Browsing by Author "Rana, Subhabrata"

Now showing 1 - 1 of 1
  • Thumbnail Image
    Item
    CephVault: A secure Key Management System (KMS) for Ceph
    (University of New Brunswick, 2024-03) Rana, Subhabrata; Kent, Kenneth B.
    Organizations are leveraging cluster storage solutions to address expansive storage requirements. Ceph is a reliable and massively scalable cluster solution that supports object, block, and file storage capabilities on commodity hardware without a single point of failure. Despite growing popularity, the absence of native object encryption support in Ceph raises concerns about potential security vulnerabilities and data compromise. CephArmor, a cryptography interface, was previously developed to provide data confidentiality in Ceph while data is at rest. In this work, we propose a secure Key Management System (KMS), CephVault that can support key generation for various encryption schemes and key lengths required by CephArmor. CephVault, which supports twelve phases of a KMS life cycle, is developed as an intrinsic component of Ceph. We demonstrate that the proposed solution provides better features and security than other KMSs, making CephVault a competitive and preferable choice to many existing KMSs available in the Ceph ecosystem.