This Article 
 Bibliographic References 
 Add to: 
Secure Dynamic Fragment and Replica Allocation in Large-Scale Distributed File Systems
September 2003 (vol. 14 no. 9)
pp. 885-896

Abstract—We present a distributed algorithm for file allocation that guarantees high assurance, availability, and scalability in a large distributed file system. The algorithm can use replication and fragmentation schemes to allocate the files over multiple servers. The file confidentiality and integrity are preserved, even in the presence of a successful attack that compromises a subset of the file servers. The algorithm is adaptive in the sense that it changes the file allocation as the read-write patterns and the location of the clients in the network change. We formally prove that, assuming read-write patterns are stable, the algorithm converges toward an optimal file allocation, where optimality is defined as maximizing the file assurance.

[1] R. Sandberg, D. Goldberg, S. Kleinman, D. Walsh, and B. Lyon, Design and Implementation of the Sun Network File System Proc. USENIX Summer Conf., June 1985.
[2] B. Pawlowski, C. Juszczak, P. Staubach, C. Smith, D. Lebel, and D. Hitz, NFS Version 3 Design and Implementation Proc. USENIX Summer 1994 Technical Conf., June 1994.
[3] J.H. Morris, M. Satyanarayanan, M.H. Conner, J.H. Howard, D.H.S. Rosenthal, and F.D. Smith, Andrew: A Distributed Personal Computing Environment Comm. ACM, vol. 29, no. 3, 1986.
[4] Carnegie Mellon Univ., Pa., Coda File System,http:/, 2003.
[5] J. Kubiatowicz, D. Bindel, Y. Chen, S. Czerwinski, P. Eaton, D. Geels, R. Gummadi, S. Rhea, H. Weatherspoon, W. Weimer, C. Wells, and B. Zhao, OceanStore: An Architecture for Global-Scale Persistent Storage Proc. Ninth Int'l Conf. Architectural Support for Programming Languages and Operating Systems, 2000.
[6] J.J. Wylie, M.W. Bigrigg, J.D. Strunk, G.R. Ganger, H. Kiliccote, and P.K. Khosla, Survivable Information Storage Systems Computer, vol. 33, no. 8, pp. 61-68, Aug. 2000.
[7] A. Shamir, How to Share a Secret Comm. ACM, vol. 22, no. 11, 1979.
[8] M.O. Rabin, Efficient Dispersal of Information for Security, Load Balancing, and Fault Tolerance J. ACM, vol. 36, no. 2, 1989.
[9] G. Blakley, Safeguarding Cryptographic Keys Proc. AFIPS Nat'l Computer Conf., June 1979.
[10] H. Krawczyk, Secret Sharing Made Short Advances in Cryptology, Proc. 13th Ann. Int'l Cryptology Conf., Aug. 1993.
[11] F. Dabek, M.F. Kaashoek, D. Karger, R. Morris, and I. Stoica, Wide-Area Cooperative Storage with CFS Proc. 18th ACM Symp. Operating Systems Principles, 2001.
[12] W.J. Bolosky, J.R. Douceur, D. Ely, and M. Theimer, Feasibility of a Serverless Distributed File System Deployed on an Existing Set of Desktop PCs Proc. Int'l Conf. Measurement and Modeling of Computer Systems, 2000.
[13] A.V. Goldberg and P.N. Yianilos, "Towards an Archival Intermemory," Proc. IEEE Int'l Forum on Research and Technology Advances in Digital Libraries (ADL 98), IEEE Computer Soc. Press, Los Alamitos, Calif., 1998, pp. 147-156.
[14] A. Rowstron and P. Druschel, Storage Management and Caching in Past, A Large-Scale, Persistent Peer-to-Peer Storage Utility Proc. 18th ACM Symp. Operating Systems Principles, 2001.
[15] J.J. Wylie, M. Bakkaloglu, V. Pandurangan, M.W. Bigrigg, S. Oguz, K. Tew, C. Williams, G.R. Ganger, and P.K. Khosla, Selecting the Right Data Distribution Scheme for a Survivable Storage System Technical Report CMU-CS-01-120, Carnegie Mellon Univ., May 2001.
[16] R. Motwani and P. Raghavan, Randomized Algorithms. Cambridge, UK: Cambridge Univ. Press, 1995.
[17] A.L. Peressini, F.E. Sullivan, and J.J. Uhl, The Mathematics of Nonlinear Programming. Springer Verlag, 1988.

Index Terms:
File system security, replication, fragmentation, distributed systems, peer-to-peer algorithms, assurance.
Alessandro Mei, Luigi V. Mancini, Sushil Jajodia, "Secure Dynamic Fragment and Replica Allocation in Large-Scale Distributed File Systems," IEEE Transactions on Parallel and Distributed Systems, vol. 14, no. 9, pp. 885-896, Sept. 2003, doi:10.1109/TPDS.2003.1233711
Usage of this product signifies your acceptance of the Terms of Use.