Secure clustered distributed storage against eavesdroppers

Abstract

This paper considers the security issue of practical distributed storage systems(DSSs) which consist of multiple clusters of storage nodes. Noticing that actual storage nodes are distributed in multiple clusters, two novel eavesdropper models - the node-restricted model and the cluster-restricted model - are suggested which reflect the clustered nature of DSSs. In the node-restricted model, an eavesdropper cannot access the individual nodes, but can eavesdrop incoming/outgoing data for $L_c$ compromised clusters during node repair processes. In the cluster-restricted model, an eavesdropper can access a total of $l$ individual nodes but the number of accessible clusters is limited to $L_c \leq l$. We provide an upper bound on the securely storable data for each model, while a specific network coding scheme which achieves the upper bound is obtained for the node-restricted model, given some mild condition on the node storage size.