In some cases, we are able to modify a file server's implementation to transparently add security (e.g., adding UID/GID range-mapping and cloaking). We investigate proxy techniques that reside in between clients and servers and monitor file system activity at a high level.
In this project we are also evaluating vulnerabilities in existing NFS systems that may allow an attacker to gain file access without proper authentication.
In addition, we are designing a client-side encryption scheme for NFSv4. This latest version of NFS is intended for use over the Internet, and there are usage scenarios where clients store data on untrusted servers. In our encryption scheme, clients will encrypt data before it is sent to the server. This data will be stored in encrypted form, and will be decrypted by the client when the data is read.
Download software.
Journal Articles:
| # | Title (click for html version) | Formats | Published In | Date | Comments |
| 1 | vNFS: Maximizing NFS Performance with Compounds and Vectorized I/O | PDF BibTeX | ACM Transactions on Storage (TOS) | Sep 2017 |
| # | Title (click for html version) | Formats | Published In | Date | Comments |
| 1 | KURMA: Geo-Distributed Secure Middlewares for Cloud-Backed Network Attached Storage | PDF BibTeX | Stony Brook U. CS TechReport FSL-15-02 | Nov 2015 | Ph.D. Dissertation Proposal |
| 2 | NFS File Handle Security | PS PDF BibTeX | Stony Brook U. CS TechReport FSL-04-03 | May 2004 |
| # | Name (click for home page) | Program | Period | Current Location |
| 1 | Ming Chen | PhD | May 2012 - Apr 2017 | Software Engineer, Datadog, Datadog (New York, New York) |
| 2 | Avishay Traeger | PhD | Sep 2003 - Aug 2008 | Senior Principal Software Engineer, Red Hat (Raanana, Israel) |
| 3 | Geetika Babu Bangera | MS | Jan 2017 - Dec 2017 | Member Technical Staff, Software, NetApp, Inc. (Sunnyvale, CA) |
| 4 | Ana Centeno | MS | Sep 2002 - May 2003 | Rutgers University CS Ph.D. program (Piscataway, NJ) |
| 5 | Garima Gehlot | MS | Mar 2015 - May 2016 | Kernel/Hypervisor Engineer, EC2 Foundational Technologies, Amazon Web Services (Dresden, Germany) |
| 6 | Shivanshu Goswami | MS | Aug 2016 - Dec 2017 | TBA |
| 7 | Puja Gupta | MS | Jan 2003 - Dec 2003 | Software Engineering Manager, Darwin Runtime, Core OS, Apple Inc. (Cupertino, CA) |
| 8 | Farhaan Jalia | MS | Jan 2017 - Dec 2017 | Member of Technical Staff II, Cloud Native Group, VMware Inc. (Bellevue, WA) |
| 9 | Swaroop Karunakara | MS | Sep 2002 - Dec 2003 | Manager, Sustaining Engineering, NetApp (Bangalore, India) |
| 10 | Nitin Khosla | MS | May 2002 - Dec 2002 | Bloomberg (New York, NY) |
| 11 | Praveen Kumar Morampudi | MS | Jan 2016 - Dec 2016 | Software Engineer II Microsoft Azure (Redmond, WA) |
| 12 | Nishant Nagalia | MS | Sep 2002 - May 2004 | Software Engineer, Ashley Laurent (Austin, TX) |
| 13 | Delia Osgood (Paval) | MS | May 2002 - Dec 2002 | Vice President, Business Technology team, Credit Suisse Group, (New York, NY) |
| 14 | Harshkumar Patel | MS | Jan 2016 - Dec 2016 | Member of the Technical Staff 2, VMware Inc. (Bellview, WA) |
| 15 | Dhanashri Patil | MS | Jan 2018 - Dec 2018 | Senior Software Engineer, Dell Technologies (Isilon) (Seattle, WA) |
| 16 | Vishnu Vardhan Rajula | MS | Jan 2016 - Dec 2016 | Member of the Technical Staff 2, VMware Inc. (Palo Alto, CA) |
| 17 | Vineeth Ramesh | MS | Jan 2018 - Dec 2018 | Software Engineer, Dialpad, Dialpad (San Francisco, CA) |
| 18 | Vishal Sahu | MS | Aug 2016 - Dec 2016 | Software Engineer, Facebook (Seattle, WA). |
| 19 | Jasmit Saluja | MS | Jan 2016 - Dec 2016 | Facebook Inc. (Menlo Park, CA) |
| 20 | Rushabh Shah | MS | Jan 2017 - Dec 2017 | Software Engineer, Facebook Inc. (Menlo Park, CA) |
| 21 | Soujanya Shankaranarayana | MS | Sep 2013 - Dec 2014 | Software Engineer, Google LLC (Sunnyvale, CA) |
| 22 | Mukul Sharma | MS | Aug 2016 - Dec 2017 | Member of the Technical Staff, Core Data Path, Nutanix (San Jose, CA) |
| 23 | Bharat Singh | MS | Sep 2014 - Dec 2015 | Member of Technical Staff, SteelFusion group, Riverbed Technology, Inc. (Sunnyvale, CA) |
| 24 | Nilesh Somani | MS | May 2018 - Dec 2019 | Senior Software Engineer, Storage Team, Robin Systems Inc. (San Jose, CA) |
| 25 | Sheshadri Sreenath | MS | Sep 2002 - May 2003 | Engineering Director, Cisco Systems (Bangalore, India) |
| 26 | Ashok Sankar Harihara Subramony | MS | Sep 2015 - Dec 2016 | Software Engineer 2 HyTrust (Mountain View, CA) |
| 27 | Kumar Thangavelu | MS | Jan 2007 - Dec 2007 | Staff Engineer, CASL, Nimble Storage (San Jose, CA) |
| 28 | Rongqing ``Frank'' Tu | MS | May 2002 - Dec 2002 | Software Engineer, Data Center Infrastructure Group (DCIG), Hewlett Packard Enterprise (Eagan, MN) |
| 29 | Arun Olappamanna Vasudevan | MS | Sep 2013 - May 2015 | Member of Technical Staff, Disaster Recovery Group Nutanix (Seattle, WA) |
| 30 | Kelong Wang | MS | Apr 2014 - May 2015 | Site Reliability Engineer, Database Team, Dropbox (San Francisco, CA) |
| 31 | Zhenghong ``Sam'' Yang | MS | May 2002 - Feb 2003 | IBM |
| 32 | Zhou Zhang | MS | Sep 2002 - Dec 2002 | IBM T.J. Watson research center |
| 33 | Henry Nelson | HS | Sep 2015 - Aug 2017 | CS undergraduate at CMU |
| 34 | Abhishek Rai | temp-PhD | Sep 2003 - Aug 2005 | Principal Engineer, ThoughtSpot Inc. (Palo Alto, CA) |
| 35 | Joseph Spadavecchia | temp-PhD | May 2001 - Aug 2002 | Principal Software Engineer, Cloud Security Group, Akamai (Edinburgh, UK) |
| # | Sponsor | Amount | Period | Type | Title (click for award abstract) |
| 1 | Microsoft Corporation | $20,000 | 2016-2017 | Sole-PI | Microsoft Azure Cloud Credits |
| 2 | NSF Secure and Trustworthy Cyberspace (SaTC) | $486,783 | 2012-2015 | Lead-PI | NFS4Sec: An Extensible Security Layer for Network Storage |
| 3 | IBM Faculty Award | $20,000 | 2006-2007 | Sole PI | End-To-End File Server Security |
| 4 | NSF Trusted Computing (TC) | $400,000 | 2003-2006 | Sole PI | A Layered Approach to Securing Network File Systems |
| 5 | SPIR | $94,581 | 2003 | Sole PI | Secure Shared Storage |
| 6 | SPIR | $55,676 | 2002 | Sole PI | A Secure and Scalable Network Appliance |