NDS2 Secure storage, sharing and publishing of data in the NDS



Similar documents
Polish National Data Storage. Norbert Meyer, Maciej Brzeźniak, Maciej Stroiński PSNC

National Data Storage data replication in the network

Amazon Cloud Storage Options

Boas Betzler. Planet. Globally Distributed IaaS Platform Examples AWS and SoftLayer. November 9, IBM Corporation

Investigating Private Cloud Storage Deployment using Cumulus, Walrus, and OpenStack/Swift

Compatibility and Support Information Nasuni Corporation Natick, MA

Oracle Solaris Security: Mitigate Risk by Isolating Users, Applications, and Data

INUVIKA OPEN VIRTUAL DESKTOP FOUNDATION SERVER

EMC SYNCPLICITY FILE SYNC AND SHARE SOLUTION

WOS Cloud. ddn.com. Personal Storage for the Enterprise. DDN Solution Brief

Storage Sync for Hyper-V. Installation Guide for Microsoft Hyper-V

EMC DATA PROTECTION. Backup ed Archivio su cui fare affidamento

efolder BDR for Veeam Cloud Connection Guide

Access All Your Files on All Your Devices

StorPool Distributed Storage Software Technical Overview

Druva insync: Simplified, Robust Endpoint Data Protection Date: August 2011 Author: Tony Palmer, Senior Lab Engineer /Analyst

Enabling Technologies for Distributed and Cloud Computing

Introduction to Gluster. Versions 3.0.x

VMware Virtual SAN Backup Using VMware vsphere Data Protection Advanced SEPTEMBER 2014

Veeam Cloud Connect. Version 8.0. Administrator Guide

IOmark- VDI. HP HP ConvergedSystem 242- HC StoreVirtual Test Report: VDI- HC b Test Report Date: 27, April


TECHNICAL PAPER. Veeam Backup & Replication with Nimble Storage

Enabling Technologies for Distributed Computing

Low-cost

Software to Simplify and Share SAN Storage Sanbolic s SAN Storage Enhancing Software Portfolio

farmerswife Contents Hourline Display Lists 1.1 Server Application 1.2 Client Application farmerswife.com

Hardware and Software Requirements. Release 7.5.x PowerSchool Student Information System

Cloud Attached Storage 3.1 EA

IT of SPIM Data Storage and Compression. EMBO Course - August 27th! Jeff Oegema, Peter Steinbach, Oscar Gonzalez

Transporter from Connected Data Date: February 2015 Author: Kerry Dolan, Lab Analyst and Vinny Choinski, Sr. Lab Analyst

Business and enterprise cloud sync, backup and sharing solutions

Acronis Backup & Recovery 11.5

We look beyond IT. Cloud Offerings

StACC: St Andrews Cloud Computing Co laboratory. A Performance Comparison of Clouds. Amazon EC2 and Ubuntu Enterprise Cloud

How To Use Attix5 Pro For A Fraction Of The Cost Of A Backup

Sync Security and Privacy Brief

Zerto Virtual Manager Administration Guide

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0

owncloud Enterprise Edition on IBM Infrastructure

Virtualization of CBORD Odyssey PCS and Micros 3700 servers. The CBORD Group, Inc. January 13, 2007

Service Overview CloudCare Online Backup

Parallels Cloud Server 6.0

KUIDAS KAITSTA ANDMEID EMC TARKVARAGA?

SGFS: Secure, Flexible, and Policy-based Global File Sharing

Outline. Introduction Virtualization Platform - Hypervisor High-level NAS Functions Applications Supported NAS models

Object storage in Cloud Computing and Embedded Processing

ZEN LOAD BALANCER EE v3.02 DATASHEET The Load Balancing made easy

Installation and Configuration Guide for Windows and Linux

EVault Technology Build Cloud-Connected Backup and Recovery Services for Datacenter

Virtualised MikroTik

MEGA Web Application Architecture Overview MEGA 2009 SP4

Gladinet Cloud Backup V3.0 User Guide

Virtuozzo 7 Technical Preview - Virtual Machines Getting Started Guide

Copyright 2012 Trend Micro Incorporated. All rights reserved.

CERN Cloud Storage Evaluation Geoffray Adde, Dirk Duellmann, Maitane Zotes CERN IT

One Solution for Real-Time Data protection, Disaster Recovery & Migration

Lecture 11. RFS A Network File System for Mobile Devices and the Cloud

Security Overview Enterprise-Class Secure Mobile File Sharing

Atempo, Inc. LIVE BACKUP DEPLOYMENT GUIDE PLANNING AND DEPLOYING LIVE BACKUP IN YOUR CORPORATE ENTERPRISE. Author: Amy Gracer,

Michael Thomas, Dorian Kcira California Institute of Technology. CMS Offline & Computing Week

Evaluation of Enterprise Data Protection using SEP Software

Distributed File System Choices: Red Hat Storage, GFS2 & pnfs

Kaseya IT Automation Framework

Remote Application Server Version 14. Last updated:

Performance Analysis of Client Side Encryption Tools

WHITEPAPER. One Cloud For All Your Critical Business Applications.

1. Product Information

Network File System (NFS) Pradipta De

File Protection using rsync. Setup guide

Introduction to Mobile Access Gateway Installation

10GbE Ethernet for Transfer Speeds of Over 1150MB/s

Online Backup Client User Manual Linux

ovirt and Gluster hyper-converged! HA solution for maximum resource utilization

Lab Validation Report

Hitachi Content Platform (HCP)


E4 UNIFIED STORAGE powered by Syneto

For Hyper-V Edition Practical Operation Seminar. 4th Edition

Kaspersky Endpoint Security 8 for Linux INSTALLATION GUIDE

Merge CADstream. For IT Professionals. Merge CADstream,

Remote/Branch Office IT Consolidation with Lenovo S2200 SAN and Microsoft Hyper-V

Options in Open Source Virtualization and Cloud Computing. Andrew Hadinyoto Republic Polytechnic

FileCruiser Backup & Restoring Guide

OpenProdoc. Benchmarking the ECM OpenProdoc v 0.8. Managing more than documents/hour in a SOHO installation. February 2013

How to Backup and Restore a VM using Veeam

vnas Series All-in-one NAS with virtualization platform

Vembu BDR v Release Notes. Major features in v Other features in Vembu BDR. Cloud Disaster Recovery Service. VMware UltraBlaze.

CERNBox + EOS: Cloud Storage for Science

A Virtual Filer for VMware s Virtual SAN A Maginatics and VMware Joint Partner Brief

Distributed File Systems

WebLogic on Oracle Database Appliance: Combining High Availability and Simplicity

VMware Horizon FLEX User Guide

Dell PowerVault DL2200 & BE 2010 Power Suite. Owen Que. Channel Systems Consultant Dell

Transcription:

NDS2 Secure storage, sharing and publishing of data in the NDS Maciej Brzeźniak, Supercomputing Dept. of PSNC, www.psnc.pl TF-Storage meeting@dubrovnik, Sep., 26-27th 2012 Project funded by: NCBiR for 2011-2013 under KMD2 project (no. NR02-0025-10/2011) Project partners 10 Polish universities and supercomputing centres:

NDS2 -presentation plan Background and project status NDS and BADSS NDS2 NDS2: Secure storage and sharing Secure storage clients: ndscryptofs (Win/Linux) Java GUI, CLI, library and Android Appliance virtual/physical for institutions Client-side encryption & integrity control Concept and some details Performance Secure sharing inside NDS2 concept and keys management Secure publishing general information 2

NDS (2007-2009) Background: NDS & BADSS (1) R&D project: distributed, replicated data storage Virtual Filesystem in user space implemented using FUSE library Standard user interfaces: SFTP (SSHd), WebDAV, Web application, GridFTP Replication: Automatic, system-side, synchronous and asynchronous Performed using NFS (local replicas) and GridFTP (remote ones) protocols Funded from national sources BADSS (2009-2012) Deployment of NDS for academic community 10 sites in Poland Tapes: 12,5 PB in 5 sites Disks: 2 PB Funded from EU structural sources PLATON project

Background: NDS & BADSS (2) Assumptions for NDS and experience from NDS deployment: No needfor dedicatedaccesstools OK for users, BUT No encryption of the data supported by system: Data encrypted only during transfer (SSL) and on tape media (LTO5 encryption) + disks de-magnetization Users may encrypt data on their side: Manually impractical with large data Automatically with external tools, that supports on-the-fly encryption POSIX-like access to data: Linux: SSHfs works for most use-cases => OK Windows: Problems with native Webdav client in some versions of Windows To have a stable solutons for accessing big files extra (paid) clients are needed => possibly it s best to provide your own client (however it s not easy)

NDS2 project status NDS2 (2011-2013) extension of NDS project(2007-2009) NDS2 = NDS reliable, replicated and distributed storage + secure storage & sharing & publising + versioning + ACLs support + user management de-centralisation Progress: Some prototypes worked out already: nds2cryptofs 4 Linux and Windows Android client without encryption Some are under development: Java-based GUI application Appliance for institutions Android client with encryption Project partners 10 Polish universities and computing centres Funded by: NCBiR for 2011-2013 under KMD2 project (no. NR02-0025-10/2011)

Clients for NDS2 Assumptions: We address most popular platforms (Windows, Linux) with native client providing POSIX-like access to data Linux user Windows user Appliance for institutions GUI and Android user JAVA GUI can be used for remaining plaforms Android client as a proofof-concept for mobile users (currently no plan for IOs) Clients being developed: SSHFS + extensions Commercial FUSE-like and SFTP libraries SSHFS + extensions Java crpto libraries nds2cryptofs 4 Linux nds2cryptofs 4 Windows Java-based GUI application Appliance for institutions NDS filesystem + supportfor encryption keys mgmt Android client 6

NDS2: Client-side cryptography Linux: SSHFS + extensions FUSE-based project We patched the SSHFS code: it calls cryptographic functions (encryption & digests) while serving read and write operations of VFS layer Prototype exists! Ready for testing. Linux user SSHFS + extensions WAN

NDS2: Client-side cryptography Windows: Commercial Virtual FS library(fuse-like) and commercial SFTP client library Why we use paid libraries?: Portability among diferent versions of Windows Wanted a quick win and the working solution ASAP We focus on cryptography and feautres on top of the filesystem (secure storage, sharing, ACLs ) Virtual FS library: We considered DOKAN but the project looks not to be well maintained SFTP library: Open source libraries have serious performance limitations Windows user Commercial FUSE-like and SFTP libraries WAN Client prototype exist! Ready for testing.

NDS2: Client-side cryptography GUI application (1) Allows storage & retrieval of files and provides filesystem structure view: Put, get, move, delete etc. Drag & drop support Sharing management: Initialisation and control of sharing SHARE DIRECTORY creation Assigning the directory with the sharing keypairs Access control lists management (ACLs) Advanced, user-level metadata access and management: (Automated) annotation, tagging control etc. Meta-data based search (free form/structured) (on the roadmap) Implementation: Java library (used for CLI, GUI and Android app.) Shell integration for Windows and Linux (on the roadmap) Data and filesystem meta-data Operating system supporting JAVA Java crpto libraries WAN User meta-data & control

NDS2: Client-side cryptography GUI application (2) screenshot of the prototype (Polish version)

Client-side cryptography Appliance for institutions idea: REMOTE STORAGE SPACE: storage space in NDS2 system VFS with transparent, on-the fly encryption and digests LOCAL STORAGE SPACE: local storage for local usage people need it anyway; e.g. workspace for users within the small organisation exported to LAN by SMB protocol; LOCAL and REMOTE spaces synchronized (scheduled or on-demand) Appliance administration basic web console: Defining storage, shares and backup/synchronization schedules Managing user accounts User accounts: Appliance is the user of NDS2 system Internal accounts may be taken from LDAP or defined manually Status: concept is still evolving: e.g. should the intenal disk be persistent storage or cache only? Local disk space NDS filesystem + support for encryption keys mgmt Appliance for institutions LAN SMB server SSHFS + extensions WAN Remote space cryptofs

Client-side cryptography Appliance for institutions possible implementations: Box for small groups/ instiutions Small (19,5x70x18,6cm) and silent, green(fits below the desk): CPU with AES-NI support (not a problem these days) 2 x 2,5 HDDs or 2x green SSDsinside (up to ~ 2 TB of RAW internal storage) Must be cheap! e.g. ~600 EUR/box (not more than PC) Rack server for bigger institutions Rackserver: CPUs with AES-NI on board Low voltage! (being green, costs) 4x 3,5 or 8x 2,5 SSD (up to 12 TB of RAW storage) Reasonable costs - ~2500EUR with 12TB of capacity Some fancy hardware for users: Smart cards + readers (expresscard or USB) Psychological trick (works for some users) VMware vappliance Virtual machine: E.g. vapp easy to run on vmware cluster or another VM image No assumptions on hardware just needs LUN for local storage and account in NDS2 for backups and sync s

Client-side cryptography Appliance for institutions discussion: RISK analysis Hardware = cost must be included in the service delivery model Hardware = failures too much hassle? outsourcing? but it costs Hardware problem = data loss? Disk failures:» RAIDs helps in case of single disk failure» Frequent backups/sync s protects in case of total crash Server failures:» Data not available at local storage for a while, but NOT LOST» Access to data still possible using software client (keys needed)» Certificate for authorisation securely stored on smart card (SC)» MASTER keys for encryption on SC (future) or other media (e.g. SD)» Appliance configuration data on SD card and/or in the remote storage» Hardware may be easily exchanged Experimental work we will build some prototype and check users buy-in

NDS2: Client-side cryptography Android application: Challenge 1: User-friendly, intuitive interface Core functionality only simplicity: Data storage and retrieval Remote filesystem s view and file access» Local caching of files e.g if user reads PDF file Device memory/storage view» Click to upload to NDS2 Interface integration:» e.g. send to NDS2 function in file browser No sharing, user-level metadata mgmt etc. At least not in 1st approach Challenge 2: Encryption / digests performance / battery: Benchmarks for ARM CPUs promising comparing to WLAN bandwidth AES support planned for ARMv8 architecture Encryption may exhaust battery However, note that typically Android will be used for small files (PDFs, DOCs, photos etc.) Again, an experimental work: Proof-of-concept for Android V1 screenshot Android OS Data and filesystem meta-data Java crpto libraries WAN

Secure data storage (1) Confidentiality thanks to encryption Integrity control thanks to digests Assumptions and decisions: We need performance > symmetric encryption (AES 256 counter) We don t want to keep per-file keys on the user side let s store them in the system (encrypted) MASTER KEY asymm. + symmetric FILE KEYs Converged encryption? NO, we generate key for each file Strong digests (i.e. preventig us from collisions) SHA512 calculated per block (64k) File format overhead: 512bits=64Bytes / 64kBytes = 1/1024 = 0,09765625 % Issues: Only the user has a MASTER KEY: User is responsible for proper key protection -> may be a problem for less aware users Some tools needed, e.g. backup to USB dongle or SD card feature of GUI application User education needed!

Secure data storage (2) File format: Header: File s symmetric key encrypted with user s public key In default setup (no sharing), only the owner may know the secret symmetric key While sharing, additional headers stored in the system; they contain the file key encrypted with sharing users public keys N x data block, each block has: Data part: encrypted with the unique symmetric FILE KEY generated per file Control part: contains digest, encrypted by the FILE KEY

Secure data storage (3) Performance: Encryption: AES256 counter: Regular PC reading data + encrypting(no writes): Intel Core 2 Duo E7400 2.80 GHz, RAM: 4 x 1024MB DDR2, Fedora 14 64 bit, kernel 2.6.35 or Win 7 Pro SP1 64 bit» C + openssl, Java + Bouncy Castle ~46 MB/s» C# + Bouncy Castle 20 MB/s» C# + Commercial Library 47 MB/s in-ram operations faster:» C + openssl ~100 MB/s More if you exploit AES-NI Intel Core i7 3.4GHz 8GB RAM Ubuntu11.10 SFTP (AES-256): C + openssl 150 MB/s In-RAM encryption ~ 1 GB/s (or more) Most libraries (and Java VM) can exploit AES-NI! SHA512 digests: Regular PC: 2 x Six-Core AMD Opteron2435 2.6 GHz (2 cores used by VM), 2 GB RAM, Centos 5.6 gcc: 4.1.2, OpenSSL: 0.9.8e, Boost: 1.33.1, ~ 1,2 GB/s

Secure data storage (4) comparison with other solutions discussed during meeting Feature Trusted Cloud Drive SpiderOak NDS2 Encryption keys for files Symmetric Symmetric Symmetric Whoknowsthe secretkey Namespaceencryption? Trusted Cloud Drive provider (on-premises) Namespace (meta-data) stored on-premises Only end-user Yes Only-end user Secure sharing Planned Planned Planned Dedicated client needed No Yes Yes Filesystem-like access? (drive letter/ local mount) Mobileclient Files cut to fragments while stored in the system? Win: BitKinex / other Linux: DAVfs WebDav file manager, other WebDAV clients No No Custom Yes, files stored in blocks in the system No, considered for 2nd approach Yes: ndscryptofs4 Windows and Linux Custom (Android in 1st approach) Only logically, one file on the storage Assummed storage back-end Disks / clouds Disks HSMs and/or disks

Safedata sharing& publishing(1) Secure data sharing with internal NDS2 clients ACLs for physical access control to files Encryption + appropriate keys handling for security; assumptions: Users don t trust the service provider Some users from the same institution (it may be large see universities) don t want to use the same encryption keys as their colleagues Current concept (still evolving): File encryption keys protected by per-directory or per-user-group key pair (called PROXY KEYS), known to the sharing group Keys exchange automatic, however initiated by share owner using GUI: The user (owner) creates SHARE directory and defines members of sharing group (determined by setting ACLs to individuals or for a system group) PROXY keypair is associated to this SHARE, then securely exchanged with allowed users using their public keys PROXY private key is needed to access the FILE KEYs for the shared files PROXY public key is needed to create new files in shared folder Will work for all interfaces: ndscryptofs for Linux, Windows, GUI and Android

Safe data sharing & publishing (2) Sharing data with external World Secure sharing: FileSender-like use-case: Temporary storage of data Import/export voucher Multiple files per voucher Encryption & digests supported Planned deployment: SANDBOXed environment: Servers/infrastructure separate from NDS2 for security No interactions from sandbox->nds2; all actions initiatied from NDS2 side Possible integration with FileSender (open topic) Secure publishing: Data put to the public www servers for permanent storage Read-only access from World Publication link generated by the system to be shared with other users, put to CMS or to website Planned deployment: dedicated, publication SANDBOX: Infrastructure separate from NDS2 for safety reasons Multiple www servers and storage systems + load balancing + client proximity for performance reasons No interactions from sandbox->nds2; all actions initiatied from NDS2 side

More information: NDS: National Data Storage: nds.psnc.pl nds@psnc.pl BADSS: Backup and Archival Data Storage Service for Polish Science: storage.pionier.net.pl PLATON project: www.platon.pionier.net.pl