Strong security for distributed file systems


We have developed a scheme to secure network-attached storage systems against many types of attacks. Our system uses strong cryptography to hide data from unauthorized users; someone gaining complete access to a disk cannot obtain any useful data from the system, and backups can be done without allowing the superuser access to unencrypted data. While denial-of-service attacks cannot be prevented, our system detects forged data. The system was developed using a raw disk, and can be integrated into common file systems.

We discuss the design and security tradeoffs such a distributed file system makes. Our design guards against both remote intruders and those who gain physical access to the disk, using just enough security to thwart both types of attacks. This security can be achieved with little penalty to performance. We discuss the security operations that are necessary for each type of operation, and show that there is no longer any reason not to include strong encryption and authentication in network file systems.

Full Paper



  author       = {Ethan L. Miller and Darrell D. E. Long and William E. Freeman and Benjamin C. Reed},
  title        = {Strong security for distributed file systems},
  booktitle    = {Proceedings of the 20th IEEE International Performance, Computing and Communications Conference (IPCCC '01)},
  pages        = {34–40},
  month        = apr,
  year         = {2001},