In this paper, we present a file allocation and caching scheme that guarantees high assurance, availability, and load balancing in a large-scale distributed file system that can support dynamic updates of authorization policies. The scheme uses fragmentation and replication to store files with high security requirements in a system composed of a majority of low-security servers. We develop mechanisms to fragment files, to allocate them into multiple servers, and to cache them as close as possible to their readers while preserving the security requirement of the files, providing load-balancing, and reducing delay of read operations. The system offers a trade-off-between performance and security that is dynamically tunable according to the current level of threat. We validate our mechanisms with extensive simulations in an Internet-like network.
|Title of host publication||SECRYPT 2012 - Proceedings of the International Conference on Security and Cryptography|
|Publication status||Published - 2012|
|Event||9th International Conference on Security and Cryptography (SECRYPT 2012) - Rome, Italy|
Duration: 24 Jul 2012 → 27 Jul 2012
|Conference||9th International Conference on Security and Cryptography (SECRYPT 2012)|
|Period||24/07/2012 → 27/07/2012|