首頁(yè)> 外文學(xué)位 >Kurma: Efficient and Secure Multi-Cloud Storage Gateways for Network-Attached Storage

【24h】

Kurma: Efficient and Secure Multi-Cloud Storage Gateways for Network-Attached Storage

機(jī)譯：Kurma：用于網(wǎng)絡(luò)附加存儲(chǔ)的高效且安全的多云存儲(chǔ)網(wǎng)關(guān)

獲取原文

獲取原文并翻譯 | 示例

頁(yè)面導(dǎo)航

摘要
著錄項(xiàng)
引文網(wǎng)絡(luò)
相似文獻(xiàn)
相關(guān)主題

摘要

Cloud computing is becoming increasingly popular as utility computing is being gradually realized. Still, many organizations cannot enjoy the high accessibility, availability, flexibility, scalability, and cost-effectiveness of cloud systems because of security concerns and legacy infrastructure. A promising solution to this problem is the hybrid cloud model, which combines public clouds with private clouds and Network-Attached Storage (NAS). Many researchers tried to secure and optimize public clouds, but few studied the unique security and performance problems of such hybrid solutions.;This thesis explores hybrid cloud storage solutions that have the advantages of both public and private clouds. We focus on preserving the strong security and good performance of on- premises storage, while using public clouds for convenience, data availability, and economic data sharing. We propose Kurma, an efficient and secure gateway (middleware) system that bridges traditional NAS and cloud storage. Kurma allows legacy NAS-based programs to seamlessly and securely access cloud storage. Kurma optimizes performance by supporting and improving on the latest NFSv4.1 protocol, which contains new performance-enhancing features including compound procedures and delegations. Kurma also caches hot data in order to serve popular I/O requests from the faster, on-premises network.;On-premises Kurma gateways act as sources of trust, and overcome the security concerns caused by the opaque and multi-tenant nature of cloud storage. Kurma protects data from untrusted clouds with end-to-end integrity and confidentiality, and efficiently detects replay attacks while allowing data sharing among geo-distributed gateways. Kurma uses multiple clouds as backends for higher availability, and splits data among clouds using secret sharing for higher confidentiality. Kurma can also efficiently detect stale data caused by replay attacks or due to the eventual consistency nature of clouds.;We have thoroughly benchmarked the in-kernel NFSv4.1 implementation and improved its performance by up to 11X. Taking advantage of NFSv4.1 compound procedures, we have designed and implemented a vectorized file-system API and library (called vNFS) that can further boost NFS performance by up to two orders of magnitude. Assuming a public cloud supporting NFSv4, we have designed and implemented an early Kurma prototype (called SeMiNAS) with a performance penalty of less than 18%, while still protecting integrity and confidentiality of files.;Based on SeMiNAS, we developed Kurma which uses real public clouds including AWS S3, Azure Blob Store, Google Cloud Storage, and Rackspace Cloud Files. Kurma reliably stores files in multiple clouds with replication, erasure coding, or secret sharing to tolerate cloud failures. To share files among clients in geo-distributed offices, Kurma maintains a unified file-system namespace across geo-distributed gateways. Kurma keeps file-system metadata on-premises and encrypts data blocks before writing them to clouds. In spite of the eventual consistency of clouds, Kurma ensures data freshness using an efficient scheme that combines versioning and timestamping. Our evaluation showed that Kurma's performance is around 52--91% that of a local NFS server while providing geo-replication, confidentiality, integrity, and high availability.;Our thesis is that cloud storage can be made efficient and highly secure for traditional NAS- based systems utilizing hybrid cloud solutions such as Kurma.

機(jī)譯：隨著效用計(jì)算的逐步實(shí)現(xiàn)，云計(jì)算變得越來(lái)越流行。盡管如此，由于安全問(wèn)題和遺留基礎(chǔ)架構(gòu)，許多組織仍無(wú)法享受云系統(tǒng)的高可訪問(wèn)性，可用性，靈活性，可擴(kuò)展性和成本效益。解決此問(wèn)題的一個(gè)有希望的解決方案是混合云模型，該模型將公共云與私有云以及網(wǎng)絡(luò)附加存儲(chǔ)（NAS）相結(jié)合。許多研究人員試圖保護(hù)和優(yōu)化公共云，但很少研究這種混合解決方案的獨(dú)特安全性和性能問(wèn)題。;本文探索了具有公共云和私有云優(yōu)勢(shì)的混合云存儲(chǔ)解決方案。我們專(zhuān)注于保留內(nèi)部存儲(chǔ)的強(qiáng)大安全性和良好性能，同時(shí)使用公共云來(lái)提供便利，數(shù)據(jù)可用性和經(jīng)濟(jì)數(shù)據(jù)共享。我們建議使用Kurma，這是一種將傳統(tǒng)NAS和云存儲(chǔ)連接起來(lái)的高效安全的網(wǎng)關(guān)（中間件）系統(tǒng)。 Kurma允許基于NAS的舊程序無(wú)縫安全地訪問(wèn)云存儲(chǔ)。 Kurma通過(guò)支持和改進(jìn)最新的NFSv4.1協(xié)議來(lái)優(yōu)化性能，該協(xié)議包含新的性能增強(qiáng)功能，包括復(fù)合過(guò)程和委托。 Kurma還緩存熱數(shù)據(jù)以服務(wù)于來(lái)自更快的本地網(wǎng)絡(luò)的流行I / O請(qǐng)求;本地Kurma網(wǎng)關(guān)充當(dāng)信任源，并克服了由不透明和多租戶(hù)性質(zhì)引起的安全問(wèn)題云儲(chǔ)存。 Kurma通過(guò)端到端的完整性和機(jī)密性保護(hù)數(shù)據(jù)不受不可信任的云的影響，并有效地檢測(cè)重放攻擊，同時(shí)允許在地理分布式網(wǎng)關(guān)之間共享數(shù)據(jù)。 Kurma使用多個(gè)云作為后端來(lái)提高可用性，并使用秘密共享在云之間拆分?jǐn)?shù)據(jù)以提高機(jī)密性。 Kurma還可以有效地檢測(cè)由于重播攻擊或由于云的最終一致性而導(dǎo)致的過(guò)時(shí)數(shù)據(jù)。我們已經(jīng)對(duì)基準(zhǔn)的內(nèi)核內(nèi)NFSv4.1實(shí)施進(jìn)行了全面基準(zhǔn)測(cè)試，并將其性能提高了11倍。利用NFSv4.1復(fù)合過(guò)程，我們?cè)O(shè)計(jì)并實(shí)現(xiàn)了矢量化文件系統(tǒng)API和庫(kù)（稱(chēng)為vNFS），可以進(jìn)一步將NFS性能提高兩個(gè)數(shù)量級(jí)。假設(shè)支持NFSv4的公共云，我們?cè)O(shè)計(jì)并實(shí)現(xiàn)了一個(gè)早期的Kurma原型（稱(chēng)為SeMiNAS），其性能損失低于18％，同時(shí)仍保護(hù)文件的完整性和機(jī)密性?；赟eMiNAS，我們開(kāi)發(fā)了使用真實(shí)公共云，包括AWS S3，Azure Blob存儲(chǔ)，Google云存儲(chǔ)和Rackspace云文件。 Kurma通過(guò)復(fù)制，擦除編碼或秘密共享將文件可靠地存儲(chǔ)在多個(gè)云中，以容忍云故障。為了在地理分布辦公室的客戶(hù)端之間共享文件，Kurma在地理分布網(wǎng)關(guān)之間維護(hù)了統(tǒng)一的文件系統(tǒng)名稱(chēng)空間。 Kurma將文件系統(tǒng)元數(shù)據(jù)保留在本地，并在將數(shù)據(jù)塊寫(xiě)入云之前對(duì)其進(jìn)行加密。盡管最終會(huì)實(shí)現(xiàn)云的一致性，但Kurma使用結(jié)合了版本控制和時(shí)間戳的高效方案來(lái)確保數(shù)據(jù)的新鮮度。我們的評(píng)估表明，Kurma的性能約為本地NFS服務(wù)器的52--91％，同時(shí)提供了地理復(fù)制，機(jī)密性，完整性和高可用性。;我們的論點(diǎn)是，可以使傳統(tǒng)NAS的云存儲(chǔ)變得高效，高度安全-使用混合云解決方案（例如Kurma）的系統(tǒng)。

著錄項(xiàng)

作者
Chen, Ming.;
展開(kāi)▼
作者單位

State University of New York at Stony Brook.;

展開(kāi)▼
授予單位 State University of New York at Stony Brook.;
學(xué)科 Computer science.
學(xué)位 Ph.D.
年度 2017
頁(yè)碼 131 p.
總頁(yè)數(shù) 131
原文格式 PDF
正文語(yǔ)種 eng
中圖分類(lèi)
關(guān)鍵詞

相似文獻(xiàn)

外文文獻(xiàn)
中文文獻(xiàn)
專(zhuān)利

1. MWC: an efficient and secure multi-cloud storage approach to leverage augmentation of multi-cloud storage services on mobile devices using fog computing [J] . Bedi Rajeev Kumar, Singh Jaswinder, Gupta Sunil Kumar Journal of supercomputing . 2019,第6期

機(jī)譯：MWC：一種有效且安全的多云存儲(chǔ)方法，可利用霧計(jì)算在移動(dòng)設(shè)備上利用多云存儲(chǔ)服務(wù)的擴(kuò)展
2. MWC: an efficient and secure multi-cloud storage approach to leverage augmentation of multi-cloud storage services on mobile devices using fog computing [J] . Bedi Rajeev Kumar, Singh Jaswinder, Gupta Sunil Kumar Journal of supercomputing . 2019,第6期

機(jī)譯：MWC：一種高效和安全的多云存儲(chǔ)方法，可以利用使用霧計(jì)算在移動(dòng)設(shè)備上使用多云存儲(chǔ)服務(wù)的增強(qiáng)
3. An efficient and secure privacy preserving multi-cloud storage framework for mobile devices [J] . Rajeev Kumar Bedi, Jaswinder Singh, Sunil Kumar Gupta International Journal of Computers & Applications . 2021,第4a6期

機(jī)譯：保留移動(dòng)設(shè)備多云存儲(chǔ)框架的高效和安全隱私
4. A secured cost-effective multi-cloud storage in cloud computing [C] . Singh Yashaswi, Kandah Farah, Weiyi Zhang 2011 IEEE Conference on Computer Communications Workshops . 2011

機(jī)譯：云計(jì)算中的安全，經(jīng)濟(jì)高效的多云存儲(chǔ)
5. Achieving Secure and Efficient Access Control of Personal Health Records in a Storage Cloud [D] . Binbusayyis, Adel. 2017

機(jī)譯：在存儲(chǔ)云中實(shí)現(xiàn)對(duì)個(gè)人健康記錄的安全，高效的訪問(wèn)控制
6. On the Combination of Multi-Cloud and Network Coding for Cost-Efficient Storage in Industrial Applications [O] . Goiuri Peralta, Pablo Garrido, Josu Bilbao, 2019

機(jī)譯：多云與網(wǎng)絡(luò)編碼相結(jié)合在工業(yè)應(yīng)用中實(shí)現(xiàn)經(jīng)濟(jì)高效的存儲(chǔ)
7. A Secured and Efficient Privacy Preserving Cloud Storage and Fog Storage Schema with Privacy [O] . 2020

機(jī)譯：保留云存儲(chǔ)和霧存儲(chǔ)模式的安全和高效隱私，具有隱私

国产bbaaaaa片,成年美女黄网站色视频免费,成年黄大片,а天堂中文最新一区二区三区,成人精品视频一区二区三区尤物

Kurma: Efficient and Secure Multi-Cloud Storage Gateways for Network-Attached Storage

摘要

著錄項(xiàng)

引文網(wǎng)絡(luò)

相似文獻(xiàn)

相關(guān)主題

期刊訂閱