I am delighted to announce that our recent paper, entitled "Efficient Security Interface for  High-performance Ceph Storage Systems," is published in the 2025 Future Generation Computer Systems Journal. This article could not be published without the great effort of professor Fatemeh Khoda Parast, Kenneth B. Kent and our industrial partner Brett Kelly from 45 Drives. Congratulations to the entire team.

--Abstract

Ceph portrays a resilient clustered storage solution with supporting object, block, and file storage capabilities with no single point of failure. Despite these qualifications, data confidentiality defines a concern in the system, as authentication and access control are the only data protection security services in Ceph. CephArmor was proposed as a third-party security interface to protect data confidentiality by adding an extra protection layer to data at rest. Despite the added layer, the initial design of the API needed to be more efficient in addressing security and performance simultaneously. In this study, we propose a new architectural design to address the associated issues with the preliminary prototype. Comprehensive performance and security analysis verify the improvement of the proposed method compared to the initial approach. The benchmark result has indicated a 37% improvement on average in IOPS, elapsed time, and bandwidth for the write benchmark compared to the initial model.

Links:

• ELSEVIER Library

Date: March, 2025