6,280 research outputs found
Secure RAID Schemes for Distributed Storage
We propose secure RAID, i.e., low-complexity schemes to store information in a distributed manner that is resilient to node failures and resistant to node eavesdropping. We generalize the concept of systematic encoding to secure RAID and show that systematic schemes have significant advantages in the efficiencies of encoding, decoding and random access. For the practical high rate regime, we construct three XOR-based systematic secure RAID schemes with optimal or almost optimal encoding and
decoding complexities, from the EVENODD codes and B codes, which are array codes widely used in the RAID architecture. The schemes can tolerate up to two node failures and two eavesdropping nodes. For more general parameters we construct systematic secure RAID schemes from Reed-Solomon codes, and show that they are significantly more efficient than Shamir’s secret sharing scheme. Our results suggest that building “keyless”, information-theoretic security into the RAID architecture is practical
Generic Secure Repair for Distributed Storage
This paper studies the problem of repairing secret sharing schemes, i.e.,
schemes that encode a message into shares, assigned to nodes, so that
any nodes can decode the message but any colluding nodes cannot infer
any information about the message. In the event of node failures so that shares
held by the failed nodes are lost, the system needs to be repaired by
reconstructing and reassigning the lost shares to the failed (or replacement)
nodes. This can be achieved trivially by a trustworthy third-party that
receives the shares of the available nodes, recompute and reassign the lost
shares. The interesting question, studied in the paper, is how to repair
without a trustworthy third-party. The main issue that arises is repair
security: how to maintain the requirement that any colluding nodes,
including the failed nodes, cannot learn any information about the message,
during and after the repair process? We solve this secure repair problem from
the perspective of secure multi-party computation. Specifically, we design
generic repair schemes that can securely repair any (scalar or vector) linear
secret sharing schemes. We prove a lower bound on the repair bandwidth of
secure repair schemes and show that the proposed secure repair schemes achieve
the optimal repair bandwidth up to a small constant factor when dominates
, or when the secret sharing scheme being repaired has optimal rate. We
adopt a formal information-theoretic approach in our analysis and bounds. A
main idea in our schemes is to allow a more flexible repair model than the
straightforward one-round repair model implicitly assumed by existing secure
regenerating codes. Particularly, the proposed secure repair schemes are simple
and efficient two-round protocols
Alpha Entanglement Codes: Practical Erasure Codes to Archive Data in Unreliable Environments
Data centres that use consumer-grade disks drives and distributed
peer-to-peer systems are unreliable environments to archive data without enough
redundancy. Most redundancy schemes are not completely effective for providing
high availability, durability and integrity in the long-term. We propose alpha
entanglement codes, a mechanism that creates a virtual layer of highly
interconnected storage devices to propagate redundant information across a
large scale storage system. Our motivation is to design flexible and practical
erasure codes with high fault-tolerance to improve data durability and
availability even in catastrophic scenarios. By flexible and practical, we mean
code settings that can be adapted to future requirements and practical
implementations with reasonable trade-offs between security, resource usage and
performance. The codes have three parameters. Alpha increases storage overhead
linearly but increases the possible paths to recover data exponentially. Two
other parameters increase fault-tolerance even further without the need of
additional storage. As a result, an entangled storage system can provide high
availability, durability and offer additional integrity: it is more difficult
to modify data undetectably. We evaluate how several redundancy schemes perform
in unreliable environments and show that alpha entanglement codes are flexible
and practical codes. Remarkably, they excel at code locality, hence, they
reduce repair costs and become less dependent on storage locations with poor
availability. Our solution outperforms Reed-Solomon codes in many disaster
recovery scenarios.Comment: The publication has 12 pages and 13 figures. This work was partially
supported by Swiss National Science Foundation SNSF Doc.Mobility 162014, 2018
48th Annual IEEE/IFIP International Conference on Dependable Systems and
Networks (DSN
A Repair Framework for Scalar MDS Codes
Several works have developed vector-linear maximum-distance separable (MDS)
storage codes that min- imize the total communication cost required to repair a
single coded symbol after an erasure, referred to as repair bandwidth (BW).
Vector codes allow communicating fewer sub-symbols per node, instead of the
entire content. This allows non trivial savings in repair BW. In sharp
contrast, classic codes, like Reed- Solomon (RS), used in current storage
systems, are deemed to suffer from naive repair, i.e. downloading the entire
stored message to repair one failed node. This mainly happens because they are
scalar-linear. In this work, we present a simple framework that treats scalar
codes as vector-linear. In some cases, this allows significant savings in
repair BW. We show that vectorized scalar codes exhibit properties that
simplify the design of repair schemes. Our framework can be seen as a finite
field analogue of real interference alignment. Using our simplified framework,
we design a scheme that we call clique-repair which provably identifies the
best linear repair strategy for any scalar 2-parity MDS code, under some
conditions on the sub-field chosen for vectorization. We specify optimal repair
schemes for specific (5,3)- and (6,4)-Reed- Solomon (RS) codes. Further, we
present a repair strategy for the RS code currently deployed in the Facebook
Analytics Hadoop cluster that leads to 20% of repair BW savings over naive
repair which is the repair scheme currently used for this code.Comment: 10 Pages; accepted to IEEE JSAC -Distributed Storage 201
- …