Paranoia vs. Performance - A Quantitative Evaluation of Storage System Security

As users’ and companies’ dependence on shared, networked data continues to increase, the protection of this data from prying eyes or malicious hands becomes more and more critical. There are a variety of ways to ensure the security of data and the integrity of data transfer, depending on the set of anticipated attacks, the level of paranoia on the part of the data owners, and the level of inconvenience data users are willing to tolerate. This paper reviews all the previously proposed systems for secure, networked storage, and combines these ideas to describe a system for the “most paranoid” data owners. We show that the two main classes of systems in the existing design space are not really as far apart as they seem; one is essentially an optimization of the other. We outline the space of possible design choices and quantify the costs associated with each one using a trace from a time-sharing UNIX server used by a medium-sized workgroup. As we go along, we introduce a number of optimizations that have not been explicitly considered before.