TY - GEN
T1 - A user-level Secure Grid File System
AU - Zhao, Ming
AU - Figueiredo, Renato J.
PY - 2007
Y1 - 2007
N2 - A grid-wide distributed file system provides convenient data access interfaces that facilitate fine-grained cross-domain data sharing and collaboration. However, existing widely-adopted distributed file systems do not meet the security requirements for grid systems. This paper presents a Secure Grid File System (SGFS) which supports GSI-based authentication and access control, end-to-end message privacy, and integrity. It employs user-level virtualization of NFS to provide transparent grid data access leveraging existing, unmodified clients and servers. It supports user and application-tailored security customization per SGFS session, and leverages secure management services to control and configure the sessions. The system conforms to the GSI grid security infrastructure and allows for seamless integration with other grid middleware. A SGFS prototype is evaluated with both file system benchmarks and typical applications, which demonstrates that it can achieve strong security with an acceptable overhead, and substantially outperform native NFS in wide-area environments by using disk caching. (c) 2007 ACM.
AB - A grid-wide distributed file system provides convenient data access interfaces that facilitate fine-grained cross-domain data sharing and collaboration. However, existing widely-adopted distributed file systems do not meet the security requirements for grid systems. This paper presents a Secure Grid File System (SGFS) which supports GSI-based authentication and access control, end-to-end message privacy, and integrity. It employs user-level virtualization of NFS to provide transparent grid data access leveraging existing, unmodified clients and servers. It supports user and application-tailored security customization per SGFS session, and leverages secure management services to control and configure the sessions. The system conforms to the GSI grid security infrastructure and allows for seamless integration with other grid middleware. A SGFS prototype is evaluated with both file system benchmarks and typical applications, which demonstrates that it can achieve strong security with an acceptable overhead, and substantially outperform native NFS in wide-area environments by using disk caching. (c) 2007 ACM.
UR - http://www.scopus.com/inward/record.url?scp=56749156681&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=56749156681&partnerID=8YFLogxK
U2 - 10.1145/1362622.1362683
DO - 10.1145/1362622.1362683
M3 - Conference contribution
AN - SCOPUS:56749156681
SN - 9781595937643
T3 - Proceedings of the 2007 ACM/IEEE Conference on Supercomputing, SC'07
BT - Proceedings of the 2007 ACM/IEEE Conference on Supercomputing, SC'07
T2 - 2007 ACM/IEEE Conference on Supercomputing, SC'07
Y2 - 10 November 2007 through 16 November 2007
ER -