horus fine grained encryption based security for high
play

Horus: Fine-Grained Encryption- Based Security for High Performance - PowerPoint PPT Presentation

Jun 28, 2023 •355 likes •532 views

Horus: Fine-Grained Encryption- Based Security for High Performance Petascale Storage Ranjana Rajendran Ethan L. Miller Darrell D. E. Long Storage Systems Research Center University of California, Santa Cruz Sunday, November 13, 11

  1. Horus: Fine-Grained Encryption- Based Security for High Performance Petascale Storage Ranjana Rajendran • Ethan L. Miller • Darrell D. E. Long Storage Systems Research Center University of California, Santa Cruz Sunday, November 13, 11

  2. What’s the problem? • Ever-increasing volume of data • More files • Larger files • Ever-increasing threat • Intrusions • Insider attacks • Accidental data leakage • HPC systems have a lot of vulnerabilities • Storage nodes • Metadata servers • Thousands of clients • Goal: limit the risk of data leakage in an HPC system • Goal: allow protection of some parts of a file 2 Sunday, November 13, 11

  3. Typical HPC storage environment • Clients interact with MDS to open files Client Client • Clients interact directly 1: open() Client MDS Client Client Client MDS with storage to read/write 2: capability data 4: I/O response 3: I/O request Policy control • Maat [SC07] can provide authorization • No encryption... Disk Disk Disk Disk Disk Disk Disk Disk Disk Disk 3 Sunday, November 13, 11

  4. Threat model: leakage of confidential HPC data • Traditional encryption: one key per file • Data can be encrypted at the client • Still vulnerable to leaks • Compromised storage devices / nodes • Little risk if data is encrypted • High risk if done with other compromises • Compromised metadata servers • Potential for leaking keys • Difficult to secure given complexity • Compromised client (compute) nodes • Keys from a single client can leak the whole file! • There are thousands of clients... 4 Sunday, November 13, 11

  5. Keyed hash trees • Solution: use keyed hash trees to generate block keys from the file key • Clients only get the block keys they need • Clients can’t encrypt / decrypt data for which they don’t have keys • Nodes at any level of the tree can be given out • Value of a key depends on parent and key’s position • Simple to derive block key from any key above it KR (file root key) K1,0 K1,1 K1,2 K2,0 K2,1 K2,2 K2,3 K2,4 K2,5 K2,6 K2,7 K2,8 K2,9 K3,0 K3,1 K3,2 K3,3 K3,4 K3,5 K3,6 K3,7 K3,8 K3,9 K3,10 K3,11 K3,12 K3,13 K3,14 K3,15 K3,16 K3,17 K3,18 K3,19 5 Sunday, November 13, 11

  6. Keyed hash trees • Solution: use keyed hash trees to generate block keys from the file key • Clients only get the block keys they need • Clients can’t encrypt / decrypt data for which they don’t have keys • Nodes at any level of the tree can be given out • Value of a key depends on parent and key’s position • Simple to derive block key from any key above it KR (file root key) K1,0 K1,1 K1,2 K2,0 K2,1 K2,2 K2,3 K2,4 K2,5 K2,6 K2,7 K2,8 K2,9 Block K3,0 K3,1 K3,2 K3,3 K3,4 K3,5 K3,6 K3,7 K3,8 K3,9 K3,10 K3,11 K3,12 K3,13 K3,14 K3,15 K3,16 K3,17 K3,18 K3,19 keys 5 Sunday, November 13, 11

  7. Keyed hash trees • Solution: use keyed hash trees to generate block keys from the file key • Clients only get the block keys they need • Clients can’t encrypt / decrypt data for which they don’t have keys • Nodes at any level of the tree can be given out • Value of a key depends on parent and key’s position • Simple to derive block key from any key above it KR (file root key) K1,0 K1,1 K1,2 Range keys K2,0 K2,1 K2,2 K2,3 K2,4 K2,5 K2,6 K2,7 K2,8 K2,9 K3,0 K3,1 K3,2 K3,3 K3,4 K3,5 K3,6 K3,7 K3,8 K3,9 K3,10 K3,11 K3,12 K3,13 K3,14 K3,15 K3,16 K3,17 K3,18 K3,19 5 Sunday, November 13, 11

  8. Generating block keys • Start at root key KR (file root key) • At each level, generate K1,0 K1,1 new key from • Parent key K2,0 K2,1 K2,2 K2,3 K2,4 • Level number • “Offset” in the level K3,0 K3,1 K3,2 K3,3 K3,4 K3,5 K3,6 K3,7 K3,8 • Process can be split • Simple to go down the tree for x = start + 1 to end do • “Difficult” to go up the tree k ← keyed_hash ( k , x || ⎣ b / B x ⎦ ) (or sideways) end for return k 6 Sunday, November 13, 11

  9. Handing out range keys KR Root key Range keys File blocks A B C D Clients • Provide only needed range keys to each client • Ranges cover any number of blocks • Ranges must be aligned to key • Hand out multiple range keys to a client if needed • Range key usage is flexible • Multiple clients can get key for a single block • Any range key that “covers” a block can be used to generate its key 7 Sunday, November 13, 11

  10. Using Horus • Key Distribution Cluster can run Key 5: Range key(s) • Separately Distribution Cluster • Stateless: easier to reset between 3: Protected KR 4: Calculate permitted computations range key(s) 6: Calculate • On MDS block key • On nodes doling out work Client Client 1: open() Client MDS Client Client units for computation Client MDS 2: Protected KR 7 9: Decrypt data : • Keys stored using public- I / O 8 : r I e / O q u r e e s s key encryption t p o n s e • Client forwards key to KDC Disk Disk Disk Disk Disk Disk • KDC could request key from Disk Disk Disk Disk MDS directly 8 Sunday, November 13, 11

  11. Storing file root keys • Encrypt file root keys with users’ public keys • Lockbox structure similar to those used in many secure file systems • Store file root keys in the file system • In a separate file • In extended attributes attached to the file • Alternative approach: supply file keys as part of the setup for the computation • More secure? • May require additional infrastructure 9 Sunday, November 13, 11

  12. Using Horus as an encryption layer • In-kernel implementation HDF/ HDF/ • May be a bit faster NetCDF NetCDF • Requires OS changes Horus System calls • User-level implementation • No OS changes • Could leverage data layout System calls Horus knowledge • Divide file by content rather than by block offset File system File system OS kernel OS kernel In-kernel User-level 10 Sunday, November 13, 11

  13. Horus security • Data is only in the clear on clients • Storage nodes can’t leak data • MDS can’t leak data (or keys) • Only a client can leak data • Client can only leak data for which it has a key • Requires large-scale client compromise to leak the entire file • Can’t leak “idle” files without obtaining user’s private key • Revocation is an issue (as with other encrypted file systems) 11 Sunday, November 13, 11

  14. Ongoing work • User-level implementation of Horus • Layered just above system calls • Uses extended attributes for key storage • Includes protocol to communicate with KDC • Explore tradeoffs between deeper tree and wider range keys • Eventually, integrate into HPC file system such as Ceph or PVFS 12 Sunday, November 13, 11

  15. Conclusions • Security is becoming increasingly important for HPC • Leaving data in the clear may no longer be acceptable • Horus prevents many attacks • Compromise of disks or MDS • Small-scale compromise of compute nodes & clients • Horus allows sharing differential security for portions of large files • Horus can run in the kernel or at user level ➡ Provide greater confidentiality for HPC data 13 Sunday, November 13, 11

  16. Questions? Supported by 14 Sunday, November 13, 11

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Fine-Grained Power Modeling for Smartphones Using System Call Tracing Based on paper and

Fine-Grained Power Modeling for Smartphones Using System Call Tracing Based on paper and

Fine-Grained Power Modeling for Smartphones Using System Call Tracing Based on paper and presentation by: Abhinav Pathak, Y. Charlie Hu, Ming Zhang Paramvir Bahl, Yi-Min Wang Damian Rodziewicz Fine-Grained Power Modeling for Smartphones

701 views • 33 slides
ConScript Specifying and Enforcing Fine-Grained Security Policies for JavaScript in the Browser

ConScript Specifying and Enforcing Fine-Grained Security Policies for JavaScript in the Browser

ConScript Specifying and Enforcing Fine-Grained Security Policies for JavaScript in the Browser Leo Meyerovich Benjamin Livshits UC Berkeley Microsoft Research Web Programmability Platform openid.net yelp.com adsense.com Google maps 2

727 views • 41 slides
Fine-Grained User-Space Security Through Virtualization Mathias Payer and Thomas R. Gross ETH

Fine-Grained User-Space Security Through Virtualization Mathias Payer and Thomas R. Gross ETH

Fine-Grained User-Space Security Through Virtualization Mathias Payer and Thomas R. Gross ETH Zurich Motivation Applications often vulnerable to security exploits Solution: restrict application access to the minimum amount of data

890 views • 29 slides
Fine-Grained Geographic Communication (Geocast) Nexus Workshop Frank Drr 23.07.2003 1

Fine-Grained Geographic Communication (Geocast) Nexus Workshop Frank Drr 23.07.2003 1

Fine-Grained Geographic Communication (Geocast) Nexus Workshop Frank Drr 23.07.2003 1 Overview Motivation Requirements for Fine-Grained Geocast Location Model for Fine-Grained Geographic Addressing Summary Related Work

752 views • 18 slides
Part-based R-CNNs for Fine-grained Category Detec7on

Part-based R-CNNs for Fine-grained Category Detec7on

Part-based R-CNNs for Fine-grained Category Detec7on Ning Zhang Jeff Donahue Ross Girshick Trevor Darrell

741 views • 39 slides
Fine-grained Image Recognition Lei Wang VILA group School of Computing and Information

Fine-grained Image Recognition Lei Wang VILA group School of Computing and Information

Learning Kernel-matrix-based Representation for Fine-grained Image Recognition Lei Wang VILA group School of Computing and Information Technology University of Wollongong, Australia 11-Dec-2019 Introduction Fine-grained image recognition

1.56k views • 58 slides
Mechanized Verification of Fine-grained Concurrent Programs Ilya Sergey Aleks Nanevski

Mechanized Verification of Fine-grained Concurrent Programs Ilya Sergey Aleks Nanevski

Mechanized Verification of Fine-grained Concurrent Programs Ilya Sergey Aleks Nanevski Anindya Banerjee PLDI 2015 Terminology Coarse-grained Concurrency synchronisation between threads via locks ; Fine-grained

973 views • 72 slides
Parts of Speech More Fine-Grained Classes More

Parts of Speech More Fine-Grained Classes More

Parts of Speech More Fine-Grained Classes More Fine-Grained Classes Actually , I ran home extremely quickly yesterday The closed classes Example of POS tagging The Penn Treebank Part-of-Speech

747 views • 54 slides
Fine Grained Access Control Fine-Grained Access Control Fine Grained Access Control

Fine Grained Access Control Fine-Grained Access Control Fine Grained Access Control

Fine Grained Access Control Fine-Grained Access Control Fine Grained Access Control Fine-grained access control examples: p g Students can see their own grades Students can see grades of all students in courses they registered for

548 views • 34 slides
Fine-grained Visual Analysis: From Classification to Retrieval Yi-Zhe Song SketchX Lab, CVSSP,

Fine-grained Visual Analysis: From Classification to Retrieval Yi-Zhe Song SketchX Lab, CVSSP,

Fine-grained Visual Analysis: From Classification to Retrieval Yi-Zhe Song SketchX Lab, CVSSP, University of Surrey, UK http://sketchx.ai Why fine-grained? Dog Dog Dog I am not just a dog Why fine-grained? Husky

615 views • 24 slides
The Influence of High Energy Proton Irradiation on Fine-Grained Isotropic Graphite Grades: A

The Influence of High Energy Proton Irradiation on Fine-Grained Isotropic Graphite Grades: A

The Influence of High Energy Proton Irradiation on Fine-Grained Isotropic Graphite Grades: A Summary of Recent RaDIATE Results P. Hurh RaDIATE Collaboration Program Coordinator Contribuitors: N. Simos (BNL); K. Ammigan, V. Sidorov, J. Hylen

435 views • 24 slides
TimeBoost Fine-Grained Interleaving of Multithreaded Lagrange Relaxation based Gate Sizing with

TimeBoost Fine-Grained Interleaving of Multithreaded Lagrange Relaxation based Gate Sizing with

TimeBoost Fine-Grained Interleaving of Multithreaded Lagrange Relaxation based Gate Sizing with Buffering Optimizations Apostolos Stefanidis , Dimitrios Mangiras, Giorgos Dimitrakopoulos Integrated Circuits Lab Electrical and Computer

547 views • 16 slides
Identification of Fine Grained Feature Based Event and Sentiment Phrases from Business News

Identification of Fine Grained Feature Based Event and Sentiment Phrases from Business News

Outline Introduction Lexicons Learning Features and Modifiers Grammar Induction Evaluation Identification of Fine Grained Feature Based Event and Sentiment Phrases from Business News Stories Brett Drury LIAAD-INESC May 25, 2011 Brett

470 views • 29 slides
TRACERJD: GENERIC TRACE-BASED DYNAMIC DEPENDENCE ANALYSIS WITH FINE-GRAINED LOGGING Haipeng Cai

TRACERJD: GENERIC TRACE-BASED DYNAMIC DEPENDENCE ANALYSIS WITH FINE-GRAINED LOGGING Haipeng Cai

TRACERJD: GENERIC TRACE-BASED DYNAMIC DEPENDENCE ANALYSIS WITH FINE-GRAINED LOGGING Haipeng Cai and Raul Santelices Department of Computer Science and Engineering University of Notre Dame Supported by ONR Award N000141410037 SANER 2015

257 views • 15 slides
Security of Encryption Security of Encryption Perfect secrecy (IND-Onetime security) is too

Security of Encryption Security of Encryption Perfect secrecy (IND-Onetime security) is too

Defining Encryption (ctd.) Lecture 3 CPA/CCA security Computational Indistinguishability Pseudo-randomness, One-Way Functions Security of Encryption Security of Encryption Perfect secrecy (IND-Onetime security) is too strong (though too

1.36k views • 113 slides
High Resolution Fine-Grained Tracker: Reference Near Detector for DUNE Bipul Bhuyan Indian

High Resolution Fine-Grained Tracker: Reference Near Detector for DUNE Bipul Bhuyan Indian

High Resolution Fine-Grained Tracker: Reference Near Detector for DUNE Bipul Bhuyan Indian Institute of Technology Guwahati Near Detector Workshop Fermi Lab March 27 - 29, 2017 FGT Near Detector Concept Four components detector :

436 views • 25 slides
Security II: Cryptography Markus Kuhn Computer Laboratory, University of Cambridge

Security II: Cryptography Markus Kuhn Computer Laboratory, University of Cambridge

Security II: Cryptography Markus Kuhn Computer Laboratory, University of Cambridge http://www.cl.cam.ac.uk/teaching/1314/SecurityII/ Lent 2014 Part II 1 / 90 Related textbooks Main reference: Jonathan Katz, Yehuda Lindell:

1.24k views • 112 slides
Built-in browser CS/SE Individual Practical Stephen Gilmore September 30, 2011 School of

Built-in browser CS/SE Individual Practical Stephen Gilmore September 30, 2011 School of

Eclipse DDMS perspective Creating an Android Virtual Device Starting the emulator Developer tools API demos Eclipse DDMS perspective Creating an Android Virtual Device Starting the emulator Developer tools API demos Built-in browser CS/SE

379 views • 5 slides
t r

t r

t r r r rs t r

654 views • 26 slides
PowerFL : Fuzzing VxWorks embedded systems Peter Goodman Artem Dinaburg Trent Brunson 1

PowerFL : Fuzzing VxWorks embedded systems Peter Goodman Artem Dinaburg Trent Brunson 1

PowerFL : Fuzzing VxWorks embedded systems Peter Goodman Artem Dinaburg Trent Brunson 1 Introductions Peter Goodman Artem Dinaburg Trent Brunson Senior Security Engineer Principal Security Engineer Director of R&D

495 views • 31 slides
Cryptography Hard Problems encryption message encryption key algorithm Some problems are

Cryptography Hard Problems encryption message encryption key algorithm Some problems are

Cryptography Hard Problems encryption message encryption key algorithm Some problems are hard to solve. No polynomial time algorithm is known. Transmission E.g., NP-hard problems such as machine scheduling, Channel bin packing,

445 views • 5 slides
The One Time Pad Dan Boneh Symmetric Ciphers: definition Def: a cipher defined over is a pair

The One Time Pad Dan Boneh Symmetric Ciphers: definition Def: a cipher defined over is a pair

Online Cryptography Course Dan Boneh Stream ciphers The One Time Pad Dan Boneh Symmetric Ciphers: definition Def: a cipher defined over is a pair of efficient algs ( E , D ) where E is often

880 views • 83 slides
Searchable Symmetric Encryption Seny Kamara Advanced Topics in Network Security Spring 2006 1

Searchable Symmetric Encryption Seny Kamara Advanced Topics in Network Security Spring 2006 1

Searchable Symmetric Encryption Seny Kamara Advanced Topics in Network Security Spring 2006 1 Yesterday Motivation for searchable encryption First SSE scheme [SWP00] Attacks on [SWP00] Conjunctive SSE [GSW04,PKL04,BKM05] 2

703 views • 24 slides
Chapter 2: Classical Encryption Techniques Dr. Loai Tawalbeh Faculty of Information system and

Chapter 2: Classical Encryption Techniques Dr. Loai Tawalbeh Faculty of Information system and

Information System Security Chapter 2: Classical Encryption Techniques Dr. Loai Tawalbeh Faculty of Information system and Technology, The Arab Academy for Banking and Financial Sciences. Jordan Dr. Loai Tawalbeh Summer 2006

569 views • 15 slides

More recommend