Security and Decentralized Control in the SFS Global File System
نویسنده
چکیده
SFS (secure file system) is a global file system designed to be secure against all active and passive network attacks, provide a single namespace across all machines in the world, and avoid any form of centralized control. Using SFS, any unprivileged user can access any file server in the world securely and with no prior arrangement on the part of system administrators. New file servers are immediately accessible securely by all client machines. Users can name such new servers from any existing file system by specifying public keys in symbolic links. A prototype implementation of SFS installs easily, coexists with other file systems, and should port trivially to most UNIX platforms. Preliminary performance numbers on application benchmarks show that, despite its use of encryption and user-level servers, SFS delivers performance competitive with an in-kernel NFS implementation.
منابع مشابه
Decentralized Fuzzy-PID Based Control Model for a Multivariable Liquid Level System
Multivariable liquid level control is essential in process industries to ensure quality of the product and safety of the equipment. However, the significant problems of the control system include excessive time consumption and percentage overshoot, which result from ineffective performance of the tuning methods of the PID controllers used for the system. In this paper, fuzzy logic was used to t...
متن کاملEnhancing File Security by Integrating Steganography Technique in Linux Kernel
In today‟s world securing file data is very important. The proposed Secure File System (SFS) provides file data security using steganographic techniques in a transparent and convenient way. The proposed SFS pushes information hiding services into the Linux kernel space, mounting it between the Virtual File System layer and underlying file system. After SFS is integrated with the Linux operating...
متن کاملSFS-HTTP: Securing the Web with Self-Certifying URLs
The current solution to secure Web communication is SSL which relies on certificate authorities for key management, limiting the ability for individuals to independently set up secure Web sites and forcing them to trust a small number of third parties. We propose a new model for Web security— SFS-HTTP—based on SFS. While SFS uses self-certifying pathnames to separate key management from file sy...
متن کاملIntegrity and access control in untrusted content distribution networks
A content distribution network (CDN) makes a publisher’s content highly available to readers through replication on remote computers. Content stored on untrusted servers is susceptible to attack, but a reader should have confidence that content originated from the publisher and that the content is unmodified. This thesis presents the SFS read-only file system (SFSRO) and key regression in the C...
متن کاملREX: Secure, modular remote execution throughfile descriptor passing
The ubiquitous SSH package has demonstrated the importance of secure remote login and execution. This paper presents a new system, REX, designed to provide remote login and execution in the context of the SFS secure distributed file system. REX departs from traditional remote login design and is built around two main mechanisms— file descriptor passing and a user agent process. File descriptor ...
متن کامل