Title :
Paranoid: a global secure file access control system
Author :
Zaffar, Fareed ; Kedem, Gershon ; Gehani, Ashish
Author_Institution :
Dept. of Comput. Sci., Duke Univ., Durham, NC
Abstract :
The Paranoid file system is an encrypted, secure, global file system with user managed access control. The system provides efficient peer-to-peer application transparent file sharing. This paper presents the design, implementation and evaluation of the Paranoid file system and its access-control architecture. The system lets users grant safe, selective, UNIX-like, file access to peer groups across administrative boundaries. Files are kept encrypted and access control translates into key management. The system uses a novel transformation key scheme to effect access revocation. The file system works seamlessly with existing applications through the use of interposition agents. The interposition agents provide a layer of indirection making it possible to implement transparent remote file access and data encryption/decryption without any kernel modifications. System performance evaluations show that encryption and remote file-access overheads are small, demonstrating that the Paranoid system is practical
Keywords :
access control; cryptography; peer-to-peer computing; Paranoid file system; access revocation; access-control architecture; data decryption; data encryption; global secure file access control system; interposition agent; kernel modification; peer-to-peer application transparent file sharing; system performance evaluation; transformation key scheme; transparent remote file access; user managed access control; Access control; Application software; Computer science; Computer security; Cryptography; Data security; Error correction; Information security; Operating systems; Protection;
Conference_Titel :
Computer Security Applications Conference, 21st Annual
Conference_Location :
Tucson, AZ
Print_ISBN :
0-7695-2461-3
DOI :
10.1109/CSAC.2005.42
