DocumentCode
2341695
Title
Don´t trust your file server
Author
Mazires, D. ; Shasha, Dennis
Author_Institution
Dept. of Comput. Sci., New York Univ., NY, USA
fYear
2001
fDate
20-22 May 2001
Firstpage
113
Lastpage
118
Abstract
All too often, decisions about whom to trust in computer systems are driven by the needs of system management rather than data security. In particular data storage is often entrusted to people who have no role in creating or using the data-through outsourcing of data management, hiring of outside consultants to administer servers, or even collocation servers in physically insecure machine rooms to gain better network, connectivity. This paper outlines the design of SUNDR, a network file system designed to run on untrusted servers. SUNDR servers can safely be managed by people who have no permission to read or write data stored in the file system. Thus, people can base their trust decisions on who needs to use data and their administrative decisions on how best to manage the data. Moreover, with SUNDR, attackers will no longer be able to wreak havoc by compromising servers and tampering with data. They will need to compromise clients while legitimate users are logged on. Since clients do not need to accept incoming network connections, they can more easily be firewalled and protected from compromise than servers.
Keywords
file servers; security of data; SUNDR network file system; collocation servers; data management; data storage; network connectivity; outsourcing; untrusted servers; Computer science; Computer security; Data security; Data warehouses; Engineering profession; File servers; File systems; Memory; Network servers; Protection;
fLanguage
English
Publisher
ieee
Conference_Titel
Hot Topics in Operating Systems, 2001. Proceedings of the Eighth Workshop on
Print_ISBN
0-7695-1040-X
Type
conf
DOI
10.1109/HOTOS.2001.990070
Filename
990070
Link To Document