Depot: Cloud Storage with Minimal Trust

  • Prince Mahajan ,
  • ,
  • Sangmin Lee ,
  • Allen Clement ,
  • Lorenzo Alvisi ,
  • Mike Dahlin ,
  • Michael Walfish

Symposium on Operating Systems Design and Implementation (OSDI) |

Published by USENIX - Advanced Computing Systems Association

The paper describes the design, implementation, and evaluation of Depot, a cloud storage system that minimizes trust assumptions. Depot tolerates buggy or malicious behavior by any number of clients or servers, yet it provides safety and liveness guarantees to correct clients. Depot provides these guarantees using a two-layer architecture. First, Depot ensures that the updates observed by correct nodes are consistently ordered under Fork-Join Causal consistency (FJC). FJC is a slight weakening of causal consistency that can be both safe and live despite faulty nodes. Second, Depot implements protocols that use this consistent ordering of updates to provide other desirable consistency, staleness, durability, and recovery properties. Our evaluation suggests that the costs of these guarantees are modest and that Depot can tolerate faults and maintain good availability, latency, overhead, and staleness even when significant faults occur.