Controlling File Access with Types
نویسندگان
چکیده
Accidental misuse of shared files by authorised users is a predominant problem. This paper proposes a well-known static analysis approach, namely a type system, to prevent such accidental misuse. We develop a type system that intercepts commands issued by users in a file system and enforces policies on each file. Commands issued by users to manipulate files will be subject to type checking by the type system. Typechecked commands are then guaranteed to not violate policies of the files. The focus of this paper is on a particular policy that allows owners of files (users who created files) to specify the number of times a file can be read by limiting the number of times a file can be copied. Therefore, a file can be read as much as it can be copied. If the file cannot be copied, then it can be read only once. This approach can be extended to other properties.
منابع مشابه
A Discretionary Access Control Method for Preventing Data Exfiltration (DE) via Removable Devices
One of the major challenges facing the security community today is how to prevent DE. DE is the unauthorized release of information from a computer system or network of systems. Current methods attempt to address this issue by controlling the information that is released over the Internet. In this paper, we present a host-level discretionary access control method that focuses on exfiltration vi...
متن کاملEscaping Hierarchies and Desktops: Associative, Pervasive File Access with User Control
There has long been recognition of the limitations of hierarchical file systems, particularly when people need collections of files, email and web pages for a new task. An associative file access mechanism offers promise in addressing these limitations. Such a mechanism is particularly appealing for personal file access at pervasive interaction devices, such as tabletops, providing an excellent...
متن کاملNovel Architecture for Controlling File System Access
File system administration directly or indirectly affects all users of computer systems today. In an organization, users interact directly with managed file systems, which provide a means of data storage. Users of on-line services, for example, search engines, social networks, photo and video sharing, web based email, etc., rely on managed file systems indirectly, for storing and accessing data...
متن کاملA Metaobject Protocol for Controlling File Cache Management
This paper presents the design of a metaobject protocol (MOP) for controlling file buffer caches in operating systems. The MOP exposes an abstraction of the file cache machinery that is an inherent part of every file system implementation, and thereby allows applications to control cache management decisions for the files that they use. Safety and protection are preserved by carefully designing...
متن کاملControlling Your PLACE in the File System with Gray-box Techniques
We present the design and implementation of PLACE, a gray-box library for controlling file layout on top of FFSlike file systems. PLACE exploits its knowledge of FFS layout policies to let users place files and directories into specific and localized portions of disk. Applications can use PLACE to collocate files that exhibit temporal locality of access, thus improving performance. Through a se...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Electr. Notes Theor. Comput. Sci.
دوره 332 شماره
صفحات -
تاریخ انتشار 2017