Finding the Right Balance: Security vs. Performance with Network Storage Systems

Arun Olappamanna Vasudevan Stony Brook University

http://www.fsl.cs.sunysb.edu/

Finding the Right Balance: Security vs. Performance

with Network Storage Systems

A Master’s Thesis

Summary of Contributions l Co-developed a secure NFSv4 proxy

with integrity-checking, encryption, anti-virus, and cache

l Contributed to NFS-Ganesha project to support stacking of multiple FSALs

l Developed buffer scanner in ClamAV

05/15/2015 Arun Olappamanna Vasudevan—Masters Defense 2

LOC Proxy-cache, Anti-virus

Integrity-Encryption

Total

Source 9,264 3,586 12,850

l Motivation l Background l Design l  Implementation l Evaluation l Conclusions and Future Work


Outline

Cloud Storage l Availability

u Google Cloud Platform @ 99.9973% up-time

l Scalability l Economical l Accessibility l Easy to share and collaborate

documents


Security Concerns l Confidentiality

u Sony Pictures Entertainment u Photos of celebrities in iCloud hack

l  Integrity u CERN – petabyte scale data u 22/33,700 files corrupted (8.7 TB)

l Availability u Symantec report – 43% of respondents

have lost data in cloud!


Threat Model


Cloud

Secure Proxy

Clients

LAN

WAN

Trusted Untrusted

Semi-trusted

HTTPI

Server Authentication

Message Integrity

Message Confidentiality

HTTP ✖ ✖ ✖

HTTPS ✔ ✔ ✔

HTTPI ✔ ✔ ✖


b l Motivation l Background l Design l Evaluation l  Implementation l Conclusions and Future Work


Outline

NFSv4 and Cloud l Cloud storage gateways l Amazon Elastic File System (EFS) l Cloud NAS

u Zadara Storage u SoftNAS

l NFSv4 u Compounds u Delegation u pNFS


Example: IBM Panache


Client

Client

Client

Client

Panache cluster GPFS

pNFS

WAN



Outline

Design Goals l Advanced security features

u Encryption, integrity-check, anti-virus u Security policies

l Minimal performance penalty u Cache

l Easy to develop and maintain u Proxy architecture u Layered implementation


Proxy Architecture


Server

Proxy with security and cache

Clients

LAN

WAN

NFS

NFS

NFS-Ganesha


Client

Proxy NFSv4

Cache_inode

Server

Stackable FSAL

FSAL_ PROXY

open read write

pxy_open pxy_read pxy_write

File System Abstraction Layers (FSAL)

Layered Architecture


Client

Pro

xy

Server

Security

Cache

Client

Pro

xy

Server

Cache

Security

Model A Model B

Model A

Item Support? Write-back cache ✔ Protect against bad data in cache from server

✖

Protect against bad data in cache from client

✔

Additional data for security ✔ Modification of data ✖ Handling security updates ✔


Client

Pro

xy

Server

Security

Cache

Model A (Write Path)


Model B

Item Support? Write-back cache ✖ Protect against bad data in cache from server

✔

Protect against bad data in cache from client

✖

Additional data for security ✖ Modification of data ✔ Handling security updates ✖


Client

Pro

xy

Server

Cache

Security

Final Hybrid Design l Cache – Read and write

in block units l Anti-virus protects

against malware from clients

l Crypto and integrity protect confidentiality and integrity of data in server


Client

Pro

xy

Server

Anti-virus

Cache Crypto

Integrity



Outline

Anti-Virus l ClamAV

u Signature-based anti-virus scanner u Full-file scans

l Server-data is protected by integrity u Scan only writes from clients u Every 5 minutes (configurable) and at close


Cache l Write-back data cache

u Every 5 minutes (configurable) and at close u Meta-data is not cached

l Persistent cache u Sparse local files for cached remote files u Page-cache in memory

l Thread-safe implementation u Per-file range locks u Handling asynchronous write-backs


Integrity l SCSI standard Data Integrity Field (DIF)


Integrity with NFSv4.2


APP

OS

NFS Client

NFS Server

OS

HBA

Device

WAN

DIX DIF

WRITE_PLUS(data, integrity_tag)

READ_PLUS: data, integrity_tag

WRITE(data)

WRITE(data)

READ: data

READ: data

DIX: Data Integrity eXtension

Integrity and Encryption


PDATA

ADATA

Cipher-text

Integrity_tag

AES-GCM

Plain-text data

Authentication data

File key



Outline

Experimental Setup


Virtual SCSI device with DIX support

Pro

xy Anti-virus

Cache Crypto

Integrity

Client 1

Client 3

Client 2

Client 4

Client 5

Server

LAN (0.2ms RTT) 10 GbE

WAN (30ms RTT)

1 GbE

Experiments l Micro-workloads

u 100 files pre-allocated u Repeat for 2 minutes:

§ Open a random file § Read n times § Write m times § Close file

l Macro-workloads (Filebench) u File server and Mail server u Web server


Combinations of Features

Configs Proxy Integrity Encryption Caching Anti-virus P (baseline) ✔ ✖ ✖ ✖ ✖ I ✔ ✔ ✖ ✖ ✖ IE ✔ ✔ ✔ ✖ ✖ IC ✔ ✔ ✖ ✔ ✖ ICE ✔ ✔ ✔ ✔ ✖ ICEA ✔ ✔ ✔ ✔ ✔


1:1 Read-Write ratio 1 MB

0

20

40

60

80

100

120

140

160

P I IC IE ICE ICEA

#O

ps/

Sec

Security and Caching Configs


2.2X 2.3X


0

20

40

60

80

100

120

140

160

180

P I IC IE ICE ICEA

#O

ps/

Sec



-21%

2.9X

2.4X

-23%

Speed-up vs. Read-Write ratio

0

1

2

3

4

5

6

7

8

9

10

1 2 4 8 16

Spee

d u

p F

acto

r R

elat

ive

to B

asel

ine

Read-to-Write Ratio

IIC

ICEICEA



0

5

10

15

20

25

30

35

40

45

50

P I IC IE ICE ICEA

#O

ps/

Sec



+5%

File Server Workload

0

5

10

15

20

25

30

35

40

45

P I IC IE ICE ICEA

#O

ps/

Sec



-25%

Web Server Workload


0

20

40

60

80

100

120

140

160

180

200

P I IC IE ICE ICEA

#O

ps/

Sec


-60%

+77% +75%

Evaluation Summary l  Integrity

u Overhead: 3–26%

l  Encryption with integrity u No additional overhead

l  Anti-virus u Overhead: up to 23% for 10MB files

l  Cache u Performance: up to 8x

l  File server, Mail server, Web server u With all features: 23–28% overhead




Outline

Conclusions l Designed and implemented a secure

NFS proxy with cloud back-end l Overhead of security

u Integrity and Encryption give similar overheads

u Anti-virus overhead depends on file-size l Caching can offset security overhead to

a great extent


Future Work l  Security

u Use Merkle tree or versioning scheme for integrity u Meta-data confidentiality

l  Performance u Anti-virus scanning incrementally u Relax NFS strict consistency

§ Use RESTful protocols between proxy and server

l  Kurma – Secure Geo-Replicated Multi-Cloud Storage Gateways


Acknowledgements l My advisor, Dr. Erez Zadok l Ming Chen, Kelong Wang l My family and friends l Committee members l NSF


Arun Olappamanna Vasudevan Stony Brook University

http://www.fsl.cs.sunysb.edu/

Finding the Right Balance: Security vs. Performance with Network Storage Systems

A Master’s Thesis

Q&A

Kurma: Secure Geo-Replicated Multi-Cloud Storage Gateways

Region1

Clients

Region2

metadata

metadata

metadata

Region3

AzureS3

Drive

Untrusted

SecureGateway

Public Clouds


Model A (Read Path)


Model B (Read Path)


Model B (Write Path)


Final Hybrid Design (Read Path)


Final Hybrid Design (Write Path)


Date post:	22-Jan-2017
Category:	Technology
Upload:	arun-olappamanna-vasudevan
View:	360 times
Download:	0 times

Finding the Right Balance: Security vs. Performance with Network Storage Systems

Technology