Design, implementation and evaluation of security in iSCSI-based network storage systems

Shiva Chaitanya, Kevin Butler, Anand Sivasubramaniam, Patrick McDaniel, Murali Vilayannur
2006 Proceedings of the second ACM workshop on Storage security and survivability - StorageSS '06  
This paper studies the performance and security aspects of the iSCSI protocol in a network storage based system. Ethernet speeds have been improving rapidly and network throughput is no longer considered a bottleneck when compared to Fibre-channel based storage area networks. However, when security of the data traffic is taken into consideration, existing protocols like IPSec prove to be a major hindrance to the overall throughput. In this paper, we evaluate the performance of iSCSI when
more » ... f iSCSI when deployed over standard security protocols and suggest lazy crypto approaches to alleviate the processing needs at the server. The testbed consists of a cluster of Linux machines directly connected to the server through a Gigabit Ethernet network. Micro and application benchmarks like BTIO and dbench were used to analyze the performance and scalability of the different approaches. Our proposed lazy approaches improved throughput by as much as 46% for microbenchmarks and 30% for application benchmarks in comparison to the IPSec based approaches.
doi:10.1145/1179559.1179564 dblp:conf/storagess/ChaitanyaBSMV06 fatcat:c2rfpdeyojdehkugk5btktus3m