, J.-P., Alvisi, L., and Dahlin, M. 2002. Minimal Byzantine storage. In Proceedings of the 16th International Symposium on Distributed Computing (DISC). 311--325. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. May, M. 2010. Forecast calls for clouds over biological computing. Nature Med. 16, 6.Google ScholarGoogle ScholarCross RefCross Ref
  39. McCullough, J. C., Dunagan, J., Wolman, A., and Snoeren, A. C. 2010. Stout: An adaptive interface to scalable cloud storage. In Proceedings of the USENIX Annual Technical Conference (USENIX ATC). 47--60. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Metz, C. 2009. DDoS attack rains down on Amazon cloud. The Register. http://www.theregister.co.uk/2009/10/05/amazon_bitbucket_outage/.Google ScholarGoogle Scholar
  41. Mills, D. L. 1992. Network time protocol (version 3): Specification, implementation and analysis. IETF RFC 1305. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Muniswamy-Reddy, K.-K., Macko, P., and Seltzer, M. 2010. Provenance for the cloud. In Proceedings of the 8th USENIX Conference on File and Storage Technologies (FAST). 197--210. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. Naone, E. 2009. Are we safeguarding social data? Technology Review published by MIT Review, http://www.technologyreview.com/blog/editors/22924/.Google ScholarGoogle Scholar
  44. Patterson, D. A., Gibson, G., and Katz, R. H. 1988. A case for redundant arrays of inexpensive disks (RAID). In Proceedings of the 1988 ACM SIGMOD International Conference on Management of Data. 109--116. Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. Plank, J. S. 2007. Jerasure: A library in C/C++ facilitating erasure coding for storage applications. Tech. rep. CS-07-603, University of Tennessee.Google ScholarGoogle Scholar
  46. Rabin, M. 1989. Efficient dispersal of information for security, load balancing, and fault tolerance. J. ACM 36, 2, 335--348. Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. Raphael, J. 2011. The 10 worst cloud outages (and what we can learn from them). Infoworld. http://www.infoworld.com/d/cloud-computing/the-10-worst-cloud-outages-and-what-we-can-learn-them-902.Google ScholarGoogle Scholar
  48. Sarno, D. 2009. Microsoft says lost sidekick data will be restored to users. Los Angeles Times.Google ScholarGoogle Scholar
  49. Schoenmakers, B. 1999. A simple publicly verifiable secret sharing scheme and its application to electronic voting. In Proceedings of the 19th International Cryptology Conference (CRYPTO). 148--164. Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. Schwarz, T. and Miller, E. L. 2006. Store, forget, and check: Using algebraic signatures to check remotely administered storage. In Proceedings of 26th IEEE International Conference on Distributed Computing Systems (ICDCS). Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. Shamir, A. 1979. How to share a secret. Comm. ACM 22, 11, 612--613. Google ScholarGoogle ScholarDigital LibraryDigital Library
  52. Shraer, A., Cachin, C., Cidon, A., Keidar, I., Michalevsky, Y., and Shaket, D. 2010. Venus: Verification for untrusted cloud storage. In Proceedings of the ACM Cloud Computing Security Workshop (CCSW). Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. Storer, M. W., Greenan, K. M., Miller, E. L., and Voruganti, K. 2007. POTSHARDS: Secure long-term storage without encryption. In Proceedings of the USENIX Annual Technical Conference (USENIX ATC). 143--156. Google ScholarGoogle ScholarDigital LibraryDigital Library
  54. Terry, D. B., Demers, A. J., Petersen, K., Spreitzer, M. J., Theimer, M. M., and Welch, B. B. 1994. Session guarantees for weakly consistent replicated data. In Proceedings of the 3rd International Conference on Parallel and Distributed Information Systems. 140--149. Google ScholarGoogle ScholarDigital LibraryDigital Library
  55. Vogels, W. 2009. Eventually consistent. Comm. ACM 52, 1, 40--44. Google ScholarGoogle ScholarDigital LibraryDigital Library
  56. Vrable, M., Savage, S., and Voelker, G. M. 2009. Cumulus: Filesystem backup to the cloud. ACM Trans. Storage 5, 4, 1--28. Google ScholarGoogle ScholarDigital LibraryDigital Library
  57. Vrable, M., Savage, S., and Voelker, G. M. 2012. BlueSky: A cloud-backed file system for the enterprise. In Proceedings of the 10th USENIX Conference on File and Storage Technologies (FAST). Google ScholarGoogle ScholarDigital LibraryDigital Library
  58. Vukolic, M. 2010. The Byzantine empire in the intercloud. ACM SIGACT News 41, 3, 105--111. Google ScholarGoogle ScholarDigital LibraryDigital Library
  59. Weil, S. A., Brandt, S. A., Miller, E. L., Long, D. D. E., and Maltzahn, C. 2006. Ceph: A scalable, high-performance distributed file system. In Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation (OSDI). 307--320. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. DepSky

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        Get this Article

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        View Issue’s Table of Contents
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!

        To help support our community working remotely during COVID-19, we are making all work published by ACM in our Digital Library freely accessible through June 30, 2020. Learn more