skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: RackBlox: A Software-Defined Rack-Scale Storage System with Network-Storage Co-Design
Award ID(s):
1919044
PAR ID:
10525145
Author(s) / Creator(s):
; ; ; ; ; ; ;
Publisher / Repository:
ACM
Date Published:
ISBN:
9798400702297
Page Range / eLocation ID:
182 to 199
Format(s):
Medium: X
Location:
Koblenz Germany
Sponsoring Org:
National Science Foundation
More Like this
  1. (, Proceedings of the 19th USENIX Conference on File and Storage Technologies (FAST '20))
    null (Ed.)
    Modern hybrid cloud infrastructures require software to be easily portable between heterogeneous clusters. Application containerization is a proven technology to provide this portability for the functionalities of an application. However, to ensure performance portability, dependable verification of a cluster's performance under realistic workloads is required. Such verification is usually achieved through benchmarking the target environment and its storage in particular, as I/O is often the slowest component in an application. Alas, existing storage benchmarks are not suitable to generate cloud native workloads as they do not generate any storage control operations (e.g., volume or snapshot creation), cannot easily orchestrate a high number of simultaneously running distinct workloads, and are limited in their ability to dynamically change workload characteristics during a run. In this paper, we present the design and prototype for the first-ever Cloud Native Storage Benchmark—CNSBench. CNSBench treats control operations as first-class citizens and allows to easily combine traditional storage benchmark workloads with user-defined control operation workloads. As CNSBench is a cloud native application itself, it natively supports orchestration of different control and I/O workload combinations at scale. We built a prototype of CNSBench for Kubernetes, leveraging several existing containerized storage benchmarks for data and metadata I/O generation. We demonstrate CNSBench's usefulness with case studies of Ceph and OpenEBS, two popular storage providers for Kubernetes, uncovering and analyzing previously unknown performance characteristics. 
    more » « less
  2. ; ; ; ; ; ; ; (, 2021 IEEE International Performance, Computing, and Communications Conference (IPCCC))
  3. ; (, IEEE Transactions on Information Forensics and Security)
    A plausibly deniable storage (PDS) system not only conceals the plaintext of sensitive data, but also hides their very existence. It can essentially mitigate a novel coercive attack, in which the adversary captures both a victim and his/her device, and coerces the victim to disclose the sensitive data. A rich number of PDS systems have been designed in the literature. However, all of them are specifically designed for a certain type of storage hardware. In this work, we have designed HiPDS , the first storage Hardware-independent Plausibly Deniable Storage system. HiPDS can defend against a multi-snapshot adversary which can have access to both the external storage and the internal memory at multiple checkpoints over time. By leveraging our adapted chameleon hash, we encode the sensitive data into the non-sensitive cover data in a fine-grained manner, so that both the existence and the access of the sensitive data on the external storage device can be plausibly denied. In addition, to prevent the sensitive data from being compromised in the memory, the encoding/decoding process is run in a secure memory region isolated by the trusted execution environment. A salient feature of HiPDS is that it can ensure deniability on any types of storage media, which is essentially important for users who may change the external storage devices over time. Security analysis and experimental evaluation confirm that HiPDS can ensure deniability against the multi-snapshot adversary at the cost of an acceptable overhead. 
    more » « less
  4. ; ; ; ; (, HotStorage '21: Proceedings of the 13th ACM Workshop on Hot Topics in Storage and File Systems)
    null (Ed.)
    Peripheral devices like SSDs are growing more complex, to the point they are effectively small computers themselves. Our position is that this trend creates a new kind of attack vector, where untrusted software could use peripherals strictly as intended to accomplish unintended goals. To exemplify, we set out to rowhammer the DRAM component of a simplified host-side FTL, issuing regular I/O requests that manage to flip bits in a way that triggers sensitive information leakage. We conclude that such attacks might soon be feasible, and we argue that systems need principled approaches for securing peripherals against them. 
    more » « less
  5. ; ; ; (, Proceedings of the Conference on Decision and Control)
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email