Disk-enabled authenticated encryption

Kevin Butler, Stephen McLaughlin, Patrick McDaniel

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Storage is increasingly becoming a vector for data compromise. Solutions for protecting on-disk data confidentiality and integrity to date have been limited in their effectiveness. Providing authenticated encryption, or simultaneous encryption with integrity information, is important to protect data at rest. In this paper, we propose that disks augmented with non-volatile storage (e.g., hybrid hard disks) and cryptographic processors (e.g., FDE drives) may provide a solution for authenticated encryption, storing security metadata within the drive itself to eliminate dependences on other parts of the system. We augment the DiskSim simulator with a flash simulator to evaluate the costs associated with managing operational overheads. These experiments show that proper tuning of system parameters can eliminate many of the costs associated with managing security metadata, with less than a 2% decrease in IOPS versus regular disks.

Original languageEnglish (US)
Title of host publication2010 IEEE 26th Symposium on Mass Storage Systems and Technologies, MSST2010
PublisherIEEE Computer Society
ISBN (Print)9781424471539
DOIs
StatePublished - 2010
Event2010 IEEE 26th Symposium on Mass Storage Systems and Technologies, MSST 2010 - Lake Tahoe, NV, United States
Duration: May 6 2010May 7 2010

Publication series

Name2010 IEEE 26th Symposium on Mass Storage Systems and Technologies, MSST2010

Other

Other2010 IEEE 26th Symposium on Mass Storage Systems and Technologies, MSST 2010
Country/TerritoryUnited States
CityLake Tahoe, NV
Period5/6/105/7/10

All Science Journal Classification (ASJC) codes

  • Hardware and Architecture
  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'Disk-enabled authenticated encryption'. Together they form a unique fingerprint.

Cite this