Design, implementation and evaluation of security in iSCSI-based network storage systems

Shiva Chaitanya, Kevin Butler, Anand Sivasubramaniam, Patrick McDaniel, Murali Vilayannur

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Scopus citations

Abstract

This paper studies the performance and security aspects of the iSCSI protocol in a network storage based system. Ethernet speeds have been improving rapidly and network throughput is no longer considered a bottleneck when compared to Fibre-channel based storage area networks. However, when security of the data traffic is taken into consideration, existing protocols like IPSec prove to be a major hindrance to the overall throughput. In this paper, we evaluate the performance of iSCSI when deployed over standard security protocols and suggest lazy crypto approaches to alleviate the processing needs at the server. The testbed consists of a cluster of Linux machines directly connected to the server through a Gigabit Ethernet network. Micro and application benchmarks like BTIO and dbench were used to analyze the performance and scalability of the different approaches. Our proposed lazy approaches improved through-put by as much as 46% for microbenchmarks and 30% for application benchmarks in comparison to the IPSec based approaches.

Original languageEnglish (US)
Title of host publicationProceedings of the Second ACM International Workshop on Storage Security and Survivability, StorageSS'06. Co-located with the 13th ACM Conference on Computer and Communications Security, CCS'06
Pages17-28
Number of pages12
DOIs
StatePublished - Dec 1 2006
Event2nd ACM International Workshop on Storage Security and Survivability, StorageSS'06. Co-located with the 13th ACM Conference on Computer and Communications Security, CCS'06 - Alexandria, VA, United States
Duration: Oct 30 2006Oct 30 2006

Publication series

NameProceedings of the Second ACM International Workshop on Storage Security and Survivability, Storage SS'06. Co-located with the 13th ACM Conference on Computer and Communications Security, CCS'06

Other

Other2nd ACM International Workshop on Storage Security and Survivability, StorageSS'06. Co-located with the 13th ACM Conference on Computer and Communications Security, CCS'06
CountryUnited States
CityAlexandria, VA
Period10/30/0610/30/06

All Science Journal Classification (ASJC) codes

  • Hardware and Architecture
  • Software
  • Safety, Risk, Reliability and Quality

Fingerprint Dive into the research topics of 'Design, implementation and evaluation of security in iSCSI-based network storage systems'. Together they form a unique fingerprint.

Cite this