TY - GEN
T1 - Strong WORM
AU - Sion, Radu
PY - 2008
Y1 - 2008
N2 - We introduce a Write-Once Read-Many (WORM) storage system providing strong assurances of data retention and compliant migration, by leveraging trusted secure hardware in close data proximity. This is important because existing compliance storage products and research prototypes are fundamentally vulnerable to faulty or malicious behavior, as they rely on simple enforcement primitives illsuited for their threat model. This is hard because tamperproof processing elements are significantly constrained in both computation ability and memory capacity - as heat dissipation concerns under tamper-resistant requirements limit their maximum allowable spatial gate-density. We achieve efficiency by (i) ensuring the secure hardware is accessed sparsely, minimizing the associated overhead for expected transaction loads, and (ii) using adaptive overheadamortized constructs to enforce WORM semantics at the throughput rate of the storage servers ordinary processors during burst periods. With a single secure co-processor, on single-CPU commodity x86 hardware, our architecture can support over 2500 transactions per second.
AB - We introduce a Write-Once Read-Many (WORM) storage system providing strong assurances of data retention and compliant migration, by leveraging trusted secure hardware in close data proximity. This is important because existing compliance storage products and research prototypes are fundamentally vulnerable to faulty or malicious behavior, as they rely on simple enforcement primitives illsuited for their threat model. This is hard because tamperproof processing elements are significantly constrained in both computation ability and memory capacity - as heat dissipation concerns under tamper-resistant requirements limit their maximum allowable spatial gate-density. We achieve efficiency by (i) ensuring the secure hardware is accessed sparsely, minimizing the associated overhead for expected transaction loads, and (ii) using adaptive overheadamortized constructs to enforce WORM semantics at the throughput rate of the storage servers ordinary processors during burst periods. With a single secure co-processor, on single-CPU commodity x86 hardware, our architecture can support over 2500 transactions per second.
UR - https://www.scopus.com/pages/publications/51849136379
U2 - 10.1109/ICDCS.2008.20
DO - 10.1109/ICDCS.2008.20
M3 - Conference contribution
AN - SCOPUS:51849136379
SN - 9780769531724
T3 - Proceedings - The 28th International Conference on Distributed Computing Systems, ICDCS 2008
SP - 69
EP - 76
BT - Proceedings - The 28th International Conference on Distributed Computing Systems, ICDCS 2008
T2 - 28th International Conference on Distributed Computing Systems, ICDCS 2008
Y2 - 17 July 2008 through 20 July 2008
ER -