Protecting Persistent Data

In today’s systems, policies protecting stored data and mechanisms for their enforcement are spread across many software components, increasing the risk of violation due to bugs, vulnerabilities and misconfigurations. We suggest Guardat to addresses this problem. Users, developers and administrators specify file protection policies declaratively, concisely and separate from code, and Guardat enforces these policies by mediating I/O in the storage layer. Thus, policy enforcement relies only on the integrity of the Guardat controller and any external policy dependencies. The semantic gap between the storage layer enforcement and per-file policies is bridged using cryptographic attestations from Guardat. We show experimentally that the overhead is low.


Pesos: Policy Enhanced Secure Object store ACM EuroSys, 2018.


Thoth : Comprehensive Policy Compliance in Data Retrieval Systems Usenix Security, 2016.


Protecting Data Integrity with Storage Leases US Patent 9,165,155, 2015.


Guardat: Enforcing data policies at the storage layer ACM EuroSys, 2015.

PDF Poster Slides Video

Protecting Data Integrity with Storage Leases MPI-SWS Technical Report, 2011.

PDF Patent