Self-securing storage: protecting data in compromised systems

Self-securing storage: protecting data in compromised systems,10.1109/FITS.2003.1264933,John D. Strunk,Garth R. Goodson,Michael L. Scheinholtz,C. A. N

Self-securing storage: protecting data in compromised systems   (Citations: 16)
BibTex | RIS | RefWorks Download
Self-securing storage prevents intruders from undetectably tampering with or permanently deleting stored data. To accomplish this, self-securing storage devices internally audit all requests and keep old versions of data for a window of time, regardless of the commands received from potentially compromised host operating systems. Within the window, system administrators have this valuable information for intrusion diagnosis and recovery. Our implementation, called S4, combines log-structuring with journal-based metadata to minimize the performance costs of comprehensive versioning. Experiments show that self-securing storage devices can deliver performance that is comparable with conventional storage systems. In addition, analyses indicate that several weeks worth of all versions can reasonably be kept on state-of-the-art disks, especially when differencing and compression technologies are employed.
Cumulative Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.
    • ...On the other hand, for data that is frequently used the better alternative to encryption would be to partially secure storage [31, 33] whereby the data management is handled by an independent system that works outside the operating system control...

    S. Srinivasanet al. Database security curriculum in InfoSec program

    • ...Examples include communications protocols that provide important quality guarantees [6, 31], approaches to the secure use of mobile [3], file systems that resist or tolerate [44], software wra ppers that permit legacy code to have tain important quality attributes retrofitted [1 5], security protocols that help ensure certain security properties [11], mechanisms for dealing with bu ffer overflow attacks, and approaches to the of a ecure ...

    John C. Knightet al. Achieving Critical System Survivability Through Software Architectures

Sort by: