|
Adaptive
Quality of Security Control in Storage Systems
Mais W. Nijim
Department of Computer Science
New Mexico Institute of Mining and Technology
801 Leroy Place,
Socorro, New Mexico
87801-4796
Since security is of critical
importance for modern storage systems, it is imperative to protect stored
data from being tampered or disclosed. Although an increasing number of
secure storage systems have been developed, there is no way to adaptively
choose security services to meet disk requests’ flexible security requirements.
Furthermore, existing security techniques for disk systems are not suitable
to guarantee desired response times of disk requests. In this dissertation research,
we proposed a series of adaptive quality of security control strategies, which
can judiciously select the most appropriate security service for disk
requests while endeavoring to guarantee desired response times of all disk
requests. Specifically, we proposed in this dissertation a quality of
security framework or StReD for storage resources.
The StReD framework integrates a quality of
security adaptor with an array of security services. Next, an adaptive
strategy or AWARDS was developed for local storage systems to improve
dynamically improve quality of security without adversely affecting the
response times of write requests. To prove the efficiency of AWARDS, we built
an analytical model to measure the probability that a disk request is
completed before its desired response time. Furthermore, we designed and
implemented an adaptive quality of security control strategy or ASPAD for
parallel disk systems. ASPAD makes it possible for parallel disk systems to
adapt to changing security requirements and workload conditions. Last but not
least, we devised a security-aware cache management mechanism or CaPaS for cluster storage systems. CaPaS
aims at achieving high security and desired performance for data-intensive
applications running on clusters. CaPaS is used in
combination with the ASPAD strategy, thereby providing high quality of security
for cluster storage systems. Extensive trace-driven simulations, which are based
on a set of real applications as well as synthetic workloads with various
disk I/O characteristics, show that the adaptive quality of security control
schemes significantly improve security of local disk systems, parallel disk
systems, and cluster storage systems without adversely affecting the
performance of storage systems.
Presented to the Faculty of The New Mexico Institute of Mining and Technology In Partial Fulfillment of Requirements For the Degree of Doctor of Philosophy in Computer Science Under the Supervision of Dr. Xiao Qin Socorro, New Mexico
May,
2007
|