By Topic

Third IEEE International Security in Storage Workshop (SISW'05)

Date 13-13 Dec. 2005

Filter Results

Displaying Results 1 - 18 of 18
  • Proceedings. Third International IEEE Security in Storage Workshop

    Publication Year: 2005, Page(s): c1
    Request permission for commercial reuse | PDF file iconPDF (46 KB)
    Freely Available from IEEE
  • Third IEEE International Security in Storage Workshop - Title

    Publication Year: 2005, Page(s):i - iii
    Request permission for commercial reuse | PDF file iconPDF (36 KB)
    Freely Available from IEEE
  • Third IEEE International Security in Storage Workshop - Copyright

    Publication Year: 2005, Page(s): iv
    Request permission for commercial reuse | PDF file iconPDF (25 KB)
    Freely Available from IEEE
  • Third IEEE International Security in Storage Workshop - TOC

    Publication Year: 2005, Page(s): v
    Request permission for commercial reuse | PDF file iconPDF (14 KB)
    Freely Available from IEEE
  • Introduction

    Publication Year: 2005, Page(s): vi
    Request permission for commercial reuse | PDF file iconPDF (22 KB) | HTML iconHTML
    Freely Available from IEEE
  • Workshop Sponsor and General Chair

    Publication Year: 2005, Page(s): vii
    Request permission for commercial reuse | PDF file iconPDF (15 KB)
    Freely Available from IEEE
  • Lazy revocation in cryptographic file systems

    Publication Year: 2005, Page(s):11 pp. - 11
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (284 KB) | HTML iconHTML

    A crucial element of distributed cryptographic file systems are key management solutions that allow for flexible but secure data sharing. We consider efficient key management schemes for cryptographic file systems using lazy revocation. We give rigorous security definitions for three cryptographic schemes used in such systems, namely symmetric encryption, message-authentication codes and signature... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • POTSHARDS: storing data for the long-term without encryption

    Publication Year: 2005, Page(s):9 pp. - 20
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (254 KB) | HTML iconHTML

    Many archival storage systems rely on keyed encryption to ensure privacy. A data object in such a system is exposed once the key used to encrypt the data is compromised. When storing data for as long as a few decades or centuries, the use of keyed encryption becomes a real concern. The exposure of a key is bounded by computation effort and management of encryption keys becomes as much of a problem... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Towards protecting sensitive files in a compromised system

    Publication Year: 2005, Page(s):8 pp. - 28
    Cited by:  Papers (8)  |  Patents (9)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (282 KB) | HTML iconHTML

    Protecting sensitive files from a compromised system helps administrators to thwart many attacks, discover intrusion trails, and fast restore the system to a safe state. However, most existing file protection mechanisms can be turned off after an attacker manages to exploit a vulnerability to gain privileged access. In this paper we propose SVFS, a secure virtual file system that uses virtual mach... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The OSD security protocol

    Publication Year: 2005, Page(s):11 pp. - 39
    Cited by:  Papers (13)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (297 KB) | HTML iconHTML

    The ANSI T10 object-based storage devices (OSD) standard is a new standard. It evolves the storage interface from fixed size blocks to variable size objects and includes an integrated security protocol that protects storage. This paper presents the requirements, the design tradeoffs, and the final security protocol as defined in the standard. The resulting protocol is based on a secure capability-... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Efficiently binding data to owners in distributed content-addressable storage systems

    Publication Year: 2005, Page(s):12 pp. - 51
    Cited by:  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (336 KB) | HTML iconHTML

    Distributed content-addressable storage systems use self-verifying data to protect data integrity and to enable graceful scaling. One feature commonly missing from these systems, however, is the ability to identify the owner of a piece of data in a non-repudiable manner. While a solution that associates a certificate with each block of data is conceptually simple, researchers have traditionally cl... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Maintaining object ordering in a shared P2P storage environment

    Publication Year: 2005, Page(s):11 pp. - 62
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (301 KB) | HTML iconHTML

    To be considered a viable storage solution, modern peer-to-peer (P2P) storage systems must exhibit high availability and data persistence characteristics. In an attempt to provide these, most systems assume a continuously connected and available underlying communication infrastructure. This however is not warranted in any real large-scale distributed system, and thus needs to be addressed. Continu... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Adding secure deletion to your favorite file system

    Publication Year: 2005, Page(s):8 pp. - 70
    Cited by:  Papers (12)  |  Patents (9)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (283 KB) | HTML iconHTML

    Files or even their names often contain confidential or secret information. Most users believe that such information is erased as soon as they delete a file. Even those who know that this is not true often ignore the issue. Nevertheless, recovering deleted files is trivial and can be performed even by novice hackers. The problem is exacerbated by the widespread of portable and mobile storage devic... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The consequences of decentralized security in a cooperative storage system

    Publication Year: 2005, Page(s):12 pp. - 82
    Cited by:  Papers (1)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (324 KB) | HTML iconHTML

    Traditional storage systems have considered security as a problem to be solved at the perimeter: once a user is authenticated, each device internal to the system trusts the decision made elsewhere. However, as storage systems become ever more distributed, shared, and dynamic, it becomes necessary to enforce security at the boundaries of each storage device, rather than around the system as a whole... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • File system design with assured delete

    Publication Year: 2005, Page(s):6 pp. - 88
    Cited by:  Papers (14)  |  Patents (8)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (158 KB) | HTML iconHTML

    This paper describes a system that supports high availability of data, until the data should be expunged, at which time the system makes it impossible to recover the data. This design supports two types of assured delete; where the expiration time is known at file creation, and on-demand delete of individual files. The design assures previous work has described how to do this when the expiration t... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Efficient authentication of large, dynamic data sets using Galois/counter mode (GCM)

    Publication Year: 2005, Page(s):6 pp. - 94
    Cited by:  Papers (8)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (191 KB) | HTML iconHTML

    The Galois/counter mode (GCM) of operation can be used as an incremental message authentication code (MAC); in this respect, it is unique among the crypto algorithms used in practice. We show that it has this property, and show how to efficiently recompute a MAC after small changes within a message, after the appending or prepending of data to a message, or the truncation of data from the start or... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Optimization of covert channel identification

    Publication Year: 2005, Page(s):13 pp. - 95
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (397 KB) | HTML iconHTML

    We characterize the properties of covert channels and present a taxonomy of covert channels. Information flow sequence is adopted to represent information flows and covert channels. Covert channels are categorized according to their information flow characteristics. On this basis, we explore the optimization of covert channel identification with the shared resource matrix method adopted for demons... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Author index

    Publication Year: 2005, Page(s): 109
    Request permission for commercial reuse | PDF file iconPDF (24 KB)
    Freely Available from IEEE