Securing disk-resident data through application level encryption

Ramya Prabhakar, Seung Woo Son, Christina Patrick, Sri Hari Krishna Narayanan, Mahmut Kandemir

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Scopus citations

Abstract

Confidentiality of disk-resident data is critical for end-to-end security of storage systems. While there are several widely used mechanisms for ensuring confidentiality of data in transit, techniques for providing confidentiality when data is stored in a disk subsystem are relatively new. As opposed to prior file system based approaches to this problem, this paper proposes an application-level solution, which allows encryption of select data blocks. We make three major contributions: 1) quantifying the tradeoffs between confidentiality and performance; 2) evaluating a reuse distance oriented approach for selective encryption of disk-resident data; and 3) proposing a profile-guided approach that approximates the behavior of the reuse distance oriented approach. The experiments with five applications that manipulate disk-resident data sets clearly show that our approach enables us to study the confidentiality/performance tradeoffs. Using our approach it is possible to reduce the performance degradation due to encryption/decryption overheads on an average by 46.5%, when DES is used as the encryption mechanism, and the same by 30.63%, when AES is used as the encryption mechanism.

Original languageEnglish (US)
Title of host publicationProceedings - CIS Workshops 2007, 2007 International Conference on Computational Intelligence and Security Workshops, CISW 2007
Pages46-57
Number of pages12
DOIs
StatePublished - 2007
Event4th International IEEE Security in Storage Workshop, SISW 2007 - San Diego, CA, United States
Duration: Sep 27 2007Sep 27 2007

Publication series

NameProceedings - SISW 2007: 4th International IEEE Security in Storage Workshop

Other

Other4th International IEEE Security in Storage Workshop, SISW 2007
Country/TerritoryUnited States
CitySan Diego, CA
Period9/27/079/27/07

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Communication
  • Control and Systems Engineering

Fingerprint

Dive into the research topics of 'Securing disk-resident data through application level encryption'. Together they form a unique fingerprint.

Cite this