![Page 1: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/1.jpg)
Ramya Prabhakar, Seung Woo Son, Christina Patrick, Sri Hari Krishna Narayanan, Mahmut Kandemir
Pennsylvania State University
4th International IEEE Security in Storage Workshop ‘0727th September, 2007
Securing Disk-Resident Data through Application Level
Encryption
Ramya Prabhakar
![Page 2: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/2.jpg)
Outline
![Page 3: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/3.jpg)
Motivation
![Page 4: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/4.jpg)
Data Reuse in Applications
Eg. Matrix – Matrix Multiplication A X B = CMatrix B is read every time an element of C is computed
=X
![Page 5: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/5.jpg)
Reuse Potential
•Reuse potential is a measure of amount of data read/written repeatedly by the application
• Different applications have different reuse potentials
![Page 6: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/6.jpg)
The Two Extremes…Always Encrypt/Decrypt
Never Encrypt/Decrypt
•Minimum Vulnerability Factor•Maximum security•Maximum I/O Time•Significant Performance overhead
•Minimum I/O Time•Significant Performance improvement•Maximum exposure•Maximum Vulnerability Factor
![Page 7: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/7.jpg)
Reuse oriented approach
write_encrypt (…, offset)
write_encrypt (…, offset)
read_decrypt (…, offset)
read_decrypt (…, offset)
read_decrypt (…, offset)
write_encrypt (…, offset)
read_decrypt (…, offset)
read_decrypt (…, offset)R
euse
dis
tan
ce(δ
)
δ
thre
shold
δ
thre
shold
plain_write(…, offset)
plain_read(…, offset)
![Page 8: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/8.jpg)
Distribution of Reuse
![Page 9: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/9.jpg)
Metrics of Interest• I/O Time (IOT) • I/O latency when encryption/ decryption is
included. • Normalized to base version
• Vulnerability Factor (VF) • percentage of data stored in plain text during
execution• Two variants:• Average Vulnerability Factor (AVF)• Maximum Vulnerability Factor (MVF)Ideal case reduce both IOT and VF
![Page 10: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/10.jpg)
Metrics Vs Reuse Distance
NED DES scheme reduces IOT over AED DES by 74%NED DES scheme reduces IOT over AED
DES by 26%
![Page 11: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/11.jpg)
But…Reuse oriented approach is idealistic
Analysis is perfect; derives maximum benefit
Requires knowledge of future references
Not possible to implement
![Page 12: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/12.jpg)
Profile Guided ApproachProfiling
Collect statistical informationObtain dynamic behavior of each static
call
An implementable method to approximate reuse-oriented approach
Static I/O call results in many dynamic instances of the same call
![Page 13: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/13.jpg)
Profile Guided Approach
![Page 14: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/14.jpg)
Profile Guided Approach Profiler inserts hints to every static callThree types of static calls:
Group IAlways interpreted as read_decrypt / write_encrypt
Group IIAlways interpreted as plain_read / plain_write
Group IIIDecision varies dynamically. Non-deterministic
![Page 15: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/15.jpg)
Profile Guided Approach Distribution of static I/O calls among groups
![Page 16: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/16.jpg)
I/O Call Splitting
![Page 17: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/17.jpg)
I/O Call Splitting
![Page 18: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/18.jpg)
I/O Call SplittingGroup III references optimized in two ways
Performance oriented approach (PO)Profiles with higher δ thresholdPerformance is favored in the tradeoff
Security oriented approach (SO)Profiles with higher δ thresholdPerformance is favored in the tradeoff
![Page 19: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/19.jpg)
ResultsVariation of IOT(DES) with different
approaches
![Page 20: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/20.jpg)
ResultsVariation of IOT(AES) with different
approaches
![Page 21: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/21.jpg)
ResultsVariation of AVF with different approaches
![Page 22: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/22.jpg)
ResultsVariation of MVF with different approaches
![Page 23: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/23.jpg)
Guidelines for suitable δthreshold
Performance ratio for δk is IOT for lowest δ divided by IOT for δk
Security ratio for δk is portion of secure data at δk divided by portion of secure data for highest δ
Combined metric is Performance ratio divided by security ratioAt δk represents unit gain in performance for unit loss in
securityCM is less than, equal to or greater than 1
![Page 24: Securing Disk-Resident Data through Application Level Encryption](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813597550346895d9d0a34/html5/thumbnails/24.jpg)
ConclusionQuantitative analysis of performance and
confidentiality tradeoff
Disk resident data remains secured
Encryption/decryption overheads significantly reduced
46.5% with 3-DES
30.63% with AES