NV-eCryptfs : accelerating enterprise-level cryptographic file system with non-volatile memory
The development of cloud computing and big data results in a large amount of data transmitting and storing. In order to protect sensitive data from leakage and unauthorized access, many cryptographic file systems are proposed to transparently encrypt file contents before storing them on storage devi...
Saved in:
| Main Authors: | , , , , , , |
|---|---|
| Other Authors: | |
| Format: | Article |
| Language: | English |
| Published: |
2020
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/144763 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-144763 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1447632020-11-24T01:00:25Z NV-eCryptfs : accelerating enterprise-level cryptographic file system with non-volatile memory Xiao, Chunhua Zhang, Lei Liu, Weichen Cheng, Linfeng Li, Pengda Pan, Yanyue Bergmann, Neil School of Computer Science and Engineering Engineering::Computer science and engineering Non-volatile Memory eCryptfs The development of cloud computing and big data results in a large amount of data transmitting and storing. In order to protect sensitive data from leakage and unauthorized access, many cryptographic file systems are proposed to transparently encrypt file contents before storing them on storage devices, such as eCryptfs. However, the time-consuming encryption operations cause serious performance degradation. We found that compared with non-crypto file system EXT4, the performance slowdown could be up to 58.53 and 86.89 percent respectively for read and write with eCryptfs. Although prior work has proposed techniques to improve the efficiency of cryptographic file system through computation acceleration, no solution focused on the inefficiency working flow, which is demonstrated to be a major factor affecting system performance. To address this open problem, we present NV-eCryptfs, an asynchronous software stack for eCryptfs, which utilizes NVM as a fast storage tier on top of slower block devices to fully parallelize encryption and data I/O. We design an efficient NVM management scheme to support the fast parallel cryptographic operations. Besides providing an address space that can be directly accessed by the hardware accelerators, our designed mechanism is able to record the memory allocation states, and supplies a backup plan to deal with the situation of NVM shortage. The additional index structure is built to accelerate lookup operations to determine if a given data block resides in NVM. Moreover, we integrate an adaptive scheduling in NV-eCryptfs to process I/O requests dynamically according to access pattern and request size, which is able to take full utilization of both software and hardware acceleration to boost crypto performance. Our evaluation shows the proposed NV-eCryptfs outperforms the original eCryptfs with software routine 23.41× and 5.82× respectively for read and write. This work is supported by National Natural Science Foundation of China: No.61502061, Chongqing application foundation and research in cutting-edge technologies: No. cstc2015jcyjA40016, the fundamental research funds for the central universities: 106112017CDJXY180004, and also the financial support from the program of China Scholarships Council No.201706055029. 2020-11-24T01:00:25Z 2020-11-24T01:00:25Z 2018 Journal Article Xiao, C., Zhang, L., Liu, W., Cheng, L., Li, P., Pan, Y., & Bergmann, N. (2019). NV-eCryptfs: accelerating enterprise-level cryptographic file system with non-volatile memory. IEEE Transactions on Computers, 68(9), 1338-1352. doi:10.1109/TC.2018.2889691 0018-9340 https://hdl.handle.net/10356/144763 10.1109/TC.2018.2889691 9 68 1338 1352 en IEEE Transactions on Computers © 2018 IEEE. All rights reserved. |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
Engineering::Computer science and engineering Non-volatile Memory eCryptfs |
| spellingShingle |
Engineering::Computer science and engineering Non-volatile Memory eCryptfs Xiao, Chunhua Zhang, Lei Liu, Weichen Cheng, Linfeng Li, Pengda Pan, Yanyue Bergmann, Neil NV-eCryptfs : accelerating enterprise-level cryptographic file system with non-volatile memory |
| description |
The development of cloud computing and big data results in a large amount of data transmitting and storing. In order to protect sensitive data from leakage and unauthorized access, many cryptographic file systems are proposed to transparently encrypt file contents before storing them on storage devices, such as eCryptfs. However, the time-consuming encryption operations cause serious performance degradation. We found that compared with non-crypto file system EXT4, the performance slowdown could be up to 58.53 and 86.89 percent respectively for read and write with eCryptfs. Although prior work has proposed techniques to improve the efficiency of cryptographic file system through computation acceleration, no solution focused on the inefficiency working flow, which is demonstrated to be a major factor affecting system performance. To address this open problem, we present NV-eCryptfs, an asynchronous software stack for eCryptfs, which utilizes NVM as a fast storage tier on top of slower block devices to fully parallelize encryption and data I/O. We design an efficient NVM management scheme to support the fast parallel cryptographic operations. Besides providing an address space that can be directly accessed by the hardware accelerators, our designed mechanism is able to record the memory allocation states, and supplies a backup plan to deal with the situation of NVM shortage. The additional index structure is built to accelerate lookup operations to determine if a given data block resides in NVM. Moreover, we integrate an adaptive scheduling in NV-eCryptfs to process I/O requests dynamically according to access pattern and request size, which is able to take full utilization of both software and hardware acceleration to boost crypto performance. Our evaluation shows the proposed NV-eCryptfs outperforms the original eCryptfs with software routine 23.41× and 5.82× respectively for read and write. |
| author2 |
School of Computer Science and Engineering |
| author_facet |
School of Computer Science and Engineering Xiao, Chunhua Zhang, Lei Liu, Weichen Cheng, Linfeng Li, Pengda Pan, Yanyue Bergmann, Neil |
| format |
Article |
| author |
Xiao, Chunhua Zhang, Lei Liu, Weichen Cheng, Linfeng Li, Pengda Pan, Yanyue Bergmann, Neil |
| author_sort |
Xiao, Chunhua |
| title |
NV-eCryptfs : accelerating enterprise-level cryptographic file system with non-volatile memory |
| title_short |
NV-eCryptfs : accelerating enterprise-level cryptographic file system with non-volatile memory |
| title_full |
NV-eCryptfs : accelerating enterprise-level cryptographic file system with non-volatile memory |
| title_fullStr |
NV-eCryptfs : accelerating enterprise-level cryptographic file system with non-volatile memory |
| title_full_unstemmed |
NV-eCryptfs : accelerating enterprise-level cryptographic file system with non-volatile memory |
| title_sort |
nv-ecryptfs : accelerating enterprise-level cryptographic file system with non-volatile memory |
| publishDate |
2020 |
| url |
https://hdl.handle.net/10356/144763 |
| _version_ |
1688665519420342272 |