Abstract
Object storage systems are emerging as new generation service oriented store technologies of large scale data management and delivery in clouds. Recently, several object storage technologies are emerging, one such technology is OpenStack Swift. Swift is based on container services methodology for data organization and retrieval, managed via open standards like web services REST protocols. Swift has several components for data management and retrieval, but, lacks in providing security features (like the key management and encryption) of the data while the data is at rest and in transit. In this paper, we propose a framework for OpenStack Swift key management based on multi-factor split keys, and propose a methodology for key organisation using the document database Mongo DB. First, we describe the object based storage mechanisms in swift, its limitations, followed by key management framework and its components. In this paper we compare the performance of the proposed symmetric-split-key encryption/decryption methodology with the symmetric key, and the performance of the key retrieval when organized in Relational database MySQL and Document database Mongo DB.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Growth of unstructured data. http://en.wikipedia.org/wiki/Unstructured_data
Traditional vs Object Storage. http://searchcloudstorage.techtarget.com/tip/Advantages-of-using-an-object-storage-system
Pletka R, Cachin C (2007) Cryptographic security for a high-performance distributed file system. In: Proceedings IEEE 24th conference on mass storage systems and technologies (MSST 2007) San Diego, CA, Sep 2007
Openstack cloud software. http://www.openstack.org/
Openstack swift’s documentation. http://docs.openstack.org/developer/swift/
Zhang N, Kant C (2014) Building cost-effective storage clouds—a metrics-based approach. In: IEEE international conference on cloud engineering (IC2E 14), Boston, USA, Mar 2014
Lu Y, Vlassov V, Navarro L (2014) Towards a community cloud storage. In: IEEE 28th international conference on advanced information networking and applications
Openstack Keystone documentation. http://docs.openstack.org/developer/keystone/
Hassinen M, Mussalo P (2005) Client controlled security for web applications. In: Proceedings IEEE 30th conference on local computer networks (LCN’05) Sydney, NSW, Nov 2005
Amazon simple storage service. http://aws.amazon.com/s3/
Windows Azure™ Security Overview. http://www.utdallas.edu/~muratk/courses/cloud11f_files/Windows%20Azure%20Security%20Overview%20v 1.01.pdf
Kaaniche N, Laurent M (2014) A secure client side deduplication scheme in cloud storage environments. In: IEEE 6th international conference on new technologies, mobility and security (NTMS)
Ayache M, Erradi M, Freisleben B (2015) Access control policies enforcement in a cloud environment: openstack. In: IEEE 11th international conference on information assurance and security (IAS)
Moghaddam FF, Karimi O, Alrashdan MT (2013) A comparative study of applying real-time encryption in cloud computing environments. In: Proceedings IEEE 2nd international conference on cloud networking (CloudNet 2013), SanFrancisco, USA, Nov 2013
Python tutorial. https://docs.python.org/2/library/os.html
Urandom. http://stupefydeveloper.blogspot.in/2007/12/random-vs-urandom.html
Implementing Encryption Architecture with Cisco Webex for OpenStack Swift object storage. https://www.mirantis.com/blog/openstack-swift-encryption-architecture/
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Thota, S., Induri, R.P.R. & Kune, R. Split key management framework for Open Stack Swift object storage cloud. CSIT 5, 397–406 (2017). https://doi.org/10.1007/s40012-017-0166-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s40012-017-0166-8