Escolar Documentos
Profissional Documentos
Cultura Documentos
Shih-Yu Lu
Cloud System Software Institute
Institute for Information Industry
Taipei City, Taiwan (R.O.C)
shiyosylu@iii.org.tw
I.
INTRODUCTION
CHECK FILES
A. Check Files
After the data are encrypted, the system cannot compare
the original file with the encrypted file for determining the
modified parts of the file. Therefore, the system must have
the file information from the last backup for determining
1467
what parts of the file have been changed since then. In this
proposed method, the system will collect file information
before the backup; this file information includes the full path
of the file, last modified time, file size, checksum, delete
stamp, and encryption key. Hence, the system can compare
the two checksum lists to determine which part of the file
has been modified since the last backup.
Let T be the file size threshold, F be a collection of
backup data, C(Fi) be the checksum of Fi where Fi F, S(Fi)
be the file size, and N be the file number in F. Assume that
there are N files, and each is of a different size. If S(F1) T,
the checksum of F1 will be C(F1). If S3 > T, F3 will split into
(S3 mod T) +1 blocks. Assume that there are I blocks in F3;
this implies that F3 will have I + 1 checksums: C(F31)
C(F32). C(F3I-1), C(F3I), and C(F3). The details of the
sequence are as follows:
1) Check whether there are backup data in the target
storage server.
a) If there are no any backup data in the storage server,
the system will perform full backup.
b) If there are backup data in the storage server, we
will require the checksum file from the storage server.
2) Start making the checksum file. The first system
records the full path, last modified time, and file size of the
backup data first. Then, it starts comparing the two
checksum lists.
1468
last modified time and the file size are the indicators in the
first check file step. In order to avoid the collision problem
[15], the last modified time should have millisecond
accuracy, and the unit of data size should be bytes. Assume
that there are two different files; they have the same last
modified time, file size, and path, but they are saved on
different storage servers; the system will not transmit these
files, and this will be a big problem.
III.
ENCRYPTION
LMT
20120812131425.111
20120903012256.234
20120831173073.729
20120831173073.729
20120831173073.729
FS
290390
153787
562000
300000
262000
CKS
C(F1)
C(F2)
C(F3)
C(F31)
C(F32)
D
0
1
0
0
0
Key
34sdrt6y
rewg645
7yjf8qil
3098ller
u63jduk
Figure 2. Encryption
C. Notice
The following need to be noted: First, the reason for the
non-generation of the checksum when the system writes the
last modified time and the file size into the checksum file is
performance. Checksum needs more computing power and
cost more time. In particular, when there are many files in a
modern computer, if the system generates the checksum for
every bit of backup data, the backup process will take more
time to complete. For saving the backup time of the check
file, I designed two file check steps in this study. Second, the
1469
V.
Figure 3. Decryption
IV.
1470
VI.
CONCLUSION
.
REFERENCES
[1]
[2]
[3]
[4]
[5]
1471
S. Chaitanya, B. Urgaonkar, A. Sivasubramaniam, MultilevelCrypto Disk: Secondary Storage with Flexible Performance
Versus Security Trade-offs, 2010 IEEE International Symposium on
Modeling, Analysis & Simulation of Computer and
Telecommunication Systems, pp. 434-436, 2010.
M. Liang, C. Chang, Research and design of full disk encryption
based on virtual machine, 3rd IEEE International Conference on
Computer Science and Information Technology, pp. 642-646, 2010.
R. Prabhakar, Seung Woo Son, C. Patrick, S. Narayanan, M.
Kandemir, Securing Disk-Resident Data through Application Level
Encryption, Fourth International Workshop on Security in Storage,
pp. 46-57, 2007.
C. Gebhardt, A. Tomlinson, Secure Virtual Disk Images for Grid
Computing, Third Asia-Pacific Conference on Trusted
Infrastructure Technologies, pp. 19-29, 2008.
J. He, M. Xu, Research on Storage Security Based on Trusted
Computing Platform, International Symposium on Electronic
Commerce and Security, pp. 448-452, 2008.
[6]
[7]
[8]
[9]
[10]
[11]
[12]
[13]
[14]
[15]
[16]
1472