Abstract
This paper presents a security scheme for network-attached storage based on NFSv4 frame. One novel aspect of our system is that it enhances NFSv4 to guarantee the security of storage. Another novel feature is that we develop new user authentication mechanism which outperforms Kerberos. It uses HMAC and the symmetric cryptography to provide the integrity and privacy of transmitted data. The system includes three essential procedures: authenticating user, establishing security context and exchanging data. Our scheme can protect data from tampering, eavesdropping and replaying attacks, and it ensures that the data stored on the device is copy-resistant and encrypted. In spite of this level of security, the scheme does not impose much performance overhead. Our experiments show that large sequential reads or writes with security impose performance expense by 10-20%, which is much less than some other security systems. © Springer-Verlag Berlin Heidelberg 2005.
Cite
CITATION STYLE
Li, X., Yang, J., & Wu, Z. (2005). An NFSv4-based security scheme for NAS. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 3759 LNCS, pp. 130–139). Springer Verlag. https://doi.org/10.1007/11576259_15
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
