Check out the new USENIX Web site. next up previous
Next: Introduction

Secure and Flexible Global File Sharing

Stefan Miltchev Vassilis Prevelakis Sotiris Ioannidis    
University of Pennsylvania Drexel University University of Pennsylvania    
John Ioannidis Angelos D. Keromytis Jonathan M. Smith    
AT&T Labs - Research Columbia University University of Pennsylvania    


Trust management credentials directly authorize actions, rather than divide the authorization task into authentication and access control. Unlike traditional credentials, which bind keys to principals, trust management credentials bind keys to the authorization to perform certain tasks.

The Distributed Credential FileSystem (DisCFS) uses trust management credentials to identify: (1) files being stored; (2) users; and (3) conditions under which their file access is allowed. Users share files by delegating access rights, issuing credentials in the style of traditional capabilities. Credentials permit, for example, access by remote users not known in advance to the file server, which simply enforces sharing policies rather than entangling itself in their management. Throughput and latency benchmarks of our prototype DisCFS implementation indicate performance roughly comparable to NFS version 2, while preserving the advantages of credentials for distributed control.

Keywords: Filesystems, access control, trust management, credentials.

next up previous
Next: Introduction
Stefan Miltchev