Hackable BFT-enabled encrypted multi-cloud solution for distributed storage.
Java
Permalink
Failed to load latest commit information.
.settings
docs
src
.classpath
.gitignore
.project
.travis.yml
AUTHORS
LICENSE
pom.xml
readme.md

readme.md

Note: we're currently focusing our development effort on a new generation of the software which can also be found on gitlab

The new version is currently a WIP, we do have an updated secret-sharing library as well as a working prototype of the bft-and-secret-sharing distribution component. Missing is an "usable" end-user interface as well as actually storing data.

Archistar Build Status

"hackable secure multi-cloud solution (or at least a prototype)"

Archistar is a multi-cloud prototype written during the tada Archistar project. The goal is to distribute user data to different (private) clouds in a way that allows no single cloud provider to read or alter an user's data.

Some background

  • secure cloud-based storage
  • uses archistar-bft BFT library for achieving total ordering
  • uses netty.io as network transport
  • uses archistar-smc for secret sharing, currently test-cases utilize Sharmir's Secret Sharing
  • Multiple backend storage options (memory-only, file-backed, S3-backed)
  • TLS authentication and encryption between communication partners -- key validation is not implemented yet
  • client-side S3 interface

Design Goals

  • well-written code
  • hackability: other projects should be able to use archistar as starting point
  • k.i.s.s.

Running archistar

This example uses the ftp demostrator which consists of four locally started storage servers. Each of the storage servers uses a local filesystem backend for data storage (which can be found under /var/spool/archistar/test-s3/1..4).

First start the fake-S3 server frontend:

$ mvn exec:java -Dexec.mainClass="at.ac.ait.archistar.frontend.ArchistarS3"
[INFO] Scanning for projects...
[INFO] Searching repository for plugin with prefix: 'exec'.
[INFO] ------------------------------------------------------------------------
[INFO] Building archistar
[INFO]    task-segment: [exec:java]
[INFO] ------------------------------------------------------------------------
[INFO] Preparing exec:java
[INFO] No goals needed for project - skipping
[INFO] [exec:java {execution: default-cli}]
[at.ac.ait.archistar.frontend.ArchistarS3.main()] INFO at.ac.ait.archistar.frontend.ArchistarS3 - Starting archistar storage engine
[Thread-7] INFO at.ac.ait.archistar.bft.BftEngine - successful transactions: 0.0
[Thread-7] INFO at.ac.ait.archistar.bft.BftEngine - server: 0 transaction length: 0ms

To use the s3cmd program to access the server you'll need to adopt your /etc/hosts configuration file. The s3cmd uses hard-coded amazon server urls so we redirect these to our local server by adding the following lines to /etc/hosts (an example configuration file can be found at docs/examples/hosts):

127.0.0.1 s3.amazonaws.com
127.0.0.1 s3.localhost

s3cmd needs a configuration file, an example file can be found at docs/examples/s3cfg.

Now you can use s3cmd to access the server (note that currently fake_bucket is hard coded, also I already had two files in my bucket):

$ s3cmd -c docs/examples/s3cfg ls s3://fake_bucket
2006-02-03 16:41       140   s3://fake_bucket/iptables-rule.txt
2006-02-03 16:41      1151   s3://fake_bucket/link-list.txt

$ echo "testdata" > testfile
$ md5sum testfile
73d643ec3f4beb9020eef0beed440ad0  testfile

$ s3cmd -c docs/examples/s3cfg put testfile s3://fake_bucket/testfile
testfile -> s3://fake_bucket/testfile  [1 of 1]
 9 of 9   100% in    0s    48.76 B/s  done

$ s3cmd -c docs/examples/s3cfg ls s3://fake_bucket
2006-02-03 16:41       140   s3://fake_bucket/iptables-rule.txt
2006-02-03 16:41      1151   s3://fake_bucket/link-list.txt
2006-02-03 16:41         9   s3://fake_bucket/testfile

$ s3cmd -c docs/examples/s3cfg get s3://fake_bucket/testfile testfile.2
s3://fake_bucket/testfile -> testfile.2  [1 of 1]
 9 of 9   100% in    0s   416.49 B/s  done

$ md5sum testfile.2 
73d643ec3f4beb9020eef0beed440ad0  testfile.2

Developing archistar

  1. read the documentation
  2. fork it
  3. work on your new feature
  4. run the testcases with mvn test
  5. send me a pull request

Contributors

License

This project is licensed under the GPLv2. If you want to use Archistar under a different license please contact Thomas Loruenser thomas.loruenser@ait.ac.at.

Citing Archistar

If you find Archistar useful for your work or if you use Archistar in a project, paper, website, etc., please cite the software as

T. Lorünser, A. Happe, D. Slamanig (2014). “ARCHISTAR – A framework for secure distributed storage”. GNU General Public License. http://ARCHISTAR.at