Paranoid: A Global Secure File Access Control System
ثبت نشده
چکیده
The Paranoid file system is an encrypted, secure, global file system with user-managed access control. The system provides efficient peer-to-peer applicationtransparent file sharing. This paper presents the design, implementation and evaluation of the Paranoid file system and its access-control architecture. The system lets users grant safe, selective, unix-like, file access to peer-groups across administrative boundaries. Files are kept encrypted and access control translates into key management. The system uses a novel transformation key scheme to effect access revocation. The file system works seamlessly with existing applications through the use of interposition agents [18]. The interposition agents provide a layer of indirection making it possible to implement transparent remote file access and data encryption/decryption without any OS modifications. System performance evaluations show that encryption and remote file-access overheads are small, showing that the Paranoid system is practical.
منابع مشابه
Secure and Flexible Global File Sharing
Sharing of files is a major application of computer networks, with examples ranging from LAN-based network file systems to wide-area applications such as use of version control systems in distributed software development. Identification, authentication and access control are much more challenging in this complex large-scale distributed environment. In this paper, we introduce the Distributed Cr...
متن کاملSecurity and Decentralized Control in the SFS Global File System
SFS (secure file system) is a global file system designed to be secure against all active and passive network attacks, provide a single namespace across all machines in the world, and avoid any form of centralized control. Using SFS, any unprivileged user can access any file server in the world securely and with no prior arrangement on the part of system administrators. New file servers are imm...
متن کاملAccess control in ultra-large-scale systems using a data-centric middleware
The primary characteristic of an Ultra-Large-Scale (ULS) system is ultra-large size on any related dimension. A ULS system is generally considered as a system-of-systems with heterogeneous nodes and autonomous domains. As the size of a system-of-systems grows, and interoperability demand between sub-systems is increased, achieving more scalable and dynamic access control system becomes an im...
متن کاملIntegrated Framework for Authentication and Access Control in Peer to Peer Groups
Collaborative applications like video/audio conferencing, IP telephony, file sharing, collaborative work spaces, and multi-user games, having varied security requirements, require a secure and reliable group communication system to provide co-ordination among the processes. Peer to peer computing allows users to interact with each other and find and share resources without requiring a centraliz...
متن کاملSGFS: Secure, Efficient and Policy-based Global File Sharing
This paper presents SGFS a secure global file sharing system. SGFS is designed based on important design requirements that include: efficiency for high performance data access, flexibility of cross-domain file sharing without administrative interference, support for flexible policies and off-the-shelf policy managers, ability to be deployed in diverse environments, ease of management and low ad...
متن کامل