基于选择的存储区域网消息加密策略

Cryptographic algorithm of message in storage area network based on selective

下载PDF

导出

摘要存储区域网系统中存在大量的消息通信,使用传统对全部消息加密的策略会带来较大的开销,严重影响系统性能。提出了基于选择的消息加密策略,在分析存储区域网中消息构成的基础上,提出了消息分类算法和选择性加密算法,使用不同加密算法加密消息中的不同部分,降低安全系统的开销;提出了可变周期的密钥更新策略,动态优化安全系统的性能。并在开源存储区域网系统Lustre上实现了原型系统,测试了系统的读写性能,通过与对所有消息加密原型系统的比较,验证了基于选择的消息加密策略具有明显的效率优势,给存储区域网系统带来的性能下降在10%~20%之间,与对所有消息加密所带来的20%~30%的性能下降相比,基于选择的消息加密策略在保证消息安全性的同时,具有明显的效率优势。 There is a large amount of communication messages in storage area network. Using traditional cryptographic strategy to encrypt all the messages will seriously affect the performance of the system. A selective cryptographic strategy of messages in storage area network is proposed. On the basis of analyzing the message＇s structure in storage area network, the classifying algorithm of message and the selective cryptographic algorithm are introduced, and they are used to encrypt different parts of message with different algorithm in order to reduce the consume of the security system. The variable strategy of key＇s life cycle is also proposed to optimize the performance of the security system dynamically. By modifying source code of storage area network system named Luster to implement the prototype system, and evaluating its I/O performance, the result proves that the selective cryptographic strategy of message works efficiently, and its performance loss maintains between 10%-20%, while the performance loss of the traditional encryption strategy for all the messages is between 20%-30%. So the selective cryptographic algorithm of messages is more efficient and can ensure message security of communication in storage area network.

作者仲巍鞠时光蔡涛

机构地区江苏大学计算机科学与通信工程学院

出处《计算机工程与设计》 CSCD 北大核心 2008年第11期2721-2723,共3页 Computer Engineering and Design

基金国家自然科学基金项目(60573046) 江苏省自然科学基金项目(BK2007086)

关键词存储安全加密算法存储区域网密钥选择的 storage security encryptionalgorithrns storage area network key selective

分类号 TP309.7 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献8

1Erik Riedel,Mahesh Kallahalla,Ram Swaminathan.A framework for evaluating storage system security[C].Proceedmgs of the lst Conference on File and Storage Technologies,Monterey,CA:USENIX Press.2002:15-30.
2Paul Stanton.Securing data in storage:A review of current research[Z].eprint arXiv:cs.Os/0409034,2004:32-46.
3LI Xiangguo,YANG Jianhua,WU Zhaohui.An NFSv4-based security scheme for NAS[C].Nanjing,China:International Workshops AEPP,ASTD,BIOS,GCIC,IADS,MASN,SGCA,and WISA.2005:2-11.
4Vishal Kher,Yongdae Kim.Securing distributed storage:Challenges,techniques,and systems[C].VA,USA:Proceedings of the ACM Workshop on Storage Security and Survivability,2005:9-25.
5Fu K,Kaashoek M,Mazieres D.Fast and secure distributed read-only file system[J].ACM Trans on Computer Systems,2002,20(1):1-24.
6Gobioff H,Nagle D,Gibson G.Embedded security for networkattached storage[R].Technical Report Carnegie-mellon Univercity,1999.
7Gobioff H.Security for high performance commodity subsystem[R].PhD Thesis,Carnegie-mellon Univercity,1999.
8Reed B C,Chron E,Burns R,et al.Authenticating network attached storage[J].IEEE Micro,2000,20(1):49-57.

1陈阵.虚拟化和开源存储构建中小企业数据中心[J].茂名学院学报,2010,20(3):50-53.
2黄家贞.QQ聊天记录,随时随地在我掌控[J].电脑爱好者,2008,0(1):45-45.
3何山.WSE加密在Web服务中的应用[J].中国科技信息,2007(11):134-134.
4王迤冉,朱维军.基于SOAP的Web安全性研究[J].周口师范学院学报,2008,25(5):105-108.
5陈满.基于FPGA的高速可变周期脉冲发生器的设计与实现[J].国外电子元器件,2007(3):35-38. 被引量：9
6杜庆峰.基于电话银行系统集成消息加密解决方案研究[J].电脑开发与应用,2005,18(3):31-33.
7QQ聊天防止信息丢失的几种实用小技巧[J].计算机与网络,2011,37(2):25-25.
8蔡涛,鞠时光,仲巍,牛德姣.面向存储安全系统的新型人工免疫算法[J].计算机科学,2008,35(8):60-64. 被引量：1
9陈金权.802．11系列无线局域网安全策略[J].现代通信,2004(11):10-11. 被引量：2
10杨景源,李向阳.可变周期的无线传感器时间同步算法[J].计算机工程与设计,2007,28(18):4407-4409. 被引量：1

计算机工程与设计

2008年第11期

浏览历史

内容加载中请稍等...

基于选择的存储区域网消息加密策略

参考文献8

相关作者

相关机构

相关主题

浏览历史