TY - GEN
T1 - Disk-enabled authenticated encryption
AU - Butler, Kevin
AU - McLaughlin, Stephen
AU - McDaniel, Patrick
PY - 2010
Y1 - 2010
N2 - Storage is increasingly becoming a vector for data compromise. Solutions for protecting on-disk data confidentiality and integrity to date have been limited in their effectiveness. Providing authenticated encryption, or simultaneous encryption with integrity information, is important to protect data at rest. In this paper, we propose that disks augmented with non-volatile storage (e.g., hybrid hard disks) and cryptographic processors (e.g., FDE drives) may provide a solution for authenticated encryption, storing security metadata within the drive itself to eliminate dependences on other parts of the system. We augment the DiskSim simulator with a flash simulator to evaluate the costs associated with managing operational overheads. These experiments show that proper tuning of system parameters can eliminate many of the costs associated with managing security metadata, with less than a 2% decrease in IOPS versus regular disks.
AB - Storage is increasingly becoming a vector for data compromise. Solutions for protecting on-disk data confidentiality and integrity to date have been limited in their effectiveness. Providing authenticated encryption, or simultaneous encryption with integrity information, is important to protect data at rest. In this paper, we propose that disks augmented with non-volatile storage (e.g., hybrid hard disks) and cryptographic processors (e.g., FDE drives) may provide a solution for authenticated encryption, storing security metadata within the drive itself to eliminate dependences on other parts of the system. We augment the DiskSim simulator with a flash simulator to evaluate the costs associated with managing operational overheads. These experiments show that proper tuning of system parameters can eliminate many of the costs associated with managing security metadata, with less than a 2% decrease in IOPS versus regular disks.
UR - http://www.scopus.com/inward/record.url?scp=77957842959&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=77957842959&partnerID=8YFLogxK
U2 - 10.1109/MSST.2010.5496979
DO - 10.1109/MSST.2010.5496979
M3 - Conference contribution
AN - SCOPUS:77957842959
SN - 9781424471539
T3 - 2010 IEEE 26th Symposium on Mass Storage Systems and Technologies, MSST2010
BT - 2010 IEEE 26th Symposium on Mass Storage Systems and Technologies, MSST2010
PB - IEEE Computer Society
T2 - 2010 IEEE 26th Symposium on Mass Storage Systems and Technologies, MSST 2010
Y2 - 6 May 2010 through 7 May 2010
ER -