56 research outputs found

    Tahoe – The Least-Authority Filesystem

    Get PDF
    Tahoe is a system for secure, distributed storage. It uses capabilities for access control, cryptography for confidentiality and integrity, and erasure coding for fault-tolerance. It has been deployed in a commercial backup service and is currently operational. The implementation is Open Source

    Performance evaluation of a distributed storage service in community network clouds

    Get PDF
    Community networks are self-organized and decentralized communication networks built and operated by citizens, for citizens. The consolidation of today's cloud technologies offers now, for community networks, the possibility to collectively develop community clouds, building upon user-provided networks and extending toward cloud services. Cloud storage, and in particular secure and reliable cloud storage, could become a key community cloud service to enable end-user applications. In this paper, we evaluate in a real deployment the performance of Tahoe least-authority file system (Tahoe-LAFS), a decentralized storage system with provider-independent security that guarantees privacy to the users. We evaluate how the Tahoe-LAFS storage system performs when it is deployed over distributed community cloud nodes in a real community network such as Guifi.net. Furthermore, we evaluate Tahoe-LAFS in the Microsoft Azure commercial cloud platform, to compare and understand the impact of homogeneous network and hardware resources on the performance of the Tahoe-LAFS. We observed that the write operation of Tahoe-LAFS resulted in similar performance when using either the community network cloud or the commercial cloud. However, the read operation achieved better performance in the Azure cloud, where the reading from multiple nodes of Tahoe-LAFS benefited from the homogeneity of the network and nodes. Our results suggest that Tahoe-LAFS can run on community network clouds with suitable performance for the needed end-user experience.Peer ReviewedPreprin

    IPFS as a foundation for anonymous file storage

    Get PDF
    The intention of the work is to evaluate IPFS as a technology, and place it within the contextbof the state of the art in terms of distributed systems. Once this is done, evaluate the design of a file storage service, but relying on the decentralization capabilities offered by IPFS,badding anonymity capabilities for users and their data.La intenció del treball és avaluar IPFS com a tecnologia, i situar-lo dins del context de l'estat de l'art quant a sistemes distribuïts. Un cop fet això, plantejar el disseny d'un servei d'emmagatzematge de fitxers, però que es recolzi en les capacitats de descentralització que ofereix IPFS, afegint capacitats d'anonimat per als usuaris i les seves dades.La intención del trabajo es evaluar IPFS como tecnología, y situarlo dentro del contexto del estado del arte en cuanto a sistemas distribuidos. Una vez hecha esto, plantear el diseño de un servicio de almacenamiento de ficheros, pero que se apoye en las capacidades de descentralización que ofrece IPFS, añadiendo capacidades de anonimato para los usuarios y sus datos

    The state of peer-to-peer network simulators

    Get PDF
    Networking research often relies on simulation in order to test and evaluate new ideas. An important requirement of this process is that results must be reproducible so that other researchers can replicate, validate and extend existing work. We look at the landscape of simulators for research in peer-to-peer (P2P) networks by conducting a survey of a combined total of over 280 papers from before and after 2007 (the year of the last survey in this area), and comment on the large quantity of research using bespoke, closed-source simulators. We propose a set of criteria that P2P simulators should meet, and poll the P2P research community for their agreement. We aim to drive the community towards performing their experiments on simulators that allow for others to validate their results

    From online social network analysis to a user-centric private sharing system

    Get PDF
    Online social networks (OSNs) have become a massive repository of data constructed from individuals’ inputs: posts, photos, feedbacks, locations, etc. By analyzing such data, meaningful knowledge is generated that can affect individuals’ beliefs, desires, happiness and choices—a data circulation started from individuals and ended in individuals! The OSN owners, as the one authority having full control over the stored data, make the data available for research, advertisement and other purposes. However, the individuals are missed in this circle while they generate the data and shape the OSN structure. In this thesis, we started by introducing approximation algorithms for finding the most influential individuals in a social graph and modeling the spread of information. To do so, we considered the communities of individuals that are shaped in a social graph. The social graph is extracted from the data stored and controlled centrally, which can cause privacy breaches and lead to individuals’ concerns. Therefore, we introduced UPSS: the user-centric private sharing system, in which the individuals are considered as the real data owners and provides secure and private data sharing on untrusted servers. The UPSS’s public API allows the application developers to implement applications as diverse as OSNs, document redaction systems with integrity properties, censorship-resistant systems, health care auditing systems, distributed version control systems with flexible access controls and a filesystem in userspace. Accessing users’ data is possible only with explicit user consent. We implemented the two later cases to show the applicability of UPSS. Supporting different storage models by UPSS enables us to have a local, remote and global filesystem in userspace with one unique core filesystem implementation and having it mounted with different block stores. By designing and implementing UPSS, we show that security and privacy can be addressed at the same time in the systems that need selective, secure and collaborative information sharing without requiring complete trust

    P2CP: A New Cloud Storage Model to Enhance Performance of Cloud Services

    Get PDF
    This paper presents a storage model named Peer to Cloud and Peer (P2CP). Assuming that the P2CP model follows the Poisson process or Little’s law, we prove that the speed and availability of P2CP is generally better than that of the pure Peer to Peer (P2P) model, the Peer to Server, Peer (P2SP) model or the cloud model. A key feature of our P2CP is that it has three data transmission tunnels: the cloud-user data transmission tunnel, the clients’ data transmission tunnel, and the common data transmission tunnel. P2CP uses the cloud storage system as a common storage system. When data transmission occurs, the data nodes, cloud user, and the non-cloud user are all together involved to complete the transaction

    Improving Performance of Primary System Storage using Data Deduplication

    Get PDF
    With the insecure improvement of mechanized data, de-duplication techniques are by and large used to fortification data and limit framework and limit overhead by perceiving and taking out overabundance among data. Instead of keeping different data copies with a similar substance, de-duplication takes out dull data by keeping emerge physical copy and suggesting different abundance data to that copy. De-duplication has become much thought from both the insightful world and industry in light of the way that it can altogether upgrades stockpiling use and extra storage space, especially for the applications with high de-duplication extent, for instance, recorded limit systems. Different de-duplication structures have been proposed considering distinctive de-duplication strategies, for instance, client side or server-side de-duplications, record level or square level de-duplications. Especially, with the approach of conveyed stockpiling, data de-duplication frameworks end up being all the more appealing and segregating for the organization of continually growing volumes of data in dispersed stockpiling organizations which motivates attempts and relationship to outsource data stockpiling

    Taming tail latency for erasure-coded, distributed storage systems

    Get PDF
    Nowadays, in distributed storage systems, long tails of responsible time are of particular concern. Modern large companies like Bing, Facebook and Amazon Web Service show that 99.9th percentile response times being orders of magnitude worse than the mean. With the advantages of maintaining high data reliability and ensur- ing enough space eciency, erasure code has become a popular storage method in distributed storage systems. However, due to the lack of mathematical models for analyzing erasure-coded based distributed storage systems, taming tail latency is still an open problem. In this research, we quantify tail latency in such systems by deriving a closed upper bounds on tail latency for general service time distribution and heterogeneous files. Later we specified service time to shifted exponentially distributed. Based on this model, we developed an optimization problem to minimize weighted tail latency probability of deriving all files. We propose an alternating minimization algorithm for this problem. Our simulation results have shown significant reduction on tail latency of erasure-coded distributed storage systems with realistic environment workload

    Privacy engineering for social networks

    Get PDF
    In this dissertation, I enumerate several privacy problems in online social networks (OSNs) and describe a system called Footlights that addresses them. Footlights is a platform for distributed social applications that allows users to control the sharing of private information. It is designed to compete with the performance of today's centralised OSNs, but it does not trust centralised infrastructure to enforce security properties. Based on several socio-technical scenarios, I extract concrete technical problems to be solved and show how the existing research literature does not solve them. Addressing these problems fully would fundamentally change users' interactions with OSNs, providing real control over online sharing. I also demonstrate that today's OSNs do not provide this control: both user data and the social graph are vulnerable to practical privacy attacks. Footlights' storage substrate provides private, scalable, sharable storage using untrusted servers. Under realistic assumptions, the direct cost of operating this storage system is less than one US dollar per user-year. It is the foundation for a practical shared filesystem, a perfectly unobservable communications channel and a distributed application platform. The Footlights application platform allows third-party developers to write social applications without direct access to users' private data. Applications run in a confined environment with a private-by-default security model: applications can only access user information with explicit user consent. I demonstrate that practical applications can be written on this platform. The security of Footlights user data is based on public-key cryptography, but users are able to log in to the system without carrying a private key on a hardware token. Instead, users authenticate to a set of authentication agents using a weak secret such as a user-chosen password or randomly-assigned 4-digit number. The protocol is designed to be secure even in the face of malicious authentication agents.This work was supported by the Rothermere Foundation and the Natural Sciences and Engineering Research Council of Canada (NSERC)
    corecore