|
Improving data integrity and performance of cryptographic log structured file systemsKeywords: Cryptography , data security , log structured file system , metadata check-summing , trusted platform module Abstract: Modern File systems like the Cryptographic Log Structured File System are aimed to provide security and confidentiality. Current deployments of such File Systems do not ensure the integrity of encrypted data, stored on disk. Due to Kernel bugs, racing conditions and arbitrary dead-locks, CLFS data can be damaged or modified by users and intruders. Financial systems are particularly concerned with security as business continuity is essential to the produced output. That's why, we considered necessary to intervene in two directions. First we will modify the way keys are stored in the system, as their safe storage is a clue point to the whole protection this system assures. Implementing a Trusted Platform Module is our suggestion to the case. Afterwards, provided this secure environment, our aim lies towards ensuring data integrity on CLFS without compromising the overall performance. This paper considers the standard data verification methods, with the main goal to overcome one of its major limitations, low performance of File System check-summing. To improve the performance of this process we try to study and examine various design choices and propose metadata check-summing. Several tests are made to prove that this added functionality does not significantly affect performance.
|