research-article

DepSky: Dependable and Secure Storage in a Cloud-of-Clouds

Authors:

Alysson Bessani,

Miguel Correia,

Bruno Quaresma,

Fernando André,

Paulo SousaAuthors Info & Claims

ACM Transactions on Storage (TOS), Volume 9, Issue 4

Article No.: 12, Pages 1 - 33

https://doi.org/10.1145/2535929

Published: 01 November 2013 Publication History

Abstract

The increasing popularity of cloud storage services has lead companies that handle critical data to think about using these services for their storage needs. Medical record databases, large biomedical datasets, historical information about power systems and financial data are some examples of critical data that could be moved to the cloud. However, the reliability and security of data stored in the cloud still remain major concerns. In this work we present DepSky, a system that improves the availability, integrity, and confidentiality of information stored in the cloud through the encryption, encoding, and replication of the data on diverse clouds that form a cloud-of-clouds. We deployed our system using four commercial clouds and used PlanetLab to run clients accessing the service from different countries. We observed that our protocols improved the perceived availability, and in most cases, the access latency, when compared with cloud providers individually. Moreover, the monetary costs of using DepSky in this scenario is at most twice the cost of using a single cloud, which is optimal and seems to be a reasonable cost, given the benefits.

References

[1]

Abraham, I., Chockler, G., Keidar, I., and Malkhi, D. 2006. Byzantine disk Paxos: Optimal resilience with Byzantine shared memory. Distrib. Comput. 18, 5, 387--408.

Digital Library

[2]

Abu-Libdeh, H., Princehouse, L., and Weatherspoon, H. 2010. RACS: A case for cloud storage diversity. In Proceedings of the 1st ACM Symposium on Cloud Computing. 229--240.

Digital Library

[3]

Alchieri, E. A. P., Bessani, A. N., and Fraga, J. D. S. 2008. A dependable infrastructure for cooperative Web services coordination. In Proceedings of the IEEE International Conference on Web Services. 21--28.

Digital Library

[4]

Amazon. 2011. Amazon simple storage service FAQS. http://aws.amazon.com/s3/faqs/.

[5]

Attiya, H. and Bar-Or, A. 2003. Sharing memory with semi-Byzantine clients and faulty storage servers. In Proceedings of the 22nd IEEE Symposium on Reliable Distributed Systems (SRDS). 174--183.

[6]

Basescu, C., Cachin, C., Eyal, I., Haas, R., Sorniotti, A., Vukolic, M., and Zachevsky, I. 2012. Robust data sharing with key-value stores. In Proceedings of the 42nd International Conference on Dependable Systems and Networks (DSN).

Digital Library

[7]

Bessani, A. N., Alchieri, E. P., Correia, M., and Fraga, J. S. 2008. DepSpace: A Byzantine fault-tolerant coordination service. In Proceedings of the 3rd ACM European Systems Conference (EuroSys). 163--176.

Digital Library

[8]

Bowers, K. D., Juels, A., and Oprea, A. 2009. HAIL: A high-availability and integrity layer for cloud storage. In Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS). 187--198.

Digital Library

[9]

Brantner, M., Florescu, D., Graf, D., Kossmann, D. and Kraska, T. 2008. Building a database on S3. In Proceedings of the ACM SIGMOD International Conference on Management of Data. 251--264.

Digital Library

[10]

Cachin, C. and Tessaro, S. 2006. Optimal resilience for erasure-coded Byzantine distributed storage. In Proceedings of the International Conference on Dependable Systems and Networks (DSN). 115--124.

Digital Library

[11]

Chockler, G. and Malkhi, D. 2002. Active disk Paxos with infinitely many processes. In Proceedings of the 21st Symposium on Principles of Distributed Computing (PODC). 78--87.

Digital Library

[12]

Chockler, G., Guerraoui, R., Keidar, I., and Vukolić, M. 2009. Reliable distributed storage. IEEE Comput. 42, 4, 60--67.

Digital Library

[13]

Dahlin, M., Chandra, B., Gao, L., and Naate, A. 2003. End-to-end WAN service availability. ACM/IEEE Trans. Netw. 11, 2.

Digital Library

[14]

Dekker, M. A. C. 2012. Critical cloud computing: A CIIP perspective on cloud computing services (v1.0). Tech. rep., European Network and Information Security Agency (ENISA).

[15]

Feldman, A. J., Zeller, W. P., Freedman, M. J., and Felten, E. W. 2010. SPORC: Group collaboration using untrusted cloud resources. In Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI). 337--350.

Digital Library

[16]

Gafni, E. and Lamport, L. 2003. Disk Paxos. Distrib. Comput. 16, 1, 1--20.

Digital Library

[17]

Ghemawat, S., Gobioff, H., and Leung, S.-T. 2003. The Google file system. In Proceedings of the 19th ACM Symposium on Operating Systems Principles (SOSP). 29--43.

Digital Library

[18]

Gibson, G., Nagle, D., Amiri, K., Butler, J., Chang, F., Goboff, H., Hardin, C., Riedel, E., Rochberg, D., and Zelenka, J. 1998. A cost-effective, high-bandwidth storage architecture. In Proceedings of the 8th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). 92--103.

Digital Library

[19]

Goodson, G., Wylie, J., Ganger, G., and Reiter, M. 2004. Efficient Byzantine-tolerant erasure-coded storage. In Proceedings of the International Conference on Dependable Systems and Networks (DSN). 135--144.

Digital Library

[20]

Greer, M. 2010. Survivability and information assurance in the cloud. In Proceedings of the 4th Workshop on Recent Advances in Intrusion-Tolerant System (WRAITS).

Digital Library

[21]

Hamilton, J. 2007. On designing and deploying Internet-scale services. In Proceedings of the 21st Large Installation System Administration Conference (LISA). 231--242.

Digital Library

[22]

Hanley, M., Dean, T., Schroeder, W., Houy, M., Trzeciak, R. F., and Montelibano, J. 2011. An analysis of technical observations in insider theft of intellectual property cases. Tech. note CMU/SEI-2011-TN-006, Carnegie Mellon Software Engineering Institute.

[23]

Hendricks, J., Ganger, G., and Reiter, M. 2007. Low-overhead byzantine fault-tolerant storage. In Proceedings of the 21st ACM Symposium on Operating Systems Principles (SOSP). 73--86.

Digital Library

[24]

Henry, A. 2009. Cloud storage FUD (failure, uncertainty, and durability). In Proceedings of the 7th USENIX Conference on File and Storage Technologies (Keynote Address).

[25]

Herlihy, M. and Wing, J. M. 1990. Linearizability: A correctness condition for concurrent objects. ACM Trans. Program. Lang. Syst. 12, 3, 463--492.

Digital Library

[26]

Herlihy, M., Lucangco, V., and Moir, M. 2003. Obstruction-free synchronization: Double-ended queues as an example. In Proceedings of the 23th IEEE Internatiomal Conference on Distributed Computing Systems (ICDCS). 522--529.

Digital Library

[27]

Hunt, P., Konar, M., Junqueira, F., and Reed, B. 2010. Zookeeper: Wait-free coordination for Internet-scale services. In Proceedings of the USENIX Annual Technical Conference (USENIX ATC). 145--158.

Digital Library

[28]

Jayanti, P., Chandra, T. D., and Toueg, S. 1998. Fault-tolerant wait-free shared objects. J. ACM 45, 3, 451--500.

Digital Library

[29]

Kotla, R., Avisi, L., and Dahlin, M. 2007. SafeStore: A durable and practical storage system. In Proceedings of the USENIX Annual Technical Conference (USENIX ATC).

Digital Library

[30]

Krawczyk, H. 1993. Secret sharing made short. In Proceedings of the 13th International Cryptology Conference (CRYPTO). 136--146.

Digital Library

[31]

Lamport, L. 1986. On interprocess communication (part II). Distrib. Comput. 1, 1, 203--213.

[32]

Lamport, L., Shostak, R., and Pease, M. 1982. The Byzantine generals problem. ACM Trans. Program. Lang. Syst. 4, 3, 382--401.

Digital Library

[33]

Liskov, B. and Rodrigues, R. 2006. Tolerating Byzantine faulty clients in a quorum system. In Proceedings of the 26th IEEE International Conference on Distributed Computing Systems (ICDCS).

Digital Library

[34]

Mahajan, P., Setty, S., Lee, S., Clement, A., Alvisi, L., Dahlin, M., and Walfish, M. 2011. Depot: Cloud storage with minimal trust. ACM Trans. Comput. Syst. 29, 4.

Digital Library

[35]

Malkhi, D. and Reiter, M. 1998a. Byzantine quorum systems. Distrib. Comput. 11, 4, 203--213.

Digital Library

[36]

Malkhi, D. and Reiter, M. 1998b. Secure and scalable replication in Phalanx. In Proceedings of the 17th IEEE Symposium on Reliable Distributed Systems (SRDS). 51--60.

Digital Library

[37]

Martin, J.-P., Alvisi, L., and Dahlin, M. 2002. Minimal Byzantine storage. In Proceedings of the 16th International Symposium on Distributed Computing (DISC). 311--325.

Digital Library

[38]

May, M. 2010. Forecast calls for clouds over biological computing. Nature Med. 16, 6.

[39]

McCullough, J. C., Dunagan, J., Wolman, A., and Snoeren, A. C. 2010. Stout: An adaptive interface to scalable cloud storage. In Proceedings of the USENIX Annual Technical Conference (USENIX ATC). 47--60.

Digital Library

[40]

Metz, C. 2009. DDoS attack rains down on Amazon cloud. The Register. http://www.theregister.co.uk/2009/10/05/amazon_bitbucket_outage/.

[41]

Mills, D. L. 1992. Network time protocol (version 3): Specification, implementation and analysis. IETF RFC 1305.

Digital Library

[42]

Muniswamy-Reddy, K.-K., Macko, P., and Seltzer, M. 2010. Provenance for the cloud. In Proceedings of the 8th USENIX Conference on File and Storage Technologies (FAST). 197--210.

Digital Library

[43]

Naone, E. 2009. Are we safeguarding social data? Technology Review published by MIT Review, http://www.technologyreview.com/blog/editors/22924/.

[44]

Patterson, D. A., Gibson, G., and Katz, R. H. 1988. A case for redundant arrays of inexpensive disks (RAID). In Proceedings of the 1988 ACM SIGMOD International Conference on Management of Data. 109--116.

Digital Library

[45]

Plank, J. S. 2007. Jerasure: A library in C/C++ facilitating erasure coding for storage applications. Tech. rep. CS-07-603, University of Tennessee.

[46]

Rabin, M. 1989. Efficient dispersal of information for security, load balancing, and fault tolerance. J. ACM 36, 2, 335--348.

Digital Library

[47]

Raphael, J. 2011. The 10 worst cloud outages (and what we can learn from them). Infoworld. http://www.infoworld.com/d/cloud-computing/the-10-worst-cloud-outages-and-what-we-can-learn-them-902.

[48]

Sarno, D. 2009. Microsoft says lost sidekick data will be restored to users. Los Angeles Times.

[49]

Schoenmakers, B. 1999. A simple publicly verifiable secret sharing scheme and its application to electronic voting. In Proceedings of the 19th International Cryptology Conference (CRYPTO). 148--164.

Digital Library

[50]

Schwarz, T. and Miller, E. L. 2006. Store, forget, and check: Using algebraic signatures to check remotely administered storage. In Proceedings of 26th IEEE International Conference on Distributed Computing Systems (ICDCS).

Digital Library

[51]

Shamir, A. 1979. How to share a secret. Comm. ACM 22, 11, 612--613.

Digital Library

[52]

Shraer, A., Cachin, C., Cidon, A., Keidar, I., Michalevsky, Y., and Shaket, D. 2010. Venus: Verification for untrusted cloud storage. In Proceedings of the ACM Cloud Computing Security Workshop (CCSW).

Digital Library

[53]

Storer, M. W., Greenan, K. M., Miller, E. L., and Voruganti, K. 2007. POTSHARDS: Secure long-term storage without encryption. In Proceedings of the USENIX Annual Technical Conference (USENIX ATC). 143--156.

Digital Library

[54]

Terry, D. B., Demers, A. J., Petersen, K., Spreitzer, M. J., Theimer, M. M., and Welch, B. B. 1994. Session guarantees for weakly consistent replicated data. In Proceedings of the 3rd International Conference on Parallel and Distributed Information Systems. 140--149.

Digital Library

[55]

Vogels, W. 2009. Eventually consistent. Comm. ACM 52, 1, 40--44.

Digital Library

[56]

Vrable, M., Savage, S., and Voelker, G. M. 2009. Cumulus: Filesystem backup to the cloud. ACM Trans. Storage 5, 4, 1--28.

Digital Library

[57]

Vrable, M., Savage, S., and Voelker, G. M. 2012. BlueSky: A cloud-backed file system for the enterprise. In Proceedings of the 10th USENIX Conference on File and Storage Technologies (FAST).

Digital Library

[58]

Vukolic, M. 2010. The Byzantine empire in the intercloud. ACM SIGACT News 41, 3, 105--111.

Digital Library

[59]

Weil, S. A., Brandt, S. A., Miller, E. L., Long, D. D. E., and Maltzahn, C. 2006. Ceph: A scalable, high-performance distributed file system. In Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation (OSDI). 307--320.

Digital Library

Cited By

Amiri MAgrawal DEl Abbadi ALoo BBarcelo PSanchez-Pi NMeliou ASudarshan S(2024)Distributed Transaction Processing in Untrusted EnvironmentsCompanion of the 2024 International Conference on Management of Data10.1145/3626246.3654684(570-579)Online publication date: 9-Jun-2024
https://dl.acm.org/doi/10.1145/3626246.3654684
Nguetchouang KBitchebe SDubuc TCallau-Zori MHubert COlivier PTchana A(2024)SVD: A Scalable Virtual Machine Disk FormatIEEE Transactions on Cloud Computing10.1109/TCC.2024.339139012:2(684-696)Online publication date: Apr-2024
https://doi.org/10.1109/TCC.2024.3391390
Raktate GShelar KParjane PPangavhane SMore SDeshmukh S(2024)A Survey on Security Issues and Challenges in Cloud Computing2024 International Conference on Decision Aid Sciences and Applications (DASA)10.1109/DASA63652.2024.10836628(1-5)Online publication date: 11-Dec-2024
https://doi.org/10.1109/DASA63652.2024.10836628
Show More Cited By

Index Terms

DepSky: Dependable and Secure Storage in a Cloud-of-Clouds
1. Security and privacy
  1. Network security
2. Software and its engineering
  1. Software organization and properties
    1. Extra-functional properties
      1. Software fault tolerance
    2. Software system structures
      1. Distributed systems organizing principles
        Organizing principles for web applications

Recommendations

RACS: a case for cloud storage diversity
SoCC '10: Proceedings of the 1st ACM symposium on Cloud computing

The increasing popularity of cloud storage is leading organizations to consider moving data out of their own data centers and into the cloud. However, success for cloud storage providers can present a significant risk to customers; namely, it becomes ...
DepSky: dependable and secure storage in a cloud-of-clouds
EuroSys '11: Proceedings of the sixth conference on Computer systems

The increasing popularity of cloud storage services has lead companies that handle critical data to think about using these services for their storage needs. Medical record databases, power system historical information and financial data are some ...
Cloud Storage as the Infrastructure of Cloud Computing
ICICCI '10: Proceedings of the 2010 International Conference on Intelligent Computing and Cognitive Informatics

As an emerging technology and business paradigm, Cloud Computing has taken commercial computing by storm. Cloud computing platforms provide easy access to a company’s high-performance computing and storage infrastructure through web services. With cloud ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Storage

ACM Transactions on Storage Volume 9, Issue 4

November 2013

117 pages

ISSN:1553-3077

EISSN:1553-3093

DOI:10.1145/2555948

Editor:
Darrell Long
University of California Santa Cruz, USA

Issue’s Table of Contents

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 November 2013

Accepted: 01 February 2013

Revised: 01 November 2012

Received: 01 March 2012

Published in TOS Volume 9, Issue 4

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

INESC-ID
Fundação para a Ciência e a Tecnologia
Multi-annual Program (LASIGE)
Seventh Framework Programme
RC-Clouds

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

276
Total Citations
View Citations
2,677
Total Downloads

Downloads (Last 12 months)80
Downloads (Last 6 weeks)9

Reflects downloads up to 08 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Amiri MAgrawal DEl Abbadi ALoo BBarcelo PSanchez-Pi NMeliou ASudarshan S(2024)Distributed Transaction Processing in Untrusted EnvironmentsCompanion of the 2024 International Conference on Management of Data10.1145/3626246.3654684(570-579)Online publication date: 9-Jun-2024
https://dl.acm.org/doi/10.1145/3626246.3654684
Nguetchouang KBitchebe SDubuc TCallau-Zori MHubert COlivier PTchana A(2024)SVD: A Scalable Virtual Machine Disk FormatIEEE Transactions on Cloud Computing10.1109/TCC.2024.339139012:2(684-696)Online publication date: Apr-2024
https://doi.org/10.1109/TCC.2024.3391390
Raktate GShelar KParjane PPangavhane SMore SDeshmukh S(2024)A Survey on Security Issues and Challenges in Cloud Computing2024 International Conference on Decision Aid Sciences and Applications (DASA)10.1109/DASA63652.2024.10836628(1-5)Online publication date: 11-Dec-2024
https://doi.org/10.1109/DASA63652.2024.10836628
Ahmed SNahiduzzaman MIslam TBappy FZaman THasan R(2024)FASTEN: Towards a FAult-Tolerant and STorage EfficieNt Cloud: Balancing Between Replication and Deduplication2024 IEEE 21st Consumer Communications & Networking Conference (CCNC)10.1109/CCNC51664.2024.10454894(44-50)Online publication date: 6-Jan-2024
https://doi.org/10.1109/CCNC51664.2024.10454894
Lohmöller JPennekamp JMatzutt RSchneider CVlad ETrautwein CWehrle K(2024)The unresolved need for dependable guarantees on security, sovereignty, and trust in data ecosystemsData & Knowledge Engineering10.1016/j.datak.2024.102301151:COnline publication date: 1-May-2024
https://dl.acm.org/doi/10.1016/j.datak.2024.102301
Khan AMatskin MProdan RBussler CRoman DSoylu A(2024)Cloud storage cost: a taxonomy and surveyWorld Wide Web10.1007/s11280-024-01273-427:4Online publication date: 24-May-2024
https://dl.acm.org/doi/10.1007/s11280-024-01273-4
Geng QChuai ZJin J(2024)Cross-organizational data exchange based on consortium blockchain with consistency guaranteeThe Journal of Supercomputing10.1007/s11227-024-06164-z80:12(18199-18236)Online publication date: 1-Aug-2024
https://dl.acm.org/doi/10.1007/s11227-024-06164-z
Lafourcade PMallordy LOlivier-Anclin CRobert L(2024)Secure Keyless Multi-party Storage SchemeComputer Security – ESORICS 202410.1007/978-3-031-70896-1_14(279-298)Online publication date: 6-Sep-2024
https://doi.org/10.1007/978-3-031-70896-1_14
Backendal MDavis HGünther FHaller MPaterson K(2024)A Formal Treatment of End-to-End Encrypted Cloud StorageAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68379-4_2(40-74)Online publication date: 18-Aug-2024
https://dl.acm.org/doi/10.1007/978-3-031-68379-4_2
Bharot NGhangare NVerma P(2024)Optimizing Transfer Efficiency in Multi-cloud Storage Systems with Edge and Fog ComputingAdvanced Network Technologies and Intelligent Computing10.1007/978-3-031-64076-6_18(278-289)Online publication date: 8-Aug-2024
https://doi.org/10.1007/978-3-031-64076-6_18
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Issue’s Table of Contents