This is the last post of the series of posts about the student research paper CloudRAID. The predecessor can be found in Markus Holtermann’s blog.
CloudRAID is a conceptual implementation of the idea bringing the RAID concept into the cloud. It shows how easy and efficient the distributed cloud storage is. CloudRAID implements a full REST API allowing developers to create their own clients. But unfortunately it lacks a fully featured user and administration interface to handle user accounts. Further development could deal with the support of more RAID versions than RAID5. Also the creation of privileged users could be implemented. The support for hierarchical paths for uploaded files is a topic that can be worked on too. Another subject of further development could be a plug-in interface. This means that software developers could create OSGi bundles implementing certain interfaces and providing certain services; these bundles would be triggered at certain actions – for example at CRUD actions, user creations, or password changes etc. A possible plug-in could be an indexing application creating a search index for all uploaded files. The contents of the backed-up (text) files would be searchable which would improve the usability of CloudRAID a lot. Such an indexer could be realized with the well-known Apache Lucene35 library and subject of a further student research project. Additionally the availability of the CloudRAID server can be increased by supporting a distributed application where different parts of the application run on different machines. This may lead to some bigger changes in the way bundles communicate with each other, but the current implementation already was developed keeping this in mind. Another subject of improvements is the client software. The implementation of a “sync client” could improve the usability a lot. “Sync client” means that the client automatically keeps track of changes of files on the local file system as well as the CloudRAID server and downloads respectively uploads the new file versions without any explicit user interaction. From the cryptographic perspective, there are multiple ways to increase the security of CloudRAID, too. The most simple enhancement would cover a client-side encryption of files. Thus, even if the CloudRAID server is compromised, the data itself is encrypted. More complicated and complex improvements affect the way the meta data is computed. Adding a user id or another unique key to their hash sums will prevent attacks on the storage provider side. Besides, the encryption algorithm could be changed from RC4 to AES.
[Sch12] Conrad Schmidt. CloudRAID Logo, August 2, 2012.