A Cooperative Internet Backup Scheme [1] Leonid Bilevich Advanced Topics in Storage Systems [1]M....
Transcript of A Cooperative Internet Backup Scheme [1] Leonid Bilevich Advanced Topics in Storage Systems [1]M....
A Cooperative InternetBackup Scheme [1]
Leonid Bilevich
Advanced Topics in Storage Systems
[1] M. Lillibridge, S. Elnikety, A. Birrell, M. Burrows, and M. Isard, A cooperative Internet backup scheme, Proc. USENIX Annual Technical Conference, San Antonio, TX, June 2003.
Outline
• Problem• Main findings• Technical description of the results• Possible extension• Conclusion
Problem AddressedNeed: BackupConstraint: Small budget
Solution:Peer-to-peer network
Main Findings
The suggested system is:– Cheap– Reliable– Secure
Main Features of the System
• Pros:– Cheapness (the hardware is available)– Diversification (different sites and different operation systems)
• Cons: – Unreliability of one computer– Non-cooperative environment
----------------------------------------------------• Solution:
– Redundancy Reliability– Security mechanisms
The simplified scheme(cooperation)
• Each computer runs a backup program• Partner computers agree on amount of storage and uptime
Main Steps• Backing up data• Restoring data
Reed-SolomonErasure-Correcting Codes
Backing up data
Restoring data
Reliability and OverheadExample• Reliability of computer=• Reliability of the system:
Security
• Confidentiality• Integrity• Free-rider attacks
Confidentiality• Encrypt the data before sending
Integrity• Authenticate the partner with secret key• Use a keyed cryptographic hash as checksum
Free-rider attacksAgreement violations• Problem: Using backup service without contributing backing service• Solution: “challenge” – testing if the data is stored
Exploiting the grace period• Problem: The grace period when the computer can be down is exploited• Solution: Read prohibition (using low-utility blocks)
Bandwidth theft• Problem: Computers are used to broadcast information• Solution: Quota on number of reads and writes per day
Performance
• The network + remote disk step consumes the largest portion of backup time.
Cost
• For existing Internet backup system: minimal cost$/GB/month• For the new system: minimal cost US cents/GB/month-------------------------------------------------------------------------------------------------------• Saving: times
Limitations
• Limited grace period• Restoration is impossible during the grace period• Long restoration time• Vulnerability to catastrophic viruses-------------------------------------------------------------------------• Solution: hybrid system with central server
Other systems
Old systems• Eternity Service• Archival Intermemory• Free Net• Free Haven
New systems• PAST• OceanStore• Pastiche
Possible extension
Present work – occasional testing• We merely verify that computers don’t drop data.
Another work – rigorous testing• The disk scrubbing technique [2] verifies the integrity of data.--------------------------------------------------------------------------------------------------------------Combined approach• We can incorporate the opportunistic disk scrubbing into the present work,
verifying the validity of data and improving the reliability of the backup system.
Conclusion
Cooperative Internet backup system• Cheapness• Reliability• Security• Possible extension
References• M. Lillibridge, S. Elnikety, A. Birrell, M. Burrows, and M. Isard, A cooperative
Internet backup scheme, Proc. USENIX Annual Technical Conference, San Antonio, TX, June 2003.
• J. S. Plank, A tutorial on Reed-Solomon coding for fault-tolerance in RAID-like systems, Software: Practice and Experience, 27(9):995–1012, Sep. 1997. Correction in: J. S. Plank and Y. Ding, Technical Report UT-CS-03-504, Univ. Tennessee, 2003.
• T. J. E. Schwarz, Q. Xin, E. L. Miller, D. D. E. Long, A. Hospodor, and S. Ng, Disk scrubbing in large archival storage systems, Proc. MASCOTS, Volendam, Netherlands, October 2004.