Security Metadata Research Articles

COVER: Alleviating Crash-Consistency Error Amplification in Secure Persistent Memory Systems

Data security (including confidentiality, integrity, and availability) and crash consistency guarantees are essential for building trusted persistent memory (PM) systems. Security and consistency metadata are added to enable the guarantees. Recent studies show that errors in security metadata have the amplified effect, which significantly affects data availability. However, the impact of consistency metadata errors on data availability has rarely been discussed. We identify the crash-consistency error amplification (CCEA) problem, several errors in consistency metadata can make a large portion of data in PM possibly inconsistent. The error sensitivity of consistency metadata is higher than data and security metadata, thus requiring special attention. It is inefficient to address this problem by using the methods that are proposed to alleviate the amplified effect of security metadata errors, because security metadata are generally designed for a single purpose (e.g., integrity verification), while consistency metadata are designed for multiple purposes, including inconsistency locating and recovery. To effectively and efficiently alleviate the CCEA problem, we propose a c rash c o nsistency ver ification approach (COVER) that decouples inconsistency locating and recovery. COVER provides three design options that support different tradeoffs between effectiveness and efficiency. Experimental results show that COVER effectively alleviates the problem with only about 1.0% performance degradation on average compared with the state-of-the-art secure PM design.

A MapReduce Based Approach for Secure Batch Satellite Image Encryption

The overarching goal of this research was to examine the state of satellite imagery security in relation to its deteriorating form due to rising demand. The most common approaches to safeguarding satellite images during transmission across transmission networks, which are not protected by standard encryption, are the focus of this investigation. Since satellite imagery can be encrypted both in transit and while stored on a computer’s hard drive, we put the suggested Image Encryption System to the test by applying it to a collection of satellite photos. Concurrently encrypting data and running MapReduce jobs is key to the study methodology employed. This will be carried out in the Hadoop ecosystem, where an innovative method of analysing random numbers for use in Image encryption will be put to the test. The encryption was processed using MapReduce in the Hadoop ecosystem. Images were saved as BMP files with added security metadata. The evaluation of experiments was based on four (4) indicators. It was found that the processing time for batch encryption calculations grew in proportion to the amount of computations. All cluster, map, and reduction processes were put to the test using encrypted images, exposing load balancing difficulties and inefficiencies. Histogram analysis, the basis of an image encryption technique, provides evidence that the encrypted pixel values are consistent. Therefore, compared to other methods, such as a histogram or information entropy, this one is superior. Because of how it was crafted, it can withstand even the most sophisticated attacks without being compromised.

SecNVM: An Efficient and Write-Friendly Metadata Crash Consistency Scheme for Secure NVM

Data security is an indispensable part of non-volatile memory (NVM) systems. However, implementing data security efficiently on NVM is challenging, since we have to guarantee the consistency of user data and the related security metadata. Existing consistency schemes ignore the recoverability of the SGX style integrity tree (SIT) and the access correlation between metadata blocks, thereby generating unnecessary NVM write traffic. In this article, we propose SecNVM, an efficient and write-friendly metadata crash consistency scheme for secure NVM. SecNVM utilizes the observation that for a lazily updated SIT, the lost tree nodes after a crash can be recovered by the corresponding child nodes in NVM. It reduces the SIT persistency overhead through a restrained write-back metadata cache and exploits the SIT inter-layer dependency for recovery. Next, leveraging the strong access correlation between the counter and DMAC, SecNVM improves the efficiency of security metadata access through a novel collaborative counter-DMAC scheme. In addition, it adopts a lightweight address tracker to reduce the cost of address tracking for fast recovery. Experiments show that compared to the state-of-the-art schemes, SecNVM improves the performance and decreases write traffic a lot, and achieves an acceptable recovery time.

ShieldNVM

Data encryption and authentication are essential for secure non-volatile memory (NVM). However, the introduced security metadata needs to be atomically written back to NVM along with data, so as to provide crash consistency, which unfortunately incurs high overhead. To support fine-grained data protection and fast recovery for a secure NVM system without compromising the performance, we propose ShieldNVM. It first proposes an epoch-based mechanism to aggressively cache the security metadata in the metadata cache while retaining the consistency of them in NVM. Deferred spreading is also introduced to reduce the calculating overhead for data authentication. Leveraging the ability of data hash message authentication codes, we can always recover the consistent but old security metadata to its newest version. By recording a limited number of dirty addresses of the security metadata, ShieldNVM achieves fast recovering the secure NVM system after crashes. Compared to Osiris, a state-of-the-art secure NVM, ShieldNVM reduces system runtime by 39.1% and hash message authentication code computation overhead by 80.5% on average over NVM workloads. When system crashes happen, ShieldNVM’s recovery time is orders of magnitude faster than Osiris. In addition, ShieldNVM also recovers faster than AGIT, which is the Osiris-based state-of-the-art mechanism addressing the recovery time of the secure NVM system. Once the recovery process fails, instead of dropping all data due to malicious attacks, ShieldNVM is able to detect and locate the area of the tampered data with the help of the tracked addresses.

Phoenix: Towards Ultra-Low Overhead, Recoverable, and Persistently Secure NVM

Emerging Non-Volatile Memories (NVMs) bring a unique challenge to the security community, namely persistent security. As NVM-based memories are expected to restore their data after recovery, the security metadata must be recovered as well. However, persisting all affected security metadata on each memory write would significantly degrade performance and exacerbate the write endurance problem. On the other hand, relying on encryption counters recovery scheme would take hours to rebuild the integrity tree, and will not be sufficient to rebuild the Tree-of-Counters (ToC). Due to intermediate nodes dependencies it is not possible to recover this type of trees using the encryption counters. To ensure recoverability, all updates to the security metadata must be persisted, which can be tens of additional writes on each write. In this paper, we propose Phoenix, a practical novel scheme which relies on elegantly reproducing the cache content before a crash, however with minimal overheads. Our evaluation results show that Phoenix reduces persisting security metadata overhead writes to 3.8% less than a write-back encrypted system without recovery, thus improving the NVM lifetime by 8x. Overall Phoenix performance is better than the baseline.

Modeling Access Control on Streaming Data in Apache Storm

Abstract Streaming analytics on real-time data is very important in the IOT world since analytics, decisions and operations have to be done in real-time for practical applicability. In such scenarios, one key consideration is the security of the real-time stream. Stream security as in other network security can be modeled using the CIA (Confidentiality/Integrity/Availability) model [1]. However, most practical implementations just take care of the first two aspects viz Confidentiality and Integrity using standard techniques such as encryption and signatures. In this paper, we introduce an access control mechanism on the stream that annotates the stream with additional security metadata. This metadata can be used to allow/deny access to elements in the stream and also protect the privacy of the data. We demonstrate a work in progress implementation of the access control mechanism on the popular streaming engine Apache Storm [2] and demonstrate how access control can be modeled and implemented on streaming data.

IRODS metadata management for a cancer genome analysis workflow

BackgroundThe massive amounts of data from next generation sequencing (NGS) methods pose various challenges with respect to data security, storage and metadata management. While there is a broad range of data analysis pipelines, these challenges remain largely unaddressed to date.ResultsWe describe the integration of the open-source metadata management system iRODS (Integrated Rule-Oriented Data System) with a cancer genome analysis pipeline in a high performance computing environment. The system allows for customized metadata attributes as well as fine-grained protection rules and is augmented by a user-friendly front-end for metadata input. This results in a robust, efficient end-to-end workflow under consideration of data security, central storage and unified metadata information.ConclusionsIntegrating iRODS with an NGS data analysis pipeline is a suitable method for addressing the challenges of data security, storage and metadata management in NGS environments.

A network based document management model to prevent data extrusion

This paper presents a network-based document management model to protect sensitive data from unauthorized disclosure in organizations. The presented framework utilizes XML security concept, PKI cryptosystem and an XML-based metadata embedding approach mainly to address the problem of information leakage that may happen through employees of a company (also known as the insider threat).By utilizing the above-mentioned techniques, our suggested framework wraps the confidential documents with an additional layer of security meta-data that can be investigated in critical network points of an organization to prevent illegal data distribution. This solution can also guarantee data confidentiality, integrity, and support for non-repudiation. We believe our suggested model can effectively prevent intentional or unintentional data leak incidents.

Implementing context and team based access control in healthcare intranets.

The establishment of an efficient access control system in healthcare intranets is a critical security issue directly related to the protection of patients' privacy. Our C-TMAC (Context and Team-based Access Control) model is an active security access control model that layers dynamic access control concepts on top of RBAC (Role-based) and TMAC (Team-based) access control models. It also extends them in the sense that contextual information concerning collaborative activities is associated with teams of users and user permissions are dynamically filtered during runtime. These features of C-TMAC meet the specific security requirements of healthcare applications. In this paper, an experimental implementation of the C-TMAC model is described. More specifically, we present the operational architecture of the system that is used to implement C-TMAC security components in a healthcare intranet. Based on the technological platform of an Oracle Data Base Management System and Application Server, the application logic is coded with stored PL/SQL procedures that include Dynamic SQL routines for runtime value binding purposes. The resulting active security system adapts to current need-to-know requirements of users during runtime and provides fine-grained permission granularity. Apart from identity certificates for authentication, it uses attribute certificates for communicating critical security metadata, such as role membership and team participation of users.