论文信息 - Secure file system services for web 2.0 applications

Secure file system services for web 2.0 applications

We present a design for a file system that provides a secure file storage service for Web 2.0 applications. Currently, each Web application stores its own user data. This not only burdens the applications with storing, managing, and securing user data but also deprives users from controlling their own data. With recent proposals of secure client-side cross-domain communication mechanisms, we can provide an independent file system service to Web applications. This service returns the control over user data back to the users, where users can share or restrict access to their files as they wish, and relieves web application servers from the contractual or regulatory obligation of safeguarding user data.

Hao Chen | Francis Hsu

[1] Mahadev Satyanarayanan,et al. Scale and performance in a distributed file system , 1987, SOSP '87.

[2] Hao Chen,et al. OMash: enabling secure web mashups via object abstractions , 2008, CCS.

[3] Roxana Geambasu,et al. Organizing and sharing distributed personal web-service data , 2008, WWW.

[4] Marianne Winslett,et al. Please Permit Me: Stateless Delegated Authorization in Mashups , 2008, 2008 Annual Computer Security Applications Conference (ACSAC).

[5] Amin Vahdat,et al. Webfs: a global cache coherent filesystem , 1996 .

[6] Christian D. Jensen,et al. Capability File Names: Separating Authorisation From User Management in an Internet File System , 2001, USENIX Security Symposium.

[7] Lisa Dusseault,et al. HTTP Extensions for Web Distributed Authoring and Versioning (WebDAV) , 2007, RFC.

[8] Helen J. Wang,et al. Protection and communication abstractions for web browsers in MashupOS , 2007, SOSP.

[9] Roxana Geambasu,et al. CloudViews: Communal Data Sharing in Public Clouds , 2009, HotCloud.

[10] Dan Walsh,et al. Design and implementation of the Sun network filesystem , 1985, USENIX Conference Proceedings.

[11] Brent Callaghan. WebNFS Client Specification , 1996, RFC.

[12] Angelos D. Keromytis,et al. WebDAVA: An administrator-free approach to Web file-sharing , 2003, WET ICE 2003. Proceedings. Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003..