This Article 
 Bibliographic References 
 Add to: 
Responsive Security for Stored Data
September 2003 (vol. 14 no. 9)
pp. 818-828

Abstract—We present the design of a distributed store that offers various levels of security guarantees while tolerating a limited number of nodes that are compromised by an adversary. The store uses secret sharing schemes to offer security guarantees, namely, availability, confidentiality, and integrity. However, a pure secret sharing scheme could suffer from performance problems and high access costs. We integrate secret sharing with replication for better performance and to keep access costs low. The trade offs involved between availability and access cost on one hand and confidentiality and integrity on the other are analyzed. Our system differs from traditional approaches such as state machine or quorum-based replication that have been developed to tolerate Byzantine failures. Unlike such systems, we augment replication with secret sharing and offer weaker consistency guarantees. We demonstrate that such a hybrid scheme offers additional flexibility that is not possible with replication alone.

[1] The Aware Home Research Initiative,ftp.cs.utexas.edu fceahri/, 2000.
[2] D. Malkhi and M. Reiter, Secure and Scalable Replication in Phalanx Proc. 17th IEEE Symp. Reliable Distributed Systems, Oct. 1998.
[3] A. Shamir, How to Share a Secret Comm. ACM, vol. 22, pp. 612-613, 1979.
[4] L. Lamport, R. Shostak, and M. Pease, The Byzantine Generals Problem ACM Trans. Programming Languages and Systems, vol. 4, no. 3, 1982.
[5] A. Herzberg, S. Jarecki, H. Krawczyk, and M. Yung, Proactive Secret Sharing Advances in Cryptology, Crypto '95, D. Coppersmith, ed., 1995.
[6] F. Schneider, Implementing Fault-Tolerant Services Using the State Machine Approach: A Tutorial ACM Computing Surveys, vol. 22, no. 4, Dec. 1990.
[7] M. Castro and B. Liskov, Practical Byzantine Fault Tolerance Proc. Third Symp. Operating Systems Design and Implementation, Feb. 1999.
[8] D. Malkhi, M.K. Reiter, D. Tulone, and E. Ziskind, Persistent Objects in the Fleet System Proc. Second DARPA Information Survivability Conf. and Exposition (DISCEX II), 2001.
[9] L. Alvisi, D. Malkhi, E. Pierce, M. Reiter, and R. Wright, Dynamic Byzantine Quorum Systems Proc. Int'l Conf. Dependable Systems and Networks, June 2000.
[10] G. Blakley, Safeguarding Cryptographic Keys Proc. Nat'l Computer Conf., pp. 313-317, 1979.
[11] M. Rabin, Efficient Dispersal of Information for Security, Load Balancing and Fault Tolerance J. ACM, vol. 36, no. 2, pp. 335-348, 1989.
[12] M. Tompa and H. Woll, How to Share a Secret with Cheaters J. Cryptology, Feb. 1988.
[13] A. De Santis and B. Masucci, Multiple Ramp Schemes IEEE Trans. Information Theory, pp. 1720-1728, July 1999.
[14] P. Feldman, A Practical Scheme for Non-Interactive Verifiable Secret Sharing Proc. 28th IEEE Symp. Foundations of Computer Science, pp. 427-437, 1987.
[15] T.P. Pederson, Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing Proc. Crypto, pp. 129-140, 1991.
[16] J.J. Wylie, M.W. Bigrigg, J.D. Strunk, G.R. Ganger, H. Kiliccote, and P.K. Khosla, Survivable Information Storage Systems Computer, vol. 33, no. 8, pp. 61-68, Aug. 2000.
[17] A. Demers, D. Greene, C. Hauser, W. Irish, J. Larson, S. Shenker, H. Sturgis, D. Swinehart, and D. Terry, Epidemic Algorithms for Replicated Database Maintenance Proc. Sixth Symp. Principles of Distributed Computing, pp. 1-12, 1987.
[18] D. Malkhi, Y. Mansour, and M. Reiter, On Diffusing Updates in a Byzantine Environment Proc. 18th IEEE Symp. Reliable Distributed Systems, 1999.
[19] D. Malkhi, E. Pavlov, and Y. Sella, Optimal Unconditional Information Diffusion Proc. 15th Int'l Symp. Distributed Computing, pp. 63-77, 2001.
[20] Y. Minsky and F. Schneider, Tolerating Malicious Gossip Technical Report, Cornell Computer Science TR2001-1853, 2001.
[21] J.M. Fray, Y. Deswarte, and D. Powell, Intrusion-Tolerance Using Fine-Grain Fragmentation-Scattering Proc. IEEE Symp. Security and Privacy, Apr. 1986.
[22] S. Lakshmanan, M. Ahamad, and H. Venkateswaran, A Secure and Highly Available Distributed Store for Meeting Diverse Data Storage Needs Proc. Int'l Conf. Dependable Systems and Networks, July 2001.
[23] M.P. Herlihy and J.D. Tygar, How to Make Replicated Data Secure Proc. Crypto, 1987.
[24] H. Krawczyk, Secret Sharing Made Short Advances in Cryptology CRYPTO, pp. 136-146, 1994.
[25] H. Krawczyk, Distributed Fingerprints and Secure Information Dispersal Proc. 12th ACM Symp. Principles on Distributed Computing, 1993.
[26] M. Naor and A. Wool, Access Control and Signatures via Quorum Secret Sharing IEEE Trans. Parallel and Distributed Systems, vol. 9, no. 9, Sept. 1998.
[27] L. Lamport, On Interprocess Communication Distributed Computing, vol. 1, pp. 77-101, 1986.
[28] L. Lamport, How to Make a Multiprocessor Computer that Correctly Executes Multiprocessor Programs IEEE Trans. Computers, vol. 28, no. 9, pp. 690-691, Sept. 1979.
[29] M. Herlihy and J. Wing, Linearizability: A Correctness Condition for Concurrent Objects ACM Trans. Programming Languages, vol. 12, no. 3, July 1992.
[30] M. Ahamad, G. Neiger, J. Burns, P. Hutto, and P. Kohli, Causal Memory: Definitions, Implementations and Programming Distributed Computing J., Aug. 1995.
[31] D. Terry, A. Demers, K. Petersen, M. Spreitzer, M. Theimer, and B. Welch, Session Guarantees for Weakly Consistent Replicated Data Proc. Int'l Conf. Parallel and Distributed Information Systems, pp. 140-149, Sept. 1994.
[32] H. Yu and A. Vahdat, Design and Evaluation of a Continuous Consistency Model for Replicated Services Proc. Conf. Operating Systems Design and Implementation, Oct. 2000.
[33] G. Goodson, J. Wylie, G. Ganger, and M. Reiter, Decentralized Storage Consistency via Versioning Servers Carnegie Mellon Univ. Technical Report CMU-CS-02-180, Sept. 2002.

Index Terms:
Security, Byzantine fault tolerance, replication, secret sharing, availability, confidentiality, data integrity, distributed storage service.
Subramanian Lakshmanan, Mustaque Ahamad, H. Venkateswaran, "Responsive Security for Stored Data," IEEE Transactions on Parallel and Distributed Systems, vol. 14, no. 9, pp. 818-828, Sept. 2003, doi:10.1109/TPDS.2003.1233705
Usage of this product signifies your acceptance of the Terms of Use.