S. Chaitanya, Kevin R. B. Butler, A. Sivasubramaniam, P. Mcdaniel, M. Vilayannur
{"title":"Design, implementation and evaluation of security in iSCSI-based network storage systems","authors":"S. Chaitanya, Kevin R. B. Butler, A. Sivasubramaniam, P. Mcdaniel, M. Vilayannur","doi":"10.1145/1179559.1179564","DOIUrl":null,"url":null,"abstract":"This paper studies the performance and security aspects of the iSCSI protocol in a network storage based system. Ethernet speeds have been improving rapidly and network throughput is no longer considered a bottleneck when compared to Fibre-channel based storage area networks. However, when security of the data traffic is taken into consideration, existing protocols like IPSec prove to be a major hindrance to the overall throughput. In this paper, we evaluate the performance of iSCSI when deployed over standard security protocols and suggest lazy crypto approaches to alleviate the processing needs at the server. The testbed consists of a cluster of Linux machines directly connected to the server through a Gigabit Ethernet network. Micro and application benchmarks like BTIO and dbench were used to analyze the performance and scalability of the different approaches. Our proposed lazy approaches improved through-put by as much as 46% for microbenchmarks and 30% for application benchmarks in comparison to the IPSec based approaches.","PeriodicalId":413919,"journal":{"name":"ACM International Workshop on Storage Security And Survivability","volume":"58 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM International Workshop on Storage Security And Survivability","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1179559.1179564","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 8
Abstract
This paper studies the performance and security aspects of the iSCSI protocol in a network storage based system. Ethernet speeds have been improving rapidly and network throughput is no longer considered a bottleneck when compared to Fibre-channel based storage area networks. However, when security of the data traffic is taken into consideration, existing protocols like IPSec prove to be a major hindrance to the overall throughput. In this paper, we evaluate the performance of iSCSI when deployed over standard security protocols and suggest lazy crypto approaches to alleviate the processing needs at the server. The testbed consists of a cluster of Linux machines directly connected to the server through a Gigabit Ethernet network. Micro and application benchmarks like BTIO and dbench were used to analyze the performance and scalability of the different approaches. Our proposed lazy approaches improved through-put by as much as 46% for microbenchmarks and 30% for application benchmarks in comparison to the IPSec based approaches.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
