{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,1]],"date-time":"2026-05-01T17:47:54Z","timestamp":1777657674396,"version":"3.51.4"},"reference-count":98,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2026,6,18]],"date-time":"2026-06-18T00:00:00Z","timestamp":1781740800000},"content-version":"vor","delay-in-days":366,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"NSF","award":["2412436, 2443219, 2231620"],"award-info":[{"award-number":["2412436, 2443219, 2231620"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Proc. ACM Manag. Data"],"published-print":{"date-parts":[[2025,6,17]]},"abstract":"<jats:p>Log-Structured Merge-tree-based Key-Value Stores (LSM-KVS) are widely used to support modern, high-performance, data-intensive applications. In recent years, with the trend of deploying and optimizing LSM-KVS from monolith to Disaggregated Storage (DS) setups, the confidentiality of LSM-KVS persistent data (e.g., WAL and SST files) is vulnerable to unauthorized access from insiders and external attackers and must be protected using encryption. Existing solutions lack a high-performance design for encryption in LSM-KVS, often focus on in-memory data protection with overheads of 3.4-32.5x, and lack the scalability and flexibility considerations required in DS deployments.<\/jats:p>\n                  <jats:p>\n                    This paper proposes two novel designs to address the challenges of providing robust security for persistent components of LSM-KVS while maintaining high performance in both monolith and DS deployments - a simple and effective instance-level design suitable for monolithic LSM-KVS deployments, and\n                    <jats:bold>SHIELD,<\/jats:bold>\n                    a design that embeds encryption into LSM-KVS components for minimal overhead in both monolithic and DS deployment. We achieve our objective through three contributions: (1) A fine-grained integration of encryption into LSM-KVS write path to minimize performance overhead from exposure-limiting practices like using unique encryption keys per file and regularly re-encrypting using new encryption keys during compaction, (2) Mitigating performance degradation caused by recurring encryption of Write-Ahead Log (WAL) writes by using a buffering solution and (3) Extending confidentiality guarantees to DS by designing a metadata-enabled encryption-key-sharing mechanism and a secure local cache for high scalability and flexibility. We implement both designs on RocksDB, evaluating them in monolithic and DS setups while showcasing an overhead of 0-32% for the instance-level design and 0-36% for SHIELD.\n                  <\/jats:p>","DOI":"10.1145\/3725354","type":"journal-article","created":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T21:22:29Z","timestamp":1750281749000},"page":"1-28","source":"Crossref","is-referenced-by-count":1,"title":["SHIELD: Encrypting Persistent Data of LSM-KVS from Monolithic to Disaggregated Storage"],"prefix":"10.1145","volume":"3","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0317-1214","authenticated-orcid":false,"given":"Viraj","family":"Thakkar","sequence":"first","affiliation":[{"name":"Arizona State University, Tempe, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7660-9646","authenticated-orcid":false,"given":"Dongha","family":"Kim","sequence":"additional","affiliation":[{"name":"Arizona State University, Tempe, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-4129-426X","authenticated-orcid":false,"given":"Yingchun","family":"Lai","sequence":"additional","affiliation":[{"name":"Apache Pegasus (Incubating) Community, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1450-5248","authenticated-orcid":false,"given":"Hokeun","family":"Kim","sequence":"additional","affiliation":[{"name":"Arizona State University, Tempe, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6950-1776","authenticated-orcid":false,"given":"Zhichao","family":"Cao","sequence":"additional","affiliation":[{"name":"Arizona State University, Tempe, USA"}]}],"member":"320","published-online":{"date-parts":[[2025,6,18]]},"reference":[{"key":"e_1_2_2_1_1","unstructured":"[n. d.]. Apache Hadoop 3.3.1 -- HDFS Architecture. https:\/\/hadoop.apache.org\/docs\/r3.3.1\/hadoop-project-dist\/hadoophdfs\/HdfsDesign.html"},{"key":"e_1_2_2_2_1","unstructured":"[n. d.]. File Key Management Encryption Plugin. https:\/\/mariadb.com\/kb\/en\/file-key-management-encryption-plugin\/"},{"key":"e_1_2_2_3_1","unstructured":"[n. d.]. Pipelined Write \u00b7 facebook\/rocksdb Wiki. https:\/\/github.com\/facebook\/rocksdb\/wiki\/Pipelined-Write"},{"key":"e_1_2_2_4_1","unstructured":"[n. d.]. Write Ahead Log (WAL). https:\/\/github.com\/facebook\/rocksdb\/wiki\/Write-Ahead-Log-(WAL)"},{"key":"e_1_2_2_5_1","unstructured":"2024. google\/leveldb. https:\/\/github.com\/google\/leveldb original-date: 2014-08--27T21:17:52Z."},{"key":"e_1_2_2_6_1","volume-title":"June","author":"Accessed","year":"2023","unstructured":"Accessed: June, 2023. ZippyDB: a modern, distributed key-value data store. https:\/\/www.youtube.com\/watch?v= DfiN7pG0D0k."},{"key":"e_1_2_2_7_1","unstructured":"262588213843476. [n. d.]. Latency Numbers Every Programmer Should Know. https:\/\/gist.github.com\/jboner\/2841832"},{"key":"e_1_2_2_8_1","volume-title":"Proceedings 21","author":"Agarwal Archita","year":"2020","unstructured":"Archita Agarwal and Seny Kamara. 2020. Encrypted key-value stores. In Progress in Cryptology--INDOCRYPT 2020: 21st International Conference on Cryptology in India, Bangalore, India, December 13--16, 2020, Proceedings 21. Springer, 62--85."},{"key":"e_1_2_2_9_1","unstructured":"Ibrar Ahmed. 2024. What is Transparent Data Encryption (TDE)? The Ultimate Guide. https:\/\/www.percona.com\/ blog\/transparent-data-encryption-tde\/"},{"key":"e_1_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/IPDPS49936.2021.00115"},{"key":"e_1_2_2_11_1","unstructured":"Apache Hadoop. 2020. Hadoop Transparent Encryption. https:\/\/hadoop.apache.org\/docs\/r3.3.0\/hadoop-projectdist\/ hadoop-hdfs\/TransparentEncryption.html Accessed: 2024--10--16."},{"key":"e_1_2_2_12_1","unstructured":"Apache Hadoop. 2024. Hadoop Secure Mode - Data Confidentiality. https:\/\/hadoop.apache.org\/docs\/stable\/hadoopproject-dist\/hadoop-common\/SecureMode.html#Data_confidentiality Accessed: 2024--10--15."},{"key":"e_1_2_2_13_1","unstructured":"Apache Hadoop 3.3.1 -- Transparent Encryption in HDFS [n. d.]. Apache Hadoop 3.3.1 -- Transparent Encryption in HDFS. https:\/\/hadoop.apache.org\/docs\/r3.3.1\/hadoop-project-dist\/hadoop-hdfs\/TransparentEncryption.html"},{"key":"e_1_2_2_14_1","unstructured":"Krste Asanovic. 2014. FireBox: A Hardware Building Block for 2020 Warehouse-Scale Computers. https:\/\/www. usenix.org\/conference\/fast14\/technical-sessions\/presentation\/keynote"},{"key":"e_1_2_2_15_1","volume-title":"Avocado: A Secure In-Memory Distributed Storage System. In 2021 USENIX Annual Technical Conference (USENIX ATC 21)","author":"Bailleu Maurice","year":"2021","unstructured":"Maurice Bailleu, Dimitra Giantsidi, Vasilis Gavrielatos, Vijay Nagarajan, Pramod Bhatotia, et al. 2021. Avocado: A Secure In-Memory Distributed Storage System. In 2021 USENIX Annual Technical Conference (USENIX ATC 21). 65--79."},{"key":"e_1_2_2_16_1","volume-title":"17th USENIX Conference on File and Storage Technologies (FAST 19)","author":"Bailleu Maurice","year":"2019","unstructured":"Maurice Bailleu, J\u00f6rg Thalheim, Pramod Bhatotia, Christof Fetzer, Michio Honda, and Kapil Vaswani. 2019. SPEICHER: Securing LSM-based Key-Value Stores using Shielded Execution. In 17th USENIX Conference on File and Storage Technologies (FAST 19). 173--190."},{"key":"e_1_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1989323.1989346"},{"key":"e_1_2_2_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.3034260"},{"key":"e_1_2_2_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2799647"},{"key":"e_1_2_2_20_1","first-page":"2","volume-title":"IPFS-content addressed, versioned","author":"Benet Juan","year":"2014","unstructured":"Juan Benet. 2014. IPFS-content addressed, versioned, p2p file system. arXiv preprint arXiv:1407.3561 (2014)."},{"key":"e_1_2_2_21_1","volume-title":"Workshop record of SASC","volume":"8","author":"Daniel","unstructured":"Daniel J Bernstein et al. 2008. ChaCha, a variant of Salsa20. In Workshop record of SASC, Vol. 8. Citeseer, 3--5."},{"key":"e_1_2_2_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/3373376.3378504"},{"key":"e_1_2_2_23_1","volume-title":"Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud. In Network and Distributed System Security Symposium.","author":"Birgisson Arnar","year":"2014","unstructured":"Arnar Birgisson, Joe Gibbs Politz, \u00dalfar Erlingsson, Ankur Taly, Michael Vrable, and Mark Lentczner. 2014. Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud. In Network and Distributed System Security Symposium."},{"key":"e_1_2_2_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40657-7"},{"key":"e_1_2_2_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/3488368"},{"key":"e_1_2_2_26_1","doi-asserted-by":"publisher","DOI":"10.5555\/3386691.3386712"},{"key":"e_1_2_2_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/1807128.1807152"},{"key":"e_1_2_2_28_1","unstructured":"Jonathan Corbet. 2019. Buffered I\/O without page-cache thrashing [LWN.net]. https:\/\/lwn.net\/Articles\/806980\/"},{"key":"e_1_2_2_29_1","unstructured":"Intel Corporation. 2024. Intel\u00ae Software Guard Extensions (Intel\u00ae SGX). https:\/\/www.intel.com\/content\/www\/us\/en\/ products\/docs\/accelerator-engines\/software-guard-extensions.html Accessed: 2024-08--28."},{"key":"e_1_2_2_30_1","volume-title":"Intel SGX explained. Cryptology ePrint Archive","author":"Costan Victor","year":"2016","unstructured":"Victor Costan and Srinivas Devadas. 2016. Intel SGX explained. Cryptology ePrint Archive (2016)."},{"key":"e_1_2_2_31_1","volume-title":"The design of Rijndael","author":"Daemen Joan","unstructured":"Joan Daemen and Vincent Rijmen. 2002. The design of Rijndael. Vol. 2. Springer."},{"key":"e_1_2_2_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3489517.3530470"},{"key":"e_1_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.14778\/1920841.1921015"},{"key":"e_1_2_2_34_1","first-page":"3","article-title":"Optimizing Space Amplification in RocksDB","volume":"3","author":"Dong Siying","year":"2017","unstructured":"Siying Dong, Mark Callaghan, Leonidas Galanis, Dhruba Borthakur, Tony Savor, and Michael Strum. 2017. Optimizing Space Amplification in RocksDB.. In CIDR, Vol. 3. 3.","journal-title":"CIDR"},{"key":"e_1_2_2_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3483840"},{"key":"e_1_2_2_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/3589772"},{"key":"e_1_2_2_37_1","unstructured":"Facebook. [n. d.]. RocksDB Benchmarking Tools. https:\/\/github.com\/facebook\/rocksdb\/wiki\/Benchmarking-tools. Accessed: 2024-09--16."},{"key":"e_1_2_2_38_1","unstructured":"Facebook:ZippyDBArchitecture 2021. How we built a general purpose key value store for Facebook with ZippyDB. https:\/\/engineering.fb.com\/2021\/08\/06\/core-infra\/zippydb\/"},{"key":"e_1_2_2_39_1","volume-title":"12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16)","author":"Gao Peter X.","unstructured":"Peter X. Gao, Akshay Narayan, Sagar Karandikar, Joao Carreira, Sangjin Han, Rachit Agarwal, Sylvia Ratnasamy, and Scott Shenker. 2016. Network Requirements for Resource Disaggregation. In 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16). USENIX Association, Savannah, GA, 249--264. https:\/\/www.usenix.org\/ conference\/osdi16\/technical-sessions\/presentation\/gao"},{"key":"e_1_2_2_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945450"},{"key":"e_1_2_2_41_1","unstructured":"Gluster Community. 2024. GlusterFS - Scale-out Network Attached Storage. https:\/\/www.gluster.org\/ Accessed: 2024--10--15."},{"key":"e_1_2_2_42_1","unstructured":"Google. 2024. Data encryption with a customer-managed key in Azure Database for PostgreSQL - Flexible Server. https:\/\/cloud.google.com\/kms\/docs\/envelope-encryption#data_encryption_keys"},{"key":"e_1_2_2_43_1","unstructured":"Google. 2024. Envelope encryption - Data encryption keys. https:\/\/cloud.google.com\/kms\/docs\/envelope-encryption# data_encryption_keys"},{"key":"e_1_2_2_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/3448016.3457297"},{"key":"e_1_2_2_45_1","unstructured":"InterPlanetary File System. 2024. IPFS Concepts: Privacy and Encryption. https:\/\/docs.ipfs.tech\/concepts\/privacyand-encryption\/#node-identifiability Accessed: 2024--10--15."},{"key":"e_1_2_2_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/1374376.1374438"},{"key":"e_1_2_2_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/3631309.3632832"},{"key":"e_1_2_2_48_1","unstructured":"JuiceFS. 2023. JuiceFS Encryption Documentation. https:\/\/juicefs.com\/docs\/community\/security\/encryption\/ Accessed: 2024--10--16."},{"key":"e_1_2_2_49_1","unstructured":"Gary Kessler. [n. d.]. An Overview of Cryptography. https:\/\/www.garykessler.net\/library\/crypto.html"},{"key":"e_1_2_2_50_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.softx.2023.101390"},{"key":"e_1_2_2_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/3625687.3628408"},{"key":"e_1_2_2_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/3054977.3054980"},{"key":"e_1_2_2_53_1","doi-asserted-by":"publisher","DOI":"10.1177\/1094342019847264"},{"key":"e_1_2_2_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/3302424.3303951"},{"key":"e_1_2_2_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/3491084.3491425"},{"key":"e_1_2_2_56_1","unstructured":"ARM Limited. 2024. ARM Security Technology: Building a Secure System using TrustZone Technology. https:\/\/community.arm.com\/cfs-file\/__key\/telligent-evolution-components-attachments\/01--2057-00-00-00-00-53--99\/PRD29_2D00_GENC_2D00_009492C_5F00_trustzone_5F00_security_5F00_whitepaper.pdf Accessed: 2024-08-28."},{"key":"e_1_2_2_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/MCOM.001"},{"key":"e_1_2_2_58_1","unstructured":"Robert Love. [n. d.]. 3. Buffered I\/O - Linux System Programming [Book]. https:\/\/www.oreilly.com\/library\/view\/linuxsystem-programming\/0596009585\/ch03.html ISBN: 9780596009588."},{"key":"e_1_2_2_59_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSST.2012.6232390"},{"key":"e_1_2_2_60_1","unstructured":"MariaDB Corporation. 2024. Data at Rest Encryption Overview. https:\/\/mariadb.com\/kb\/en\/data-at-rest-encryptionoverview\/ Accessed: 2024--10--11."},{"key":"e_1_2_2_61_1","unstructured":"Microsoft. 2023. Create the Key Distribution Services (KDS) Root Key. https:\/\/learn.microsoft.com\/en-us\/windowsserver\/ identity\/ad-ds\/manage\/group-managed-service-accounts\/group-managed-service-accounts\/create-the-keydistribution-services-kds-root-key. Accessed: 2024--10-01."},{"key":"e_1_2_2_62_1","unstructured":"Microsoft. 2023. Key Distribution Center. https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/secauthn\/keydistribution-center. Accessed: 2024--10-01."},{"key":"e_1_2_2_63_1","doi-asserted-by":"publisher","DOI":"10.1109\/IC2E.2014.48"},{"key":"e_1_2_2_64_1","volume-title":"10th USENIX Symposium on Operating Systems Design and Implementation (OSDI 12)","author":"Narayan Arjun","year":"2012","unstructured":"Arjun Narayan and Andreas Haeberlen. 2012. DJoin: Differentially private join queries over distributed databases. In 10th USENIX Symposium on Operating Systems Design and Implementation (OSDI 12). 149--162."},{"key":"e_1_2_2_65_1","unstructured":"National Institute of Standards and Technology. 2016. Recommendation for Key Management - Part 2: Best Practices for Key Management Organizations. Technical Report SP 800--57 Rev. 1. NIST. https:\/\/csrc.nist.gov\/pubs\/sp\/800\/57\/pt2\/r1\/final Accessed: 2024--10-04."},{"key":"e_1_2_2_66_1","volume-title":"Kerberos: An authentication service for computer networks","author":"Clifford Neuman B","year":"1994","unstructured":"B Clifford Neuman and Theodore Ts'o. 1994. Kerberos: An authentication service for computer networks. IEEE Communications magazine 32, 9 (1994), 33--38."},{"key":"e_1_2_2_67_1","unstructured":"OWASP:CryptographicStorageCheatSheet 2019. Cryptographic Storage - OWASP Cheat Sheet Series. https:\/\/cheatsheetseries.owasp.org\/cheatsheets\/Cryptographic_Storage_Cheat_Sheet.html"},{"key":"e_1_2_2_68_1","doi-asserted-by":"publisher","DOI":"10.1007\/s002360050048"},{"key":"e_1_2_2_69_1","volume-title":"19th USENIX Conference on File and Storage Technologies (FAST 21)","author":"Pan Satadru","year":"2021","unstructured":"Satadru Pan, Theano Stavrinos, Yunqiao Zhang, Atul Sikaria, Pavel Zakharov, Abhinav Sharma, Shiva Shankar P, Mike Shuey, Richard Wareing, Monika Gangapuram, Guanglei Cao, Christian Preseau, Pratap Singh, Kestutis Patiejunas, JR Tipton, Ethan Katz-Bassett, and Wyatt Lloyd. 2021. Facebook's Tectonic Filesystem: Efficiency from Exascale. In 19th USENIX Conference on File and Storage Technologies (FAST 21). USENIX Association, 217--231. https:\/\/www.usenix.org\/conference\/fast21\/presentation\/pan"},{"key":"e_1_2_2_70_1","volume-title":"12th USENIX symposium on operating systems design and implementation (OSDI 16)","author":"Papadimitriou Antonis","year":"2016","unstructured":"Antonis Papadimitriou, Ranjita Bhagwan, Nishanth Chandran, Ramachandran Ramjee, Andreas Haeberlen, Harmeet Singh, Abhishek Modi, and Saikrishna Badrinarayanan. 2016. Big data analytics over encrypted datasets with seabed. In 12th USENIX symposium on operating systems design and implementation (OSDI 16). 587--602."},{"key":"e_1_2_2_71_1","unstructured":"paxdiablo. 2009. Answer to ''Buffered vs unbuffered IO''. https:\/\/stackoverflow.com\/a\/1450563\/11215536"},{"key":"e_1_2_2_72_1","unstructured":"Hieu Pham. [n. d.]. Remote Compactions in RocksDB-Cloud. https:\/\/rockset.com\/blog\/remote-compactions-inrocksdb-cloud\/"},{"key":"e_1_2_2_73_1","first-page":"591","article-title":"Arx: A Strongly Encrypted Database System","volume":"2016","author":"Poddar Rishabh","year":"2016","unstructured":"Rishabh Poddar, Tobias Boelter, and Raluca Ada Popa. 2016. Arx: A Strongly Encrypted Database System. IACR Cryptol. ePrint Arch. 2016 (2016), 591.","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"e_1_2_2_74_1","doi-asserted-by":"publisher","DOI":"10.1145\/2043556.2043566"},{"key":"e_1_2_2_75_1","doi-asserted-by":"publisher","DOI":"10.1145\/2330667.2330691"},{"key":"e_1_2_2_76_1","unstructured":"Thomas Pornin. 2013. Answer to ''Block chaining modes to avoid''. https:\/\/security.stackexchange.com\/a\/27780\/282524"},{"key":"e_1_2_2_77_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00025"},{"key":"e_1_2_2_78_1","doi-asserted-by":"publisher","unstructured":"Eric Rescorla. 2018. The Transport Layer Security (TLS) Protocol Version 1.3. Request for Comments RFC 8446. Internet Engineering Task Force. https:\/\/doi.org\/10.17487\/RFC8446 Num Pages: 160.","DOI":"10.17487\/RFC8446"},{"key":"e_1_2_2_79_1","unstructured":"Rocksdb:LookupPerformance 2018. Improving Point-Lookup Using Data Block Hash Index. https:\/\/rocksdb.org\/blog\/2018\/08\/23\/data-block-hash-index.html"},{"key":"e_1_2_2_80_1","unstructured":"Rocksdb:TuningGuide 2023. RocksDB Tuning Guide. https:\/\/github.com\/facebook\/rocksdb\/wiki\/RocksDB-Tuning-Guide"},{"key":"e_1_2_2_81_1","unstructured":"@Scale. 2015. Data @Scale Seattle-Muthu Annamalai. https:\/\/www.youtube.com\/watch?v=DfiN7pG0D0k"},{"key":"e_1_2_2_82_1","doi-asserted-by":"publisher","DOI":"10.1002\/jcc.24807"},{"key":"e_1_2_2_83_1","volume-title":"Distributed OS for Hardware Resource Disaggregation. In 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI 18)","author":"Shan Yizhou","year":"2018","unstructured":"Yizhou Shan, Yutong Huang, Yilun Chen, and Yiying Zhang. 2018. LegoOS: A Disseminated, Distributed OS for Hardware Resource Disaggregation. In 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI 18). USENIX Association, Carlsbad, CA, 69--87. https:\/\/www.usenix.org\/conference\/osdi18\/presentation\/shan"},{"key":"e_1_2_2_84_1","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom60117.2023.00111"},{"key":"e_1_2_2_85_1","unstructured":"SHIELD [n. d.]. SHIELD: Encrypting Persistent Data of LSM-KVS from Monolithic to Disaggregated Storage. https:\/\/github.com\/asu-idi\/SHIELD"},{"key":"e_1_2_2_86_1","doi-asserted-by":"publisher","DOI":"10.1145\/1815933.1815940"},{"key":"e_1_2_2_87_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSST.2010.5496972"},{"key":"e_1_2_2_88_1","unstructured":"ThalesGroup:SelectingRightEncryptionApproach 2020. Selecting the Right Encryption Approach. https:\/\/cpl.thalesgroup.com\/encryption\/selecting-right-encryption-approach"},{"key":"e_1_2_2_89_1","doi-asserted-by":"publisher","DOI":"10.14778\/2535573.2488336"},{"key":"e_1_2_2_90_1","doi-asserted-by":"publisher","DOI":"10.1109\/MIC.2014.126"},{"key":"e_1_2_2_91_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDE55515.2023.00217"},{"key":"e_1_2_2_92_1","doi-asserted-by":"publisher","unstructured":"Hao Wen Zhichao Cao Yang Zhang Xiang Cao Ziqi Fan Doug Voigt and David Du. 2018. JoiNS: Meeting Latency SLO with Integrated Control for Networked Storage. In 2018 IEEE 26th International Symposium on Modeling Analysis and Simulation of Computer and Telecommunication Systems (MASCOTS). IEEE Milwaukee WI 194--200. https:\/\/doi.org\/10.1109\/MASCOTS.2018.00027","DOI":"10.1109\/MASCOTS.2018.00027"},{"key":"e_1_2_2_93_1","doi-asserted-by":"publisher","DOI":"10.1145\/3654927"},{"key":"e_1_2_2_94_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3052977"},{"key":"e_1_2_2_95_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897845.2897852"},{"key":"e_1_2_2_96_1","volume-title":"Rethinking Data Management Systems for Disaggregated Data Centers. Conference on Innovative Data Systems Research (Jan.","author":"Zhang Qizhen","year":"2020","unstructured":"Qizhen Zhang, Yifan Cai, Sebastian Angel, Ang Chen, Vincent Liu, and Boon Thau Loo. 2020. Rethinking Data Management Systems for Disaggregated Data Centers. Conference on Innovative Data Systems Research (Jan. 2020). https:\/\/par.nsf.gov\/biblio\/10157860"},{"key":"e_1_2_2_97_1","doi-asserted-by":"publisher","DOI":"10.1109\/ITOEC49072.2020.9141835"},{"key":"e_1_2_2_98_1","volume-title":"d.]. Time-Aware Tiered Storage in RocksDB. https:\/\/rocksdb.org\/blog\/2022\/11\/09\/time-aware-tieredstorage. html. Accessed","author":"Zhuang Jay","year":"2023","unstructured":"Jay Zhuang. [n. d.]. Time-Aware Tiered Storage in RocksDB. https:\/\/rocksdb.org\/blog\/2022\/11\/09\/time-aware-tieredstorage. html. Accessed 10 Jan, 2023."}],"container-title":["Proceedings of the ACM on Management of Data"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3725354","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3725354","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,31]],"date-time":"2026-03-31T19:00:25Z","timestamp":1774983625000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3725354"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6,17]]},"references-count":98,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2025,6,17]]}},"alternative-id":["10.1145\/3725354"],"URL":"https:\/\/doi.org\/10.1145\/3725354","relation":{},"ISSN":["2836-6573"],"issn-type":[{"value":"2836-6573","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,6,17]]}}}