Network-Attached Secure Disks


Network-Attached Secure Disks is 1997-2001 research project of Carnegie Mellon University, with the goal of providing cost-effective scalable storage bandwidth.

Overview

NASD reduces the overhead on the file server by allowing storage devices to transfer data directly to clients. Most of the file manager's work is offloaded to the storage disk without integrating the file system policy into the disk. Most client operations like Read/Write go directly to the disks; less frequent operations like authentication go to the file manager. Disks transfer variable-length objects instead of fixed-size blocks to clients. The File Manager provides a time-limited cachable capability for clients to access the storage objects. A file access from the client to the disks has the following sequence:
  1. The client authenticates itself with the file manager and requests for the file access.
  2. If the client can be granted access to the file requested, the client receives the network location of NASD disks and their capability.
  3. If the client is accessing the disk for the first time, it receives a time-limited key for the establishment of secure communication to the disk.
  4. The file manager informs the corresponding disk using an independent channel.
  5. From now on, the client directly accesses the NASD disks by giving the capability it received and further data transfers go through the network, bypassing the file manager.