Kevin Fu. Group sharing and random access in cryptographic storage file systems. Master's thesis, Massachusetts Institute of Technology, May 1999.  Home/Search   Document Details and Download   Summary   Related Articles   Check

.... sledgehammer denial of service attack, in which an administrator deletes all files. File Sharing. The ability to share files amongst users is essential in a network file system. SiRiUS users must be able to share a file easily with other users of the system. Existing cryptographic file systems [2, 35, 1, 7, 13] limit their own usefulness because they either provide very coarse sharing at the directory or file system level or fail to distinguish between read and write access. File systems that do provide per file sharing [24, 19, 29, 18] rely on a trusted authentication mechanism residing on the file ....

....[35] is similar to CFS except that symmetric keys are associated with groups of files. These group file keys permit group sharing but no read write access controls. The Extended Cryptographic File System (ECFS) 1] extends CFS to provide file integrity. The Cryptographic Storage File System (CSFS) [13] is similar to CFS but also supports file integrity and group sharing of files. However, CSFS does not provide read write access controls. CSFS also relies on a highly trusted group database server that determines group membership (and hence access control) The Transparent Cryptographic File ....

K. Fu. Group sharing and random access in cryptographic storage file systems. Master's thesis, Massachusetts Institute of Technology, June 1999.

....that get transparently encrypted before being written to disk. CFS does not allow sharing of files between users, nor does it guarantee freshness or integrity of data. It is intended for users to protect their most sensitive files from prying eyes, not as a general purpose file system. Cepheus [8] adds integrity and file sharing to a CFS like file system, but trusts the server for the integrity of read shared data. SNAD [14] can use digital signatures for integrity, but does not guarantee freshness. PFS [17] is an elegant scheme for checking the integrity of a file system stored on an ....

Kevin Fu. Group sharing and random access in cryptographic storage file systems. Master's thesis, Massachusetts Institute of Technology, May 1999.

....that get transparently encrypted before being written to disk. CFS does not allow sharing of files between users, nor does it guarantee freshness or integrity of data. It is intended for users to protect their most sensitive files from prying eyes, not as a general purpose file system. Cepheus [8] adds integrity and file sharing to a CFS like file system, but trusts the server for the integrity of read shared data. SNAD [13] can use digital signatures for integrity, but does not guarantee freshness. PFS [16] is an elegant scheme for checking the integrity of a file system stored on an ....

Kevin Fu. Group sharing and random access in cryptographic storage file systems. Master's thesis, Massachusetts Institute of Technology, May 1999.

....that get transparently encrypted before being written to disk. CFS does not allow sharing of files between users, nor does it guarantee freshness or integrity of data. It is intended for users to protect their most sensitive files from prying eyes, not as a general purpose file system. Cepheus [5] adds integrity and file sharing to a CFS like file system, but trusts the server for the integrity of read shared data. The Byzantine fault tolerant file system, BFS [3] uses replication to ensure the integrity of a network file system. As long as more than 2 3 of a server s replicas are ....

K. Fu. Group sharing and random access in cryptographic storage file systems. Master's thesis, Massachusetts Institute of Technology, May 1999.

....not of bulk file data. Appears in the Proceedings of the 1st Conference on File and Storage Technologies (FAST) Monterey, CA, January 2002. 2 tral point for attack. A variant of such a key distribution scheme is proposed in SFS [Mazieres99, Fu00] and further expanded in the Cepheus file system [Fu99]. The SNAD system [Miller02] combines aspects of both CFS (on disk encryption) and SFS (secure communication and authentication) into a single encrypt on disk system. Even though many secure storage systems have been proposed and described individually, there is no systematic way to compare and ....

....which may be done as follows: a) aggressive re encryption immediately after a revocation, re write data with a new key. Copies of data distributed under the old key in the past remain readable. b) lazy re encryption delay re encryption of the file to the next time it is updated [Fu99] or read. This saves encryption work for rarely accessed files, but leaves data vulnerable longer. c) periodic re encryption change keys and rewrite data periodically to limit the window of vulnerability [Gobioff99a] The distinction between aggressive and lazy re encryption is a general ....

[Article contains additional citation context not shown here]

K. Fu. Group sharing and random access in cryptographic storage file systems. MIT Master's Thesis, June 1999.

No context found.

Kevin Fu. Group sharing and random access in cryptographic storage file systems. Master's thesis, Massachusetts Institute of Technology, May 1999.

....how AFS defines access rights) Specifically, two encrypted files from two different directories may belong to the same filegroup. Thus, filegroups can be viewed as an invisible overlay on the directory structure. A previous study [40] mistakenly attributes the filegroup concept to Cepheus [13] instead of itself. Filegroups uniquely identify all keys that a user needs to perform an operation on a file. This filegroup information can be located together with the rest of the meta data about the file, for instance, in the UNIX FFS inode (replacing the group and mode bits) or by adding an ....

....on them. Here we describe the structures; later sections discuss these design decisions in more detail. Every file in Plutus is divided into several blocks, and each block is encrypted with a unique symmetric key (such as a DES key) called a file block key. The lockbox, based on ideas in Cepheus [13], holds the file block keys for all the blocks of the file and is read and written by file lockbox keys. File lockbox keys are symmetric keys and are given to readers and writers alike. Alternatively, Plutus could use a single file block key for all blocks of a file and include an initialization ....

[Article contains additional citation context not shown here]

K. Fu. Group sharing and random access in cryptographic storage file systems. Master's thesis, MIT, June 1999.

....systems. Merkle used a hierarchy of hashes for an efficient digital signature scheme [19] In the context of file systems, the Byzantine fault tolerant file system uses hierarchical hashes for efficient state transfers between clients and replicas [6; 7] The cryptographic storage file system [13] uses cryptographic hashes in a similar fashion to the SFS read only file system. Duchamp uses hierarchical hashes to efficiently compare two file systems in a toolkit for partially connected operation [8] TDB [17] uses hash trees combined with a small amount of trusted storage to construct a ....

Kevin Fu. Group sharing and random access in cryptographic storage file systems. Master's thesis, Massachusetts Institute of Technology, May 1999.

....systems. Merkle used a hierarchy of hashes for an efficient digital signature scheme [18] In the context of file systems, the Byzantine fault tolerant file system uses hierarchical hashes for efficient state transfers between clients and replicas [5, 6] The cryptographic storage file system [12] uses cryptographic hashes in a similar fashion to the SFS readonly file system. Duchamp uses hierarchical hashes to efficiently compare two file systems in a toolkit for partially connected operation [7] TDB [16] uses hash trees combined with a small amount of trusted storages to construct a ....

Kevin Fu. Group sharing and random access in cryptographic storage file systems. Master's thesis, Massachusetts Institute of Technology, June 1999.

No context found.

K. Fu, "Group sharing and random access in cryptographic storage file systems," Master's thesis, Massachusetts Institute of Technology, 1999.

No context found.

Kevin E. Fu. Group Sharing and Random Access in Cryptographic Storage File Systems. Massachusetts Institute of Technology, Jun 1999. (Cepheus)

No context found.

K. Fu. Group Sharing and Random Access in Cryptographic Storage File Systems. Master's thesis, Massachusetts Institute of Technology, June 1999.

No context found.

K. Fu, Group Sharing and Random Access in Cryptographic Storage Filesystems, MIT Master's Thesis, 1999.

No context found.

Kevin Fu. Group sharing and random access in cryptographic storage file systems. Master's thesis, Massachusetts Institute of Technology, May 1999.

No context found.

K. Fu, \Group Sharing and Random Access in Cryptographic Storage File Systems", MIT M.Eng. Thesis, 1999

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC