SecDFS: A Secure and Decentralized File System.

Consortium networks are usually constructed among enterprises and organizations. A consortium network is a specific type of decentralized network which only has a limited number of untrusted nodes. Consortium systems are designed to achieve consensus in such a network and provide stable and trusted services. Meanwhile, secure data sharing plays a crucial role in the consortium network, introducing new requirements to the underlying file system. Firstly, a consortium file system should be decentralized since any party of the consortium network is untrusted. Secondly, it should enforce data confidentiality and integrity and provide access control. Finally, the system should offer high performance. Existing file systems are designed for public decentralized or centralized networks and cannot meet all the above requirements. To address this problem, we present SecDFS, a decentralized, secure, high-performance file system for consortium networks. SecDFS first combines trusted execution environment and consistent hashing to design a consistent consensus protocol, through which SecDFS distributes files across consortium nodes and achieves data consensus. After that, SecDFS introduces a secure storage constructing method to protect the confidentiality and integrity of both the data and metadata, as well as a two-level cache to speed up the file system performance. We have implemented a prototype of SecDFS and performed a detailed evaluation with it. The results show that SecDFS has 74.83X latency speedup compared with the InterPlanetary File System on average.