Kappes et al., 2013 - Google Patents
Dike: Virtualization-aware Access Control for Multitenant FilesystemsKappes et al., 2013
View PDF- Document ID
- 8607122619493942532
- Author
- Kappes G
- Hatzieleftheriou A
- Anastasiadis S
- Publication year
- Publication venue
- University of Ioannina, Greece, Technical Report No. DCS2013-1
External Links
Snippet
In a virtualization environment that serves multiple customers (or tenants), storage consolidation at the filesystem level is desirable because it enables data sharing, administration efficiency, and performance optimization. Today the scalable deployment of …
- 238000003860 storage 0 abstract description 24
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30067—File systems; File servers
- G06F17/30129—Details of further file system functionalities
- G06F17/3015—Redundancy elimination performed by the file system
- G06F17/30156—De-duplication implemented within the file system, e.g. based on file segments
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30067—File systems; File servers
- G06F17/30182—File system types
- G06F17/30233—Virtual file systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30067—File systems; File servers
- G06F17/30129—Details of further file system functionalities
- G06F17/3015—Redundancy elimination performed by the file system
- G06F17/30153—Redundancy elimination performed by the file system using compression, e.g. sparse files
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30067—File systems; File servers
- G06F17/30129—Details of further file system functionalities
- G06F17/30144—Details of monitoring file system events, e.g. by the use of hooks, filter drivers, logs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30067—File systems; File servers
- G06F17/301—Details of searching files based on file metadata
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30067—File systems; File servers
- G06F17/30091—File storage and access structures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30067—File systems; File servers
- G06F17/3007—File system administration
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
- G06F17/30575—Replication, distribution or synchronisation of data between databases or within a distributed database; Distributed database system architectures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/455—Emulation; Software simulation, i.e. virtualisation or emulation of application or operating system execution engines
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogramme communication; Intertask communication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from or digital output to record carriers, e.g. RAID, emulated record carriers, networked record carriers
- G06F3/0601—Dedicated interfaces to storage systems
- G06F3/0602—Dedicated interfaces to storage systems specifically adapted to achieve a particular effect
- G06F3/062—Securing storage systems
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Kappes et al. | Dike: Virtualization-aware Access Control for Multitenant Filesystems | |
| Kappes et al. | Virtualization-aware access control for multitenant filesystems | |
| US12164663B2 (en) | Systems and methods for facilitating access to private files using a cloud storage system | |
| US12321320B2 (en) | Universal file virtualization with disaggregated control plane, security plane and decentralized data plane | |
| US10951604B1 (en) | Secure service deployment and access layer spanning multi-cluster environments | |
| US10044723B1 (en) | Principal/user operation in the context of a tenant infrastructure | |
| US10057246B1 (en) | Method and system for performing backup operations using access tokens via command line interface (CLI) | |
| US9992186B1 (en) | SAML representation for multi-tenancy environments | |
| Brenner et al. | Securekeeper: Confidential zookeeper using intel sgx | |
| US9053339B2 (en) | System and method for secure storage of virtual machines | |
| US10009337B1 (en) | Child tenant revocation in a multiple tenant environment | |
| US9774586B1 (en) | Dynamic authorization of users in a multi-tenant environment using tenant authorization profiles | |
| US20190238323A1 (en) | Key managers for distributed computing systems using key sharing techniques | |
| Kappes et al. | Multitenant access control for cloud-aware distributed filesystems | |
| Yadav et al. | DPC 2-CD: a secure architecture and methods for distributed processing and concurrency control in cloud databases | |
| Shu et al. | Shield: A stackable secure storage system for file sharing in public storage | |
| Shen et al. | Securing data services: a security architecture design for private storage cloud based on HDFS | |
| Wei et al. | iBigTable: practical data integrity for bigtable in public cloud | |
| Malhotra et al. | Cloud Database Management System security challenges and solutions: an analysis | |
| Wu et al. | Associative big data sharing in community clouds: The meepo approach | |
| Kapadia Gayatri et al. | D.: Comparative study of role based access control in cloud databases and NoSQL databases | |
| Bhore | A Survey on Storage Virtualization and its Levels along with the Benefits and Limitations | |
| Kadu et al. | A Hybrid Cloud Approach for Secure Authorized Deduplication | |
| Kappes | Scalable Access Control for Secure Multi-Tenant Filesystems | |
| KARAVASILEV et al. | Overcoming the security issues of NoSQL databases |