Technological trend and the advent of worldwide networks, such as the Internet, made computing systems more and more powerful, increasing both processing and storage capabilities. In Grid computing infrastructures, the data storage subsystem is physically distributed among several nodes and logically shared among several users. This highlights the necessity of a) availability for authorized users only, b) confidentiality, and c) integrity of information and data: in one term security. In this work we face the problem of data security in Grid, by proposing a lightweight cryptography algorithm combining the strong and highly secure asymmetric cryptography technique (RSA) with the symmetric cryptography (AES). The proposed algorithm, we named Grid secure storage system (GS(3)), has been implemented on top of the Grid file access library (GFAL) of the gLite middleware, in order to provide a file system service with cryptography capability and POSIX interface. The choice of implementing GS(3) as a file system, the GS3FS, allows to protect the file system structure also, and to overcome the well-known problem of file rewriting in gLite/GFAL environments. In the specification of the GS3FS, particular care is addressed on providing a usable user interface and on implementing a file system that has low impact on the middleware. The final result is the introduction of a new storage Grid service into the gLite middleware, whose overall characteristics are never offered before, at the best of authors' knowledge. The paper describes and details both the GS(3) algorithm and its implementation; the performance of such implementation are evaluated discussing the obtained results and possible application scenarios in order to demonstrate its effectiveness and usefulness.
GS3: a Grid Storage System with Security Features
DISTEFANO, SALVATORE;PULIAFITO, Antonio;SCARPA, Marco Lucio
2010-01-01
Abstract
Technological trend and the advent of worldwide networks, such as the Internet, made computing systems more and more powerful, increasing both processing and storage capabilities. In Grid computing infrastructures, the data storage subsystem is physically distributed among several nodes and logically shared among several users. This highlights the necessity of a) availability for authorized users only, b) confidentiality, and c) integrity of information and data: in one term security. In this work we face the problem of data security in Grid, by proposing a lightweight cryptography algorithm combining the strong and highly secure asymmetric cryptography technique (RSA) with the symmetric cryptography (AES). The proposed algorithm, we named Grid secure storage system (GS(3)), has been implemented on top of the Grid file access library (GFAL) of the gLite middleware, in order to provide a file system service with cryptography capability and POSIX interface. The choice of implementing GS(3) as a file system, the GS3FS, allows to protect the file system structure also, and to overcome the well-known problem of file rewriting in gLite/GFAL environments. In the specification of the GS3FS, particular care is addressed on providing a usable user interface and on implementing a file system that has low impact on the middleware. The final result is the introduction of a new storage Grid service into the gLite middleware, whose overall characteristics are never offered before, at the best of authors' knowledge. The paper describes and details both the GS(3) algorithm and its implementation; the performance of such implementation are evaluated discussing the obtained results and possible application scenarios in order to demonstrate its effectiveness and usefulness.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.