sign in sign up
<<
Home , Fano plane, Projective plane

DRESS Code For The Storage Cloud Distributed Replication-based Exact Simple Storage Salim El Rouayheb EECS Department University of California, Berkeley

Joint work with: Sameer Pawar Nima Noorshams Prof. Kannan Ramchandran Talk Roadmap I Distributed Storage Background Failures & Repairs II & Motivation Reliability & Security Low Complexity Redundancy & Codes DRESS Uncoded repair Projective planes Codes Bins & balls

III Malicious attacks Network coding Separation result Security Secure capacity Data Everywhere

Coffee shop Airport Office

Home

• Increasing popularity of data-enabled devices and Hot spots, 4G, Wimax, Wi-fi etc, => “always online” infrastructure. • Truly mobile users • Want to be able to seamlessly access and share data anytime anywhere Off To The Cloud…

• Want our files to “follow” us wherever we go  Put them in the cloud  Get them from the cloud

Data Centers P2P Systems Cloud Applications Amazon Web Services Wuala: P2P Cloud Storage

• Trade idle local disk space on your computer for online storage

• First 1GB is free

Cloud storage = local donated storage * percentage of online time

70 GB 100 GB 70% Can We Trust the Cloud? Main Challenge: Cloud is formed of unreliable and untrusted components CloudyDistributed with a Chance Storage of Failure

Data center

Server Disk failure

virus

user peer Component failures are the norm rather then exception. • Nodes are unreliable by nature: - Hard disk failure - Network failure Solution: store data - Peer churning redundantly - Malicious nodes Multiple System Considerations

Coding for cloud storage

Decoding complexity

C rate

“Traditional” Coding Theory Escher “Impossible” Cube Different Codes for Different Folks

Replication (4,2) Erasure code New node New node n n 1 a a 1 a a a b 2MB File 1MB Download a+b n2 a n2 b a b 1 MB Download n n 2MB 3 b 3 a+b

n n 4 b 4 a+2b

tolerates 1 failure tolerates 2 failures

Reliability

Bandwidth Complexity/ Disk I/O Reducing Bandwidth Overhead • Repair BW can be reduced from 2 to 1.5 MB • Helper nodes send random linear combinations: random linear network coding .5MB • New data “functionally equivalent” to lost a 1 data. a2 • Repair BW can be reduced from 1.5 MB to a1 a2 b1 b2 1.2 MB if each node is willing to store 20% more. a, b b1 b2 b +b 2MB 1 2

a1+b1 a +b +a +b a2+b2 1 1 2 2 .5MB d=3

.5MB a +2b 1 1 a1+a2 .5MB 2a2+b2 a +2b +2(a +2b ) 1 1 2 2 a1+4a2

Dimakis, Wu & Ramchandran ‘07 Replacement node Fundamental Storage/Bandwidth Tradeoff

cost Internet, Wireless MBR Min. Bandwidth Regime Storage

Archival applications Min. Storage Regime MSR MDS

(Dimakis et al. ’07) Repair BW We Want More: Exact Repair?

• We want exact repair: a1 – Maintain a systematic copy of the n 1 a data 2 – Reduce system overhead b1 n2 – Security b2 ? a1 a1+b1 n3 a2 • Exact repair makes the problem 2a2+b2 Exact much harder 2a +b repair n4 1 1 – Relation to non-multicast network a2+b2 coding

• Recent important progress: Rashmi et al. (Product-Matrix Codes), Suh & Ramchandran ‘10, Cadambe et al. ‘10 Storage/Bandwidth Tradeoff

This Talk cost Min. Bandwidth Regime Recent Result: (Shah et al ’10) MBR Only MBR and MSR points are achievable under exact repair Storage

Interference alignment MSR techniques Min. Storage Regime

Repair BW Can we also reduce Disk I/O & Energy?

Bandwidth-efficiency comes with a price-tag.

a 1) Excessive data reading & 1 a computations 2

2) Read/write bandwidth of a hard b1 b +b disk is the bottleneck (100 MB/s vs. b2 1 2 New node

network speed ~1000 MB/s) a +2a +b +b a1 a1+b1 1 2 1 2 a2 2a2+b2 Can we have exact codes with

minimum overheads of: 2a1+b1 1) Repair bandwidth a2+b2 2) Disk reads 3) Computations? Contributions: Yes We Can

• DRESS codes:  Exact Repair  Minimum disk reads for repair  No data processing for repair: uncoded repair

Maximum Distance Separable

MDS Code Fractional Repetition file

Distributed Replication-based Exact Storage Simple Storage Cloud • Surprise: no loss of bandwidth efficiency • Bonus: well-suited for security applications • System price: repair not as flexible w.r.t. who can help Talk Roadmap I Background II & Motivation Uncoded repair DRESS Projective planes Steiner Systems Codes Bins & balls

III

Security DRESS Code Example d=3MB (n,k)=(7,3) 1 2 3 n Max file size= 6MB: cut-set bound 1 (Dimakis et al.) 3 4 5 n 2 K=3 parity-check File 6 MB 1 5 6 n3 1 2 3 4 5 6 MDS 1 2 3 4 5 6 7 Code 1 4 7 n 4 User 2 5 7 Gets 6 different n New parameter 5 packets repetition factor r=3 3 6 7 n6

2 4 6 n7

n=7 nodes Repairing DRESS Codes failure (n,k)=(7,3) parity-check New node File 6 MB 1 2 3 1 2 3 n1 1 2 3 4 5 6 7 3 4 5 n2  Repetition r=3can tolerate up to 2 simultaneous 1 5 6 n3 failures  Table based repair 1 4 7 n4 • If 3 nodes fail? 2 5 7 – Download complete file n5 – Reconstruct the lost data 3 6 7 – Rare bad even n6  Min repair bandwidth 2 4 6 n7  Min disk I/O calls  Uncoded repair Why “Traditional” Repetition Won’t Work?

Max file size= 6MB: cut-set bound 1 2 3 (Dimakis et al.) n1

1 2 3 parity-check n2 File 6 MB 1 2 3 4 5 6 7 1 2 3 n 3 user gets ONLY 3MB 4 5 6 (n,k)=(7,3) n4 repetition factor r=3 4 5 6 n5

4 5 6 n6

7 7 7 n7 Smart Packet Placement

How should we place the packet replicas? Goal: maximize file size

k(k 1) Max file size: C = kd − (Dimakis et al.) − 2 Penalty term due # nodes contacted to intersection by user # packets/node

k(k 1) k Rule: Make sure that any − = two nodes have at most one 2 2 ￿ ￿ packet in common Where Did That Solution Come From? Lines in projective planes 1 2 3 intersect in exactly one point n1

3 4 5 n2

1 5 6 n3

1 4 7 n4

2 5 7 Fano n5 of order 2 3 6 7 n6

Points  Packets 2 4 6 n Lines  Storage nodes 7 Higher Order Projective Planes

order m=2 m=3

m=4 • Projective planes are guaranteed to exist for any prime power order m. Codes from Projective Planes

Projective plane of order m=3

1 12 2

11 3 1 1 Projective Plane Storage System 1 10 13 4 Lines Storage nodes

9 5 Points Packets

8 6 7 Can we have constructions spanning n=13, r=d=4 more system parameters?

Theorem 1 (R. & Ramchandran Allerton’10) A projective plane of order m gives DRESS codes with n=m2+m+1 nodes and repetition factor r=repair degree d = m+1. Kirkman’s Schoolgirls Problem “Fifteen young ladies in a school walk out three abreast for seven days in succession; it is required to arrange them daily so

that no two shall walk twice abreast.” Kirkman, 1847 • Fifteen schoolgirls: A, B,…, O • They always take their daily walks in groups of threes 1 group 2 group 3 group 4 group 5 Sun ABC DEF GHI JKL MNO Mon ADH BEK MOI FLN GJC

… ? ? ? ? ? Sat ? ? ? ? ?

• Arrange them such that any two schoolgirls walk together exactly once a week Why Do We Care? Storage node A solution to Kirkman’s problem Sun ABC DEF GHI JKL MNO Mon ADH BEK CIO FLN GJM Tue AEM BHN CGK DIL FJO 7 days Wed AFI BLO CHJ DKM EGN Thu AGL BDJ CFM EHO IKN Fri AJN BIM CEL DOG FHK Sat AKO BFG CDN EIJ HLM

5 groups • Think of schoolgirls as packets and groups as storage nodes • Kirkman’s solution gives an optimal DRESS code for a  System with n=35 nodes  Each node stores 3 packets • What is the repetition factor here? answer=7 Not Your Average Puzzle… • Kirkman’s schoolgirls problem initiated a branch of known now as Design Theory

• Deep connections to other branches in : Algebra, Geometry, theory…

• Applications: – Coding Theory – Cryptography – Statistics Steiner Systems

A is a collection of points & lines such that: 1. There are points in total 2. Each line contains exactly points We want t=2 3. There is exactly one line that contains any given points

1 2 3

4 5 6

7 8 9 =S(2, 3, 7) S(2,3,9) # pts on a line Total # points Codes from Steiner Systems

Theorem 2: (R. & Ramchandran Allerton’10) A Steiner system gives a capacity-achieving DRESS code with parameters using correspondence lines: nodes, points: packets.

DRESS Codes Open problem I ? ? DRESS codes

Projective beyond Steiner Steiner Dual planes Systems codes systems?

? ? ? Min Reads Capacity

Min Bandwidth Capacity Lookup Minimum k C = k d Repair reads × − 2 ￿ ￿

Open problem II Capacity for minimum reads (and lookup repair)? Example

(n,k,d)=(7,3,3) 1 2 3 1 2 3 4 5 6

4 5 6 7 8 9

1 4 7 7 8 9 2 5 8

3 6 9

• Users contacting any 3 nodes will observe either 9 or 7 packets • This code guarantees a “rate” = 7 to any user • Capacity when repairing from any d nodes = 6 We Want More • Explicit constructions for Steiner systems exist for small values of r=3,4,5 • Existential guarantees for large number of nodes [Wilson 75] • Want more flexibility • Want to “grow”. Nested property? • Solution: randomized constructions

P2P network Lazy Man’s Codes

(n,k)=(7,3) 1 2 3 4 5 66 7 repetition factor r=3 File Size=6 Growing

3 7 5 6 6 4 4 2 5 2 7 5 3 7 1 4 1 1 2 1 3 Bin 1 Bin 2 Bin 3 Bin 4 Bin 5 Bin 6 Bin 7 • Fill the bins randomly by throwing 3 independent colors in each • User takes a hit on the file size if he contacts bins that have two many colors in common • Replication factor is random and can be less than 3 • Hope the bad events are rare It Pays To Be Lazy

(n,k)=(169,13); r=13

• Deterministic approach: cut-set bound = 91

• Statistical approach: − mean F =110

Theorem 3:(Concentration) Let F be the number of colors observed by a user contacting k nodes then B2 P ( F F¯ B) 2 exp( ) | − | ≥ ≤ −2kd 1 with F¯ = θ 1 (1 )kd , θ = nd/r. − − θ ￿ ￿ Content Distribution with Helpers

video catalog server

users P2P Video-on-Demand Helper nodes

 Examples of helper include:  idle Internet PC users: Thunder, PPStream, PPLive, Wuala etc…  set-top boxes, home gateways: Nano data centers  ISP P2P infrastructure nodes: Comcast  Goal: minimize server load or maximize a utility function Talk Roadmap I Background II & Motivation DRESS Codes

III Malicious attacks Network coding Separation Security Secure capacity Security, Security, Security

• How to guarantee data privacy and integrity? • What are the fundamental limits on cloud security?

• Computationally unbounded intruder • Two classes of intruders: - Passive: eavesdropper - Active: Malicious attacks Malicious Byzantine Nodes

• Hard problem related to open problems in network coding. ( Kosut, Tong & Tse ’10) • Non-linear coding, secure capacity still an open problem… • “Node vs. Edge Curse” known in the network coding literature • How about the cloud?

Cockroach network Why Is It a Hard Problem?

x x x (n,k)=(4,3) n1 1 2 3 File Size=6 bits x1 x2 x3 n x1 x4 x5 File:x1,…,x6 2 x1 x4 x5 x2 x4 x6 x1 x4 x5 n3 x2 x4 x6

x x x n4 x3 x5 x6 2 4 6

• Even a single malicious node can contaminate the whole system

• Although controlling 3 bits, the malicious node can introduce 5 errors • Can we at least store 1 bit securely? No Bit Left Behind

(n,k,d)=(4,2,3) n File=1 bit =‘0’ 1 x1 x2 x3

x1,…,x6 1 1 1 n 2 x1 x4 x5 0 (6,1) 000000 1 0 0 Repetition 1 0 0 n x1 x4 x5 3 x2 x4 x6

n x x x 4 x3 x5 x6 2 4 6

• Repeat the 1 bit information on all the nodes • 5 errors out of 9: simple majority decoding won’t work. • Idea: not any 5 errors can occur • DRESS code forces errors to have certain patterns Tetris Decoder

n1 x1 x2 x3

n2 x1 x4 x5 ★: possible error n 3 x2 x4 x6 n n4 x3 x5 x6 1 ★ ★ ★ ★ 0 0 0 ★ 0 0 0 ★ n 2 ★ 0 0 ★ ★ ★ 0 ★ 0 0 0 ★ n 3 ★ 0 0 0 ★ 0 ★ ★ ★ 0 0 ★

Bad node: n1 n2 n3 n4

• Decoder checks the error pattern and decode • It will always decodes to the correct bit • Bonus: can catch the malicious nodes Omniscient Adversary: Main Result

Theorem 4: Open Open For the MBR regime and d=n-1, the secrecy capacity is given by (Network Singleton bound):

# malicious nodes

MDS DRESS

Error correction file Cloud Separation scheme

• + Linear outer code. Internal nodes in the cloud operate as usual. • - Decoder: exponential time in number of malicious nodes Open Conclusion

• Cloud storage: guarantee reliability using unreliable nodes! • What codes should we use? storage, bandwidth, Disk I/O, computational complexity, latency, energy, security…

• DRESS codes: uncoded repair and efficient codes • Deterministic constructions from Proj. Spaces & Steiner sys. • Randomized constructions using balls & bins • Separation result for achieving security

• Open problems: Code constructions for more system parameters, “Smart” random constructions for better concentration, general secure capacity…