On Secure Distributed Data Storage Under Repair Dynamics

Sameer Pawar and Salim El Rouayheb and Kannan Ramchandran

EECS Department, University of California, Berkeley

Technical Report No. UCB/EECS-2010-18

February 17, 2010

http://www2.eecs.berkeley.edu/Pubs/TechRpts/2010/EECS-2010-18.pdf

We address the problem of securing a dynamic distributed data storage system against a passive eavesdropper that can observe a fixed number of storage nodes. Distributed data storage system experiences node failures over time due to various reasons. These failed nodes are repaired in order to maintain the availability of data with certain fixed reliability. If an eavesdropper accesses a node while it is being added to the system to repair it from a failure, it will have access to all the data communicated to that node, which can potentially compromise the entire data stored in the system. We are interested in determining the secrecy capacity of such dynamic systems, i.e., the maximum amount of data that can be made reliably available to a legitimate user in the face of node failures and repairs in presence of eavesdropper without revealing any information to it about the data. We use the information flow graph to model these systems as multicast networks with compromised nodes. We provide a general upper bound on the secrecy capacity and show that this bound is tight in the bandwidth limited regime which is of significant importance for practical systems such as Internet-based peer-to-peer distributed storage systems.

BibTeX citation:

@techreport{Pawar:EECS-2010-18,
    Author= {Pawar, Sameer and El Rouayheb, Salim and Ramchandran, Kannan},
    Title= {On Secure Distributed Data Storage Under Repair Dynamics},
    Year= {2010},
    Month= {Feb},
    Url= {http://www2.eecs.berkeley.edu/Pubs/TechRpts/2010/EECS-2010-18.html},
    Number= {UCB/EECS-2010-18},
    Abstract= {We address the problem of securing a dynamic distributed data storage system against a passive eavesdropper that can observe a fixed number of storage nodes. Distributed data storage system experiences node failures over time due to various reasons. These failed nodes are repaired in order to maintain the availability of data with certain fixed reliability. If an eavesdropper accesses a node while it is being added to the system to repair it from a failure, it will have access to all the data communicated to that node, which can potentially compromise the entire data stored in the system. We are interested in determining the secrecy capacity of such dynamic systems, i.e., the maximum amount of data that can be made reliably available to a legitimate user in the face of node failures and repairs in presence of eavesdropper without revealing any information to it about the data. We use the information flow graph to model these systems as multicast networks with compromised nodes. We provide a general upper bound on the secrecy capacity and show that this bound is tight in the bandwidth limited regime which is of significant importance for practical systems such as Internet-based peer-to-peer distributed storage systems.},
}

EndNote citation:

%0 Report
%A Pawar, Sameer 
%A El Rouayheb, Salim 
%A Ramchandran, Kannan 
%T On Secure Distributed Data Storage Under Repair Dynamics
%I EECS Department, University of California, Berkeley
%D 2010
%8 February 17
%@ UCB/EECS-2010-18
%U http://www2.eecs.berkeley.edu/Pubs/TechRpts/2010/EECS-2010-18.html
%F Pawar:EECS-2010-18