Iris: A scalable cloud file system with efficient integrity checks

E. Stefanov; M. Van Dijk; A. Juels; A. Oprea

doi:10.1145/2420950.2420985

Iris: A scalable cloud file system with efficient integrity checks

E. Stefanov, M. Van Dijk, A. Juels, A. Oprea

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

Abstract

We present Iris, a practical, authenticated file system designed to support workloads from large enterprises storing data in the cloud and be resilient against potentially untrustworthy service providers. As a transparent layer enforcing strong integrity guarantees, Iris lets an enterprise tenant maintain a large file system in the cloud. In Iris, tenants obtain strong assurance not just on data integrity, but also on data freshness, as well as data retrievability in case of accidental or adversarial cloud failures. Iris offers an architecture scalable to many clients (on the order of hundreds or even thousands) issuing operations on the file system in parallel. Iris includes new optimization and enterpriseside caching techniques specifically designed to overcome the high network latency typically experienced when accessing cloud storage. Iris also includes novel erasure coding techniques for the first efficient construction of a dynamic Proofs of Retrievability (PoR) protocol over the entire file system. We describe our architecture and experimental results on a prototype version of Iris. Iris achieves end-to-end throughput of up to 260MB per second for 100 clients issuing simultaneous requests on the file system. (This limit is dictated by the available network bandwidth and maximum hard drive throughput.) We demonstrate that strong integrity protection in the cloud can be achieved with minimal performance degradation. Copyright 2012 ACM.

Original language	English
Title of host publication	Proceedings - 28th Annual Computer Security Applications Conference, ACSAC 2012
Pages	229-238
DOIs	https://doi.org/10.1145/2420950.2420985
Publication status	Published - 2012
Externally published	Yes
Event	28th Annual Computer Security Applications Conference, ACSAC 2012 - , United States Duration: 3 Dec 2012 → 7 Dec 2012

Conference

Conference	28th Annual Computer Security Applications Conference, ACSAC 2012
Country/Territory	United States
Period	3/12/12 → 7/12/12

Access to Document

10.1145/2420950.2420985

Persistent URL (handle)

Persistent link

Cite this

@inproceedings{385d65f5ea9145f081717aefd04c67d9,

title = "Iris: A scalable cloud file system with efficient integrity checks",

abstract = "We present Iris, a practical, authenticated file system designed to support workloads from large enterprises storing data in the cloud and be resilient against potentially untrustworthy service providers. As a transparent layer enforcing strong integrity guarantees, Iris lets an enterprise tenant maintain a large file system in the cloud. In Iris, tenants obtain strong assurance not just on data integrity, but also on data freshness, as well as data retrievability in case of accidental or adversarial cloud failures. Iris offers an architecture scalable to many clients (on the order of hundreds or even thousands) issuing operations on the file system in parallel. Iris includes new optimization and enterpriseside caching techniques specifically designed to overcome the high network latency typically experienced when accessing cloud storage. Iris also includes novel erasure coding techniques for the first efficient construction of a dynamic Proofs of Retrievability (PoR) protocol over the entire file system. We describe our architecture and experimental results on a prototype version of Iris. Iris achieves end-to-end throughput of up to 260MB per second for 100 clients issuing simultaneous requests on the file system. (This limit is dictated by the available network bandwidth and maximum hard drive throughput.) We demonstrate that strong integrity protection in the cloud can be achieved with minimal performance degradation. Copyright 2012 ACM.",

author = "E. Stefanov and {Van Dijk}, M. and A. Juels and A. Oprea",

year = "2012",

doi = "10.1145/2420950.2420985",

language = "English",

pages = "229--238",

booktitle = "Proceedings - 28th Annual Computer Security Applications Conference, ACSAC 2012",

note = "28th Annual Computer Security Applications Conference, ACSAC 2012 ; Conference date: 03-12-2012 Through 07-12-2012",

}

TY - GEN

T1 - Iris

T2 - 28th Annual Computer Security Applications Conference, ACSAC 2012

AU - Stefanov, E.

AU - Van Dijk, M.

AU - Juels, A.

AU - Oprea, A.

PY - 2012

Y1 - 2012

N2 - We present Iris, a practical, authenticated file system designed to support workloads from large enterprises storing data in the cloud and be resilient against potentially untrustworthy service providers. As a transparent layer enforcing strong integrity guarantees, Iris lets an enterprise tenant maintain a large file system in the cloud. In Iris, tenants obtain strong assurance not just on data integrity, but also on data freshness, as well as data retrievability in case of accidental or adversarial cloud failures. Iris offers an architecture scalable to many clients (on the order of hundreds or even thousands) issuing operations on the file system in parallel. Iris includes new optimization and enterpriseside caching techniques specifically designed to overcome the high network latency typically experienced when accessing cloud storage. Iris also includes novel erasure coding techniques for the first efficient construction of a dynamic Proofs of Retrievability (PoR) protocol over the entire file system. We describe our architecture and experimental results on a prototype version of Iris. Iris achieves end-to-end throughput of up to 260MB per second for 100 clients issuing simultaneous requests on the file system. (This limit is dictated by the available network bandwidth and maximum hard drive throughput.) We demonstrate that strong integrity protection in the cloud can be achieved with minimal performance degradation. Copyright 2012 ACM.

AB - We present Iris, a practical, authenticated file system designed to support workloads from large enterprises storing data in the cloud and be resilient against potentially untrustworthy service providers. As a transparent layer enforcing strong integrity guarantees, Iris lets an enterprise tenant maintain a large file system in the cloud. In Iris, tenants obtain strong assurance not just on data integrity, but also on data freshness, as well as data retrievability in case of accidental or adversarial cloud failures. Iris offers an architecture scalable to many clients (on the order of hundreds or even thousands) issuing operations on the file system in parallel. Iris includes new optimization and enterpriseside caching techniques specifically designed to overcome the high network latency typically experienced when accessing cloud storage. Iris also includes novel erasure coding techniques for the first efficient construction of a dynamic Proofs of Retrievability (PoR) protocol over the entire file system. We describe our architecture and experimental results on a prototype version of Iris. Iris achieves end-to-end throughput of up to 260MB per second for 100 clients issuing simultaneous requests on the file system. (This limit is dictated by the available network bandwidth and maximum hard drive throughput.) We demonstrate that strong integrity protection in the cloud can be achieved with minimal performance degradation. Copyright 2012 ACM.

UR - http://www.scopus.com/inward/record.url?scp=84872103252&partnerID=8YFLogxK

U2 - 10.1145/2420950.2420985

DO - 10.1145/2420950.2420985

M3 - Conference contribution

SP - 229

EP - 238

BT - Proceedings - 28th Annual Computer Security Applications Conference, ACSAC 2012

Y2 - 3 December 2012 through 7 December 2012

ER -

Iris: A scalable cloud file system with efficient integrity checks

Abstract

Conference

Access to Document

Persistent URL (handle)

Other files and links

Fingerprint

Cite this