A secure file sharing service for distributed computing environments

Distributed cryptographic file systems enable file sharing among their users and need the adoption of a key management scheme for the distribution of the cryptographic keys to authorized users according to their specific degree of trust. In this paper we describe the architecture of a basic secure file sharing facility relying on a multi-party threshold-based key-sharing scheme that can be overlaid on top of the existing stackable networked file systems, and discuss its application to the implementation of distributed cryptographic file systems. It provides flexible access control policies supporting multiple combination of roles and trust profiles. A proof of concept prototype implementation within the Linux operating system framework demonstrated its effectiveness in terms of performance and security robustness.

[1]  Masato Tsuru,et al.  Data transfer exploiting multiple heterogeneous challenged networks - implementation and application , 2012, Int. J. Space Based Situated Comput..

[2]  Alfredo De Santis,et al.  Towards a Lawfully Secure and Privacy Preserving Video Surveillance System , 2010, EC-Web.

[3]  A. Al Hasib,et al.  A Comparative Study of the Performance and Security Issues of AES and RSA Cryptography , 2008, 2008 Third International Conference on Convergence and Hybrid Information Technology.

[4]  Matt Blaze,et al.  Key Management in an Encrypting File System , 1994, USENIX Summer.

[5]  Tang Ming . Wei Lian. Si Tuo Lin Si,et al.  Cryptography and Network Security - Principles and Practice , 2015 .

[6]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[7]  Matthew K. Franklin,et al.  Efficient generation of shared RSA keys , 2001, JACM.

[8]  Burton S. Kaliski Advances in Cryptology - CRYPTO '97 , 1997 .

[9]  Erez Zadok,et al.  Cryptfs: A Stackable Vnode Level Encryption File System , 1998 .

[10]  Eyal Kushilevitz,et al.  From Differential Cryptanalysis to Ciphertext-Only Attacks , 1998, CRYPTO.

[11]  John H. Howard,et al.  On Overview of the Andrew File System , 1988, USENIX Winter.

[12]  Matt Blaze,et al.  A cryptographic file system for UNIX , 1993, CCS '93.

[13]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[14]  Leonard Barolli,et al.  Special issue on emerging trends in ubiquitous computing systems , 2010, J. Ambient Intell. Humaniz. Comput..

[15]  Fatos Xhafa,et al.  Towards a corporate governance trust agent scoring model for collaborative virtual organisations , 2011, Int. J. Grid Util. Comput..

[16]  Hugo Krawczyk,et al.  Advances in Cryptology - CRYPTO '98 , 1998 .

[17]  Yves Deswarte,et al.  Intrusion tolerance in distributed computing systems , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[18]  Claudio Soriente,et al.  Security and privacy issues in the Portable Document Format , 2010, J. Syst. Softw..

[19]  David Mazières,et al.  Separating key management from file system security , 1999, SOSP.

[20]  Bhavani M. Thuraisingham,et al.  Inferring private information using social network data , 2009, WWW '09.

[21]  Ching-Hsien Hsu Ubiquitous Intelligence and Computing: building smart environment in real and cyber space , 2012, J. Ambient Intell. Humaniz. Comput..

[22]  Claudio Soriente,et al.  Taking advantages of a disadvantage: Digital forensics and steganography using document metadata , 2007, J. Syst. Softw..

[23]  Matthew K. Franklin,et al.  Efficient Generation of Shared RSA Keys (Extended Abstract) , 1997, CRYPTO.

[24]  Alfredo De Santis,et al.  Do You Trust Your Phone? , 2009, EC-Web.

[25]  A Min Tjoa,et al.  E-Commerce and Web Technologies , 2002, Lecture Notes in Computer Science.

[26]  Dan Boneh,et al.  Building intrusion tolerant applications , 1999, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[27]  David A. Goldberg,et al.  Design and Implementation of the Sun Network Filesystem , 1985, USENIX Conference Proceedings.

[28]  João Pedro Sousa,et al.  Authentication, authorisation and auditing for ubiquitous computing: a survey and vision , 2011, Int. J. Space Based Situated Comput..

[29]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[30]  Brian A. Carter,et al.  Advanced Encryption Standard , 2007 .

[31]  BonehDan,et al.  Efficient generation of shared RSA keys , 2001 .

[32]  Mahadev Satyanarayanan,et al.  Integrating security in a large distributed system , 1989, TOCS.