SAFIUS - A secure and accountable filesystem over untrusted storage

TL;DR

SAFIUS is a secure, accountable filesystem over untrusted storage that ensures confidentiality, integrity, and accountability while maintaining acceptable performance through innovative signature management.

Contribution

It introduces a novel signature pruning mechanism and implements a secure filesystem over untrusted storage with minimal performance overhead.

Findings

50% overhead in data-intensive workloads

Comparable or better performance in metadata workloads

Provides strong security guarantees like confidentiality and integrity

Abstract

We describe SAFIUS, a secure accountable file system that resides over an untrusted storage. SAFIUS provides strong security guarantees like confidentiality, integrity, prevention from rollback attacks, and accountability. SAFIUS also enables read/write sharing of data and provides the standard UNIX-like interface for applications. To achieve accountability with good performance, it uses asynchronous signatures; to reduce the space required for storing these signatures, a novel signature pruning mechanism is used. SAFIUS has been implemented on a GNU/Linux based system modifying OpenGFS. Preliminary performance studies show that SAFIUS has a tolerable overhead for providing secure storage: while it has an overhead of about 50% of OpenGFS in data intensive workloads (due to the overhead of performing encryption/decryption in software), it is comparable (or better in some cases) to OpenGFS in metadata intensive workloads.