160 likes | 252 Vues
A comprehensive review of a project that presents a Distributed Consistent Secure USB Hub to simplify maintaining backups using off-the-shelf USB sticks. The system ensures data consistency, updates across locations simultaneously, and optional security measures for data protection. The project includes a summary, system design, prototype, and demonstration.
E N D
Distributed, Consistent and Secure USB Storage Comprehensive Design Review Eddie Lai Matt Dube Sean Busch Zhou Zheng
Backing Up Data • Everyone needs to save their work and data • This data needs to be available in multiple locations • Data needs to be readily available • Today’s most popular storage device is the thumb drive • Backups have problems • Can be physically broken • Need to be carried around • Can wear out after a number of reads/writes • This leads to using multiple backups • Multiple backups create problems • Data changes create inconsistencies between backups • When many backups are created, data becomes vulnerable
Distributed Consistent Secure USB Hub • Our project: Distributed Consistent Secure USB Hub • Makes maintaining backups simple and intuitive • Uses off-the-shelf USB sticks for storage • Looks like a mass storage device to user’s PC • Can be accessed easily without any software installation • Maintains consistency • Storage Devices at different locations get updated simultaneously • Synchronization as easy as a push of a button • Optional security measures • Secret sharing prevents users’ data from being compromised
Outline • Project Summary • System Design • PC Interface • File Consistency Software • Hub Communication • User Interface • Secret Sharing Software • Prototype • Demonstration • Question and Answer
Project Summary • Step 1: User writes file to local USB hub • Step 2: USB hub stores file on local USB sticks • Step 3: User initiates a sync request • Step 4: Consistency software detects file system updates • Step 5: Hub distributes file system updates
Project Design Implementation • Parts implemented by team • Consistency Software • Network Interface • PC interface • User interface • Additional ports and processing provided by embedded PC
PC Interface • Hub connects to PC without any software installation • Not all users will be allowed to install software on their PC • Hub appears as a USB mass storage device • Use USB OTG port • By interfacing with the PC via this port, board appears as USB device • Shows contents of attached USB drives
File Consistency Software • Custom software to recognize when updates are made • Changes recognized using conventional UNIX tools • Timestamps and checksums recorded, then “diff”ed with previous record • What happens if a file is added? • Software recognizes timestamp and checksum change • Distributes file upon synchronization • What happens if only a timestamp is changed? • Software recognizes only a timestamp change • Distributes timestamp change, but does not re-distribute file
Hub Communication • TCP Client/Server Model • Secure using SSL • Upon synchronization, the hubs will distribute updates across the network • When a hub is distributing updates, it will act as a client • The receiving hub will act as the server • Each client will connect to a server, distribute its updates, then disconnect
User Interface • Hub is manually operated by user • Simple user interface consists of two buttons • One button initiates synchronization • One button ejects USB sticks • Buttons are mounted on Hub via embedded PC’s GPIO ports • Two LEDs provide feedback for users • One alerts user when a sync is in progress • The other shows when it is safe to remove USBs from hub
Secret Sharing • User has option to share information secretly with other hubs • If a USB drive is lost or compromised, no useful information about its contents can be recovered • (k,n) Threshold scheme • Requires a subset, k, of a set, n, to recover data • With fewer than k pieces, no information about the data can be recovered
Secret Sharing • Implements what is known as Shamir's[1] method for secret sharing in the Galois Field 28 • Method relies on the creation of a random polynomial • Samples various coordinates along the curve of the polynomial • Interpolates these points in order to reconstruct the secret • Functionality partially provided by libgfshare UNIX library [1] Shamir, Adi (1979), "How to share a secret", Communications of the ACM22 (11): 612–613, doi:10.1145/359168.359176.
Prototype • Our Hub is currently being prototyped on an Advantech development board powered by the Intel Atom • The next prototype will be built on the BeagleBoard-xM • Board offers a slimmer form factor • Lacks unneeded ports that Advantech board has • Solid state memory vs. HDD • Primary motivation for using BeagleBoard is its USB OTG port • Allows the board to be mounted on User’s PC as USB mass storage device • Approx. cost with peripherals: ~$150
Project Summary • Distributed Consistent Secure USB Hub allows user to keep backups on multiple USB sticks consistent • Hub simplifies process for user • Hub appears as USB mass storage device • Doesn’t require software installation on user’s PC • Simple user interface allows hub to be operated with only two buttons • Hub distributes updates to backups securely across network • User has optional secret sharing functionality • Prototype built using BeagleBoard-xM
Demonstration • Non Secret Sharing • Scenario 1: Hub1 adds multiple files • Scenario 2: Hub2 removes file • Secret Sharing • Scenario 1: Hub1 adds multiple files • Scenario 2: Hub1 recreates a secret with all n shares present • Scenario 3: Hub2 recreates a secret with n-1 shares present