A Network-based Distributed Data Storage System for Data Security in a Hostile Network

Abstract

Security in hostile and dynamic mobile networks (e.g., a robot network) under constraints (e.g., limited Internet connection) is still a problem to securely store the sensitive data while maintaining the data availability, integrity, and confidentiality. The compromise of a physical device (e.g., robot) could result in data loss stored in the device and data leakage to adversaries. In this paper, we address this problem by proposing a Network-based Distributed Data Storage (NDDS) system using a threshold-based secret sharing and blockchain technology. A polynomial-based encoding method is leveraged to split a data file into multiple fragments with desirable redundancy. Each fragment is the encoded secret share as randomly generated symbols without disclosing original data information. These fragments are distributed into a set of nodes in the network such that the compromise of a device will not result in data loss and the original data can be fully recovered from the survival devices. In support of data operations, a directory server is proposed to be implemented in a lightweight blockchain to maintain metadata that describe the fragment associations. Our theoretical and experimental results demonstrate NDDS security and performance under different strategies, depending on the data security and performance requirements in the network.