Network Attached Storage Security Research (aka my life and future at CMU)

Work


I am currently involved with the Network Attached Secure Disks(NASD) project which is the CMU project in the field of Network Attached Storage. This project is part of the Paralell Data L aboratory. For more information on the project, take a look at the NASD home page.

Broadly, I work in the areas of Computer Security and Systems at Carnegie Mellon University. I have been here since Fall 1993 and will probably remain here for many many moons to come. My advisors are Doug Tygar who works primarliy in Computer Security and Garth Gibson I am currently buried in the heart of my thesis research. I am responsible for the security aspects of the NASD project. Within a drive enviroment, my goal is to demonstrate that we can provide a variety of security configurations for a commodity NASD device without sacrificing the performance potential inherent in the NASD architecture.

My research focuses on two parts of this problem. First, I am building a basic authorization protocol for NASD file managers to permit clients to perform operations on a drive. The file manager must be able to control the operations that client(s) can perform on NASD drives but must be able to so efficiently (where efficient is minimal messages and small state requirements for all involved). Secondly, I am concerned with hardware support for security on the drive. Since drives are commodity devices, I want to characterize the minimal amounts of of hardware support required for various performance and functional goals.

I have coauthored "Filesystems for Network Attached Secure Disks", "Security for Network Attached Storage Devices", "File Server Scaling with Network Attached Secure Disks", and "A Case for Network-Attached Secure Disks" in my research on Network Attached Storage. Additionally, I have co-authoried "Smartcards in Hostile Environments" which was presented at the 1997 USENIX Electronic Commerice Workshop and is available by request. The NASD related papers can be found online in the PDL publication library.

In general, I am interested in distributed systems and computer security along with real-world applications of such technology. When I graduate, I hope to apply my knowledge to the construction of real-world systems in the form of applied research, cutting edge product development, or interesting applications such as financial systems or electronic commerce.

Howard Gobioff(hgobioff AT cs -DOT- cmu -DOT- edu)