Write-Once Read-Many File Systems

Write-Once Read-Many (WORM) storage is useful for immutable versioning and secure logging, where you wish to record information that an attacker can not modify. One common WORM media is a CD-R, which can not be rewritten, but CD-Rs are slow and do not allow data to be appended. WORM tapes may be appended to, but do not allow fast random access. WORM disk drives, are disk drives with modified device drivers or firmware that does not permit data to be re-written. The advantage of WORM disk drives is that random reads and appends are both fast operations. This project explores how to create a file system that is suitable for a WORM device.

Current file systems rely on re-writing information (e.g., the last block of a file on append or directory blocks when a new file is created), but if data is written to the WORM device, then it can not be changed. An auxiliary read-write device can be used to increase random access performance (e.g., using standard disk data structures that rely on random access writes). If the read-write device is tampered with, the entire file system could be reconstructed from only the sequentially written data on the WORM device. Part of the investigations involve which parts of the WORM abilities should be performed in the file system and which parts should be in disk device driver. Also, the trade offs between flexibility and complexity of the device driver will be explored (e.g., append only drives vs. append only partitions).