Self-Securing Storage: Protecting Data in Compromised Systems

O
OASIS
2003
Foundations of Intrusion Tolerant Systems (OASIS'03)
Abstract - Self-Securing Storage: Protecting Data in Compromised Systems

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by John D. Strunk Articles by Garth R. Goodson Articles by Michael L. Scheinholtz Articles by Craig A.N. Soules Articles by Gregory R. Ganger

Foundations of Intrusion Tolerant Systems (OASIS'03)

December 02-December 02

ISBN: 0-7695-2057-X

	ASCII Text	x
	John D. Strunk, Garth R. Goodson, Michael L. Scheinholtz, Craig A.N. Soules, Gregory R. Ganger, "Self-Securing Storage: Protecting Data in Compromised Systems," Foundations of Intrusion Tolerant Systems, pp. 195, Foundations of Intrusion Tolerant Systems (OASIS'03), 2003.

	BibTex	x
	@article{ 10.1109/FITS.2003.1264933, author = {John D. Strunk and Garth R. Goodson and Michael L. Scheinholtz and Craig A.N. Soules and Gregory R. Ganger}, title = {Self-Securing Storage: Protecting Data in Compromised Systems}, journal ={Foundations of Intrusion Tolerant Systems}, volume = {0}, year = {2003}, isbn = {0-7695-2057-X}, pages = {195}, doi = {http://doi.ieeecomputersociety.org/10.1109/FITS.2003.1264933}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Foundations of Intrusion Tolerant Systems TI - Self-Securing Storage: Protecting Data in Compromised Systems SN - 0-7695-2057-X SP EP A1 - John D. Strunk, A1 - Garth R. Goodson, A1 - Michael L. Scheinholtz, A1 - Craig A.N. Soules, A1 - Gregory R. Ganger, PY - 2003 KW - null VL - 0 JA - Foundations of Intrusion Tolerant Systems ER -

John D. Strunk, Carnegie Mellon University

Garth R. Goodson, Carnegie Mellon University

Michael L. Scheinholtz, Carnegie Mellon University

Craig A.N. Soules, Carnegie Mellon University

Gregory R. Ganger, Carnegie Mellon University

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/FITS.2003.1264933

Self-securing storage prevents intruders from undetectably tampering with or permanently deleting stored data. To accomplish this, self-securing storage devices internally audit all requests and keep old versions of data for a window of time, regardless of the commands received from potentially compromised host operating systems. Within the window, system administrators have this valuable information for intrusion diagnosis and recovery. Our implementation, called S4, combines log-structuring with journal-based metadata to minimize the performance costs of comprehensive versioning. Experiments show that self-securing storage devices can deliver performance that is comparable with conventional storage systems. In addition, analyses indicate that several weeks worth of all versions can reasonably be kept on state-of-the-art disks, especially when differencing and compression technologies are employed.

Citation:

John D. Strunk, Garth R. Goodson, Michael L. Scheinholtz, Craig A.N. Soules, Gregory R. Ganger, "Self-Securing Storage: Protecting Data in Compromised Systems," oasis, pp.195, Foundations of Intrusion Tolerant Systems (OASIS'03), 2003

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.