CSCF Distributed File System (DFS) Notes

Table of Contents

Data Encryption Options

The layered architecture of the DFS presents a number of options for ensuring the requirement that all data is encrypted at rest. For the following, the lowest data layer in the design is the physical media (eg. DFS hard drives). Encryption at a layer ensures data on all lower layers is encrypted as well.

Encryption at layer Encryption method Advantages Disadvantages Comments
ZFS native encryption ZFS native All data on backing storage is encrypted.
Performance.
Applications do not need to implement encryption for storage.
Best integration with ZFS snapshots.
Consistent with distributed filesystem.
Not yet available for OpenZFS.
Service data unencrypted until ZFS layer.
ZFSonLinux feature request tracking encryption.
May be ready in 2018.
Encrypt each DFS drive independently,
build ZFS on top.
LUKS All data on backing storage is encrypted.
Consistent with distributed filesystem.
No distro/ZFS supported method to implement.
Adds layer between ZFS and media with possible data inconsistency.
ad hoc and prone to breakage?
Supported encryption option for Ceph OSD
Encrypt ZFS filesystems and build DFS on top. eCryptfs All data on backing storage is encrypted.
Applications do not need to implement encryption for storage.
Consistent with distributed filesystem.
ZFS snapshots are encrypted/backend recovery difficult.
Slight performance cost.
Some effort required to encrypt File/Directory names.
Best compromise?
See here.
Distributed file system encryption Internal Best consistency with DFS.
Applications do not need to implement encryption for storage.
gluster: no filename encryption, no performance settings. Encryption at volume level (global).
ZFS snapshots are encrypted/backend recovery difficult.
Ceph?
gluster
Service level encryption: block LUKS Best option for data security: data encrypted in/out of service system.
Can choose encryption options per service.
No distributed option. Only iSCSI multipath.
ZFS snapshots are of entire block device.
 
Service level encryption: overlay encFS Best option for secure, distributed file system.
Can choose encryption options per service.
Independent encryption overly on each service system can lead to file system inconsistency, loss.
EncFS has known security issues.
EncFS security issues being worked on but currently at git level.
May be production-ready in 2017.
Service level encryption: service Internal Best integration with service. No filename encryption (OwnCloud). HA option?
Poor integration with ZFS snapshots.
Service dependent.
Not all services provide encryption.
 
Client-side encryption Internal Most private configuration: user encrypts and holds keys Poor integration with ZFS snapshots
Not possible to recover data if user loses key
Service dependent

-- LoriPaniak - 2016-06-14

Topic revision: r3 - 2016-11-03 - LoriPaniak
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback