Formerly, Doctoral Student
Currently: Working at Google. Building bigger, faster systems that change the
way people find information.
computer security, electronic commerce, distributed systems, networking, operating systems, storage systems
I finished my doctoral dissertation on "Security
of Network-Attached Storage" advised by Garth
Gibson and Doug
Tygar in late 1999.
My research was part of the Network-Attached
Secure Disks (NASD) project in the Parallel
Data Lab along with the NSIC/NASD
The focus of my current research is a security system for network attached storage that balances security and performance while taking into consideration the diverse set of applications that run on storage as well as the cost-sensitive nature of storage devices. I've examined a variety of aspects of the problem including access control
policies of different file systems, properties of storage system workloads,
and the internal architecture of a modern hard drive in order to understand
a security system that helps deliver both the throughput and scaling advantages of a network attached storage architecture.
The research problem I address in my dissertation is "How do you provide
security, which becomes necessary once storage is directly attached to
the network, from a commodity
network attached storage device while delivering the underlying performance
of the NASD storage architecture?" The security mechanism I designed and
implemented for the dissertation was
used in prototypes of both AFS and NFS filesystems adapted to the NASD
Using traces both I collected of an AFS server and NFS traces from UC Berkeley,
I refined the basic security mechanism to reduce the frequency with which
clients must consult the server for security reasons which increase the
scalability of the server.
Since drives may not have large amounts of excess
CPU or only limited hardware support for cryptographic operations, I
developed a precomputed digest optimizations that reduce computational cost of
protecting integrity in many cases and allows drives to deliver greater
integrity-protected read bandwidth to clients. Finally, since cryptographic performance
may be expensive in a commodity device, I simulated how different
amounts of cryptographic performance being for integrity impacts the overall
request latency seen by clients.
Currently, I work as a software engineer at Google.com building big, fast, scalable systems
that change the way people find information.
Summer 1996 Designed and built Electronic Commerce System
prototypes at NTT Data's Network Technology Group in Tokyo
Summer 1994 Worked in the functional verification
group of the Workplace OS project at IBM's Boca Raton site
Summer 1993 Built prototype ISDN multi-media delivery
system at Bell Communication Research (now Telecordia Technologies, Inc.)
Summer 1992 Built visualization
applications and tools for research as a member of the Scientific Visualization
Group at Argonne National Lab
1989 - 1993 Attended
University of Maryland, College Park and studied Computer Science and Mathematics
- Howard Gobioff, " Security for a high performance commodity storage
subsystem", PhD Dissertation, To appear as a Carnegie Mellon University School of Computer Science Technical Report, July 1999.
Howard Gobioff, David Nagle, Garth Gibson, "Integrity and Performance
in Network Attached Storage" Proceedings of International
Symposium on High Performance Computing (ISHPC '99),Tokyo, Japan, May 1999
Garth Gibson, David Nagle, Khalil Amiri, Jeff Butler, Fay Chang, Howard
Gobioff, Charles Hardin, Erik Riedel, David Rochberg, Jim Zelenka, "A
Cost-Effective, High-Bandwidth Storage Architecture" Proceedings
of the Conference on Architectural Support for Programming Languages and
Operating Systems (ASPLOS VIII). San Jose, CA. October 1998.
Garth Gibson, David Nagle, Khalil Amiri, Fay Chang, Howard Gobioff, Erik
Riedel, David Rochberg, Jim Zelenka, "Filesystems for Network-Attached
Secure Disks" CMU Computer Science Technical Report, CMU-CS-97-118.
Howard Gobioff, Garth Gibson, Doug Tygar, "Security for Network Attached
CMU SCS technical report CMU-CS-97-185 1997.
Garth Gibson, David Nagle, Khalil Amiri, Fay Chang, Eugene Feinberg, Howard
Gobioff, Chen Lee, Berend Ozceri, Erik Riedel, David Rochberg, Jim Zelenka,
"File Server Scaling With Network-Attached Secure Disks" Proceedings
of the ACM International Conference on Measurement and Modeling of Computer
Systems (SIGMETRICS '97). Seattle, WA. June 1997.
Howard Gobioff, Sean Smith, Doug Tygar, Bennet Yee, "Smart Cards in
Hostile Environments", Proceedings of the Second USENIX Workshop
on Electronic Commerce, 1996.
hgobioff AT cs _DOT_ cmu _DOT_ edu
Home (415) 824-7223