A Secure, Structured, Distributed Caching System for Providing Availability of Mission-Critical Reference Data

Mission-critical information is typically stored in the clear on some trusted portion of a network and only encrypted when sent elsewhere. If the network is penetrated, the information becomes vulnerable to disclosure, modification, and deletion, thus jeopardizing the mission. In response to such an attack or the imminent threat of attack, the information may be disconnected from the network, but the resulting lack of availability may also jeopardize the mission. We define requirements for a data caching system that is designed to maintain availability of mission-critical reference information, despite network penetration by an adversary, without sacrificing the information's security. We describe a basic network model and three alternative caching architectures to address these requirements: a secure, centralized (SCCA); a secure, unstructured, distributed (SUDCA); and a secure, structured, distributed (SSDCA) caching architecture. We define availability and confidentiality models and apply them to characterize these three architectures and compare their relative performance. We show that the SSDCA outperforms the alternatives in providing data availability and data confidentiality, assuming the compromise of data caches and the presence of eavesdropping. Lastly, we recommend related areas for further exploration.