Austin Smith
ABSTRACT
High performance computing systems are typically built with high-throughput and infrastructural uniformity in mind, but generally do not easily accommodate diverse data security requirements on a single cluster. Rather than fracturing that infrastructure by building many network isolated storage "islands" to secure each dataset covered by an individual data use agreement, we explore using the Ceph distributed storage system with client-side encryption to provision secure storage from a single, untrusted data lake.
- Matt Blaze. 1993. A Cryptographic File System for UNIX. In Proceedings of the 1st ACM Conference on Computer and Communications Security (CCS '93). ACM, New York, NY, USA, 9--16. Google Scholar
Digital Library
- Ceph Blog. {n. d.}. Ceph Blog: New in Luminous: Improved Scalability. https://ceph.com/community/new-luminous-scalability/Google Scholar
- Thomas William Byrne. {n. d.}. Erasure Code at Scale. https://www.youtube.com/watch?v=cX8LlFZDfqUGoogle Scholar
- Victor Costan and Srinivas Devadas. 2016. Intel SGX Explained. IACR Cryptology ePrint Archive 2016 (2016), 86.Google Scholar
- Alastair Dewhurst. {n. d.}. Deployment of a large erasure coded object store for data intensive science. http://193.62.125.70/CIUK2017/AlastairDewhurst_STFC.pdfGoogle Scholar
- Ceph Documentation. {n. d.}. Ceph Blog Object Gateway. http://docs.ceph.com/docs/mimic/radosgw/Google Scholar
- eCryptfs Bug Tracker. {n. d.}. ecryptfs does not work properly over nfs, cifs, samba, WebDAV, or aufs. https://bugs.launchpad.net/ecryptfs/+bug/277578Google Scholar
- Richard Graham, Timothy S. Woodall, and Jeffrey Squyres. 2005. Open MPI: A flexible high performance MPI. 228--239. Google ScholarDigital Library
- Taylor. Hornby. 2014. EncFS Security Audit. Technical Report.Google Scholar
- Taylor. Hornby. 2017. Security Audit of gocryptfs v1.2. Technical Report.Google Scholar
- Sochat V Kurtzer GM and Bauer MW. 2017. Singularity: Scientific containers for mobility of compute. Computer (2017).Google Scholar
- Leslie Lamport. 1998. The Part-time Parliament. ACM Trans. Comput. Syst. 16, 2 (May 1998), 133--169. Google ScholarDigital Library
- mdtest. {n. d.}. mdtest. https://github.com/hpc/iorGoogle Scholar
- NESE. {n. d.}. NESE Overview. http://nese.mghpcc.org/about/Google Scholar
- James. Plank. 2013. Erasure Codes for Storage Systems. Technical Report.Google Scholar
- J. Riley, J. Noss, W. Dillingham, J. Cuff, and I. M. Llorente. 2017. A High-Availability Cloud for Research Computing. Computer 50, 6 (2017), 92--95.Google ScholarDigital Library
- s3fs. {n. d.}. s3fs. https://github.com/s3fs-fuse/s3fs-fuseGoogle Scholar
- Slurm. {n. d.}. Slurm Multi-Category Security. https://slurm.schedmd.com/mcs.htmlGoogle Scholar
- Sage A. Weil, Scott A. Brandt, Ethan L. Miller, Darrell D. E. Long, and Carlos Maltzahn. 2006. Ceph: A Scalable, High-Performance Distributed File System. In OSDI. Google ScholarDigital Library
- Sage A. Weil, Scott A. Brandt, Ethan L. Miller, and Carlos Maltzahn. 2006. CRUSH: Controlled, Scalable, Decentralized Placement of Replicated Data. In Proceedings of the 2006 ACM/IEEE Conference on Supercomputing (SC '06). ACM, New York, NY, USA, Article 122. Google ScholarDigital Library
- Sage A. Weil, Andrew W. Leung, Scott A. Brandt, and Carlos Maltzahn. 2007. RADOS: A Scalable, Reliable Storage Service for Petabyte-scale Storage Clusters. In Proceedings of the 2Nd International Workshop on Petascale Data Storage: Held in Conjunction with Supercomputing '07 (PDSW '07). ACM, New York, NY, USA, 35--44. Google ScholarDigital Library
Index Terms
- Exploring Untrusted Distributed Storage for High Performance Computing
Recommendations
File systems unfit as distributed storage backends: lessons from 10 years of Ceph evolution
SOSP '19: Proceedings of the 27th ACM Symposium on Operating Systems PrinciplesFor a decade, the Ceph distributed file system followed the conventional wisdom of building its storage backend on top of local file systems. This is a preferred choice for most distributed file systems today because it allows them to benefit from the ...
The Case for Custom Storage Backends in Distributed Storage Systems
SOSP 2019 Special Section and Regular PapersFor a decade, the Ceph distributed file system followed the conventional wisdom of building its storage backend on top of local file systems. This is a preferred choice for most distributed file systems today, because it allows them to benefit from the ...
Use case study of HDD-SSD hybrid storage, distributed storage and HDD storage on OpenStack
IDEAS '15: Proceedings of the 19th International Database Engineering & Applications SymposiumFor typical IaaS cloud usage, frequent provisioning of virtual volumes is needed. However, performance of HDD storage is not sufficient and becomes bottleneck in IaaS cloud. In this paper, we studied a comparison of HDD-SSD hybrid storage, distributed ...
Comments