Cryptographic access control in a distributed file system

Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT 2002)

Volumn , Issue , 2003, Pages 158-165

  Harrington, Anthony ^a   Jensen, Christian ^b  

^a TRINITY COLLEGE DUBLIN   (Ireland)

^b TECHNICAL UNIVERSITY OF DENMARK   (Denmark)

Author keywords

Access control; Cryptography; Network file systems

Indexed keywords

COMPUTER NETWORKS; COMPUTER SYSTEM RECOVERY; CRYPTOGRAPHY; DATA ACQUISITION; DATA PRIVACY; DISTRIBUTED DATABASE SYSTEMS; FILE ORGANIZATION;

CRYTOGRAPHIC ACCESS CONTROL; DISTRIBUTED FILE SYSTEM; NETWORK FILE SYSTEM;

SECURITY OF DATA;

EID: 0242625197     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/775412.775432     Document Type: Conference Paper

References (36)

1. J. P. Anderson. Computer security planning study. Technical Report 73-51, Air Force Electronic System Division, 1972.
2. E. Belani, A. Thornton, and M. Zhou. Authentication and security in WebFS, January 1997.
3. E. Belani, A. Vahdat, T. Anderson, and M. Dahlin. The crisis wide area security architecture. In Proceedings of the 7th USENIX Security Symposium, pages 15-29, San Antonio, Texas, U.S.A., January 1998.
4. M. Blaze. A cryptographic file system for UNIX. In ACM Conference on Computer and Communications Security, page 9-16, 1993.
5. G. Cattaneo and G. Persiano. Design and implementation of a transparent cryptographic filesystem for Unix. Unpublished Technical Report, ftp://edu-gw.dia.unisa.it/pub/tcfs/docs/tcfs.ps.gz., July 1997.
6. C. Czezatke and M. A. Ertl. LinLogFS - a log-structured filesystem for Linux. In Freenix Track of Usenix Annual Technical Conference, pages 77-88, 2000.
7. C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, and T. Ylonen. Spki certificate theory. Technical Report 2693, Network Working Group, IETF, September 1999.
8. M. Fischer, N. Lynch, and M. Paterson. Impossibility of distributed consensus with one faulty process. Journal of the ACM, 32(2):374-382, 1985.
9. K. Fu, M. F. Kaashoek, and D. Mazières. Fast and secure distributed read-only file system. In Proceedings of the 4th Symposium on Operating Systems Design and Implementation, pages 181-196, San Diego, California, U.S.A., October 2000.
10. A. Harrington. Cryptographic access control for a network file system. Master's thesis, Trinity College, Dublin, 2001.
11. J. H. Howard, M. L. Kazar, S. G. Menees, D. A. Nichols, m. Satyanarayanan, R. N. Sidebotham, and M. J. West. Scale and performance in a distributed file system. ACM Transactions on Computer Systems, 6(1):51-81, 1988.
12. J. Kohl and C. Neuman. The kerberos network authentication service (v5). Request for Comments (RFC) 1510, Network Working Group, IETF, September 1993.
13. B. Lampson, M. Abadi, M. Burrows, and E. Wobber. Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems, 10(4):265-310, November 1992.
14. B. W. Lampson. Protection. In Proceedings of the 5th Princeton Symposium on Information Sciences and Systems, pages 437-443, mars 1971. reprinted in Operating Systems Review, 8, 1 January 1974 pages 18-24.
15. R. N. M. Burrows, M. Abadi. A logic of authentication. ACM Transactions on Computer Systems, 8(1):18-36, February 1990.
16. D. Mazières. Security and decentralised control in the SFS distributed file system. Master's thesis, MIT Laboratory of Computer Science, 1997.
17. D. Mazières, M. Kaminsky, M.F. Kaashoek, and E. Witchel. Separating key management from file system security. In Proceedings of the 17th Symposium on Operating Systems Principles, pages 124-139, Kiawah Island, S.C., U.S.A., 1999.
18. B. D. Noble, B. Fleis, and L. P. Cox. Deferring trust in fluid replication. In Proceedings of the 9th ACM SIGOPS European Workshop, pages 79-84, Kolding, Denmark, September 2000.
19. T. S. S. of ITU. Information Technology - Opens Systems Interconnection - The Directory: Authentication Framework. Number of X.509 in ITU-T Recomandation. International Telecommunication Union, November 1993. Standard international ISO/IEC 9594-8: 1995 (E).
20. J. T. Regan and C. D. Jensen. Capability file names: Separating authorisation from user management in an internet file system. In Proceedings of the 2001 USENIX Security Symposium, pages 221-234, Washington D.C., U.S.A., August 2001.
21. P. Reiher, T. Page, S. Crocker, J. Cook, and G. Popek. Truffles-a secure service for widespread file sharing, 1993.
22. M. Rosenblum and J. K. Ousterhout. The design and implementation of a log-structured file system. ACM Transactions on Computer Systems, 10(1):26-52, 1992.
23. J. H. Saltzer, D. P. Reed, and D. D. Clark. End-to-end arguments in system design. ACM Transactions on Computer Systems, 2(4):277-288, Nov. 1984.
24. R. Sandberg, D. Goldberg, K. S, D. Walsh, and B. Lyon. Design and implementation of the Sun Network File System. In Proceedings of the Summer 1985 USENIX Conference, pages 119-130, Portland, Oregon, C9 tats-Unis, June 1985.
25. D. S. Santry, M. J. Feeley, N. C. Hutchinson, A. C. Veitch, R. W. Carton, and J. Ofir. Deciding when to forget in the elephant file system. In Proceedings of the 17th Symposium on Operating Systems Principles, pages 110-123, Kiawah Island Resort, South Carolina, U.S.A., 1999.
26. M. Satyanarayanan. A study of file sizes and functional lifetimes. In Proceedings of the Eight Symposium on Operating System Principles, pages 96-108, Pacific Grove, California, U.S.A., 1981.
27. M. Satyanarayanan. Integrating security in a large distributed system. ACM Transactions on Computer Systems, 7(3):247-280, 1989.
28. M. Satyanarayanan. Scalable, secure and highly available file access in a distributed workstation environment. IEEE Computer, pages 9-21, May 1990.
29. B. Schneier, J. Kelsey, D. Whiting, D. Wagner, and C. Hall. Twofish: a 128-bit block cipher, 1998.
30. M. I. Seltzer, K. Bostic, M. K. McKusick, and C. Staelin. An implementation of a log-structured file system for UNIX. In USENIX Winter, pages 307-326, 1993.
31. Sun Microsystems Inc. Nfs: Network file system protocol specification. Request for Comments (RFC) 1094, Network Working Group, March 1989.
32. A. S. Tanenbaum, S. J. Mullender, and R. van Renesse. Using sparse capabilities in a distributed operating system. In Proceedings of the 6th International Conference in Computing Systems, pages 558-563, June 1986.
33. A. Vahdat, P. Eastham, and T. Anderson. Webfs: A global cache coherent file system. Department of Computer Science, UC Berkeley, Technical Draft, 1996.
34. R. van Renesse, A. S. Tanenbaum, and W. Wilschut. The design of a high-performance file server. In Proceedings of the 9th International Conference on Distributed Computing Systems (ICDCS), pages 22-27, Washington, DC, 1989. IEEE Computer Society.
35. E. Wobber, M. Abadi, M. Burrows, and B. Lampson. Authentication in the Taos operating system. ACM Transactions on Computer Systems, 12(1):3-32, 1994.
36. E. Zadok, I. Badulescu, and A. Shender. Cryptfs: a stackable vnode level encryption file system. Technical report, Computer Science Department, Columbia University, 1998.