Toward Optimal Secure Distributed Storage Systems With Exact Repair

摘要

Distributed storage systems (DSSs) in the presence of an external wiretapper are considered. A DSS is parameterized by , in which the data are stored across nodes (each with storage capacity ), and must be recoverable by accessing the contents stored on any out of nodes. If a node fails, any out of nodes help in the repair (regeneration) of the failed node (by sending units of repair data, where ), so that the data can still be recovered from the DSS. For such a -DSS, security from the two types of wiretappers is investigated: 1) Type-I (node data) wiretapper, which can read the data stored on any nodes and 2) Type-II (repair data) wiretapper, which can read the data that is used to repair a set of failed nodes. The focus of this paper is on the optimal tradeoff between the storage and the repair bandwidth in presence of a Type-- /Type-II wiretapper and the practically relevant constraint of exact repair in which a failed node must be replaced by its exact replica. In this paper, several new results and outer bounds for the storage-versus-exact-repair-bandwidth tradeoff(s) are obtained for the Type-I and Type-II security problems. Furthermore, new outer bounds are presented for the Type-II problem, which hold for general parameters. It is shown that these outer bounds strictly improve upon the existing cutset-based outer bounds. The key technical contribution of this paper is in developing novel information theoretic converse proofs for these problems. From our optimal characterization results, we show that in a Type-II setting, the only efficient point in the storage-versus-exact-repair-bandwidth tradeoff is the minimum bandwidth regenerating (MBR) point corresponding to . This is in sharp contrast to the Type-I setting in which the optimal tradeoff allows a spectrum of operating points beyond the MBR point.