1 / 11

Separating Key Management from File System Security

Separating Key Management from File System Security. Presented by M. S. Ali Instructor: Prof. Stefan Sariou CSC 2231 Online Social Networking Systems November 29, 2007. Outline. Introduction Internet-scale File Distribution How it Works Self-Certifying Pathnames

una
Télécharger la présentation

Separating Key Management from File System Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Separating Key Management from File System Security Presented by M. S. Ali Instructor: Prof. Stefan Sariou CSC 2231 Online Social Networking Systems November 29, 2007

  2. Outline • Introduction • Internet-scale File Distribution • How it Works • Self-Certifying Pathnames • Authentication PKI / SPR • Other Approaches • Discussion • Conclusion

  3. Introduction • Self-certifying File System (SFS) • Secure, non-centralized, simple access • Portable across administration realms • Independent of key management • Use encryption over wire • Replace system-specific identifiers with secure tokens (SPR, file handles) • Implemented on NFS

  4. Internet-scale File Distribution • Access files from any client • Consistent file names across all clients • Simplify access to file stores • Localize administration • Simplify authentication across realms • Trust servers and clients • Assume hostile network in between

  5. How it Works sfsclient – client terminals sfscd – client daemon CLIENT server mappings RW R nfsmount sfsagents – file protocols RW R nfsmount sfssd – server daemon FILE SERVER NFS Modular set of client/server tools to access files in NFS using SUN RPC

  6. Self-Certifying Pathnames /sfs/LOCATION:HOSTID/ LOCATION IP address or DNS of file server HOSTID SHA-1(“HostInfo”, Location, PublicKey) e.g., /sfs/sfs.mit.edu:bzcc5hder7cuc86kf6qswyx6yuemnw69 Public certificate key Location of server (DNS/IP) Root directory is always /sfs Use symbolic links to chain file servers

  7. Authentication PKI sfsclient – client terminals sfscd – client daemon CLIENT server mappings sfsagent sfsagent authserv – authenticate FILE SERVER Local Database PUBLIC CERTS Remote Database Private certificate is stored in memory in sfsagent

  8. Authentication SPR sfsclient – client terminals OWNER SERVER sfscd – client daemon sfsagent server mappings CLIENT authserv – authenticate sfskey Owner Database sfsagent sfsagent authserv – authenticate FILE SERVER Local Database Generate certificate-based authentication from weak passwords using SPR

  9. Other Approaches • AFS – Kerberos/Passwords • Echo – Single root, hierarchical authentication, centralized • Truffles (w/ PEM), WebFS (HTTP) • Others not considered: • Capability Security • PolicyMaker

  10. Discussion • NFS bugs are the biggest security threat • SUN ONE – Ubiquitous Desktops • Security = key management + file system? • Why do we need a global-scale file system? • Does OSN give us a clue for how to share files better? • Middleman attacks ?

  11. Conclusions – 20/20 Vision • Modern advances in storage and P2P • “Do very little but do it very well.” • Global key management is infeasible • If you use certificates then you can't avoid key management • Cryptography gives good end-point security • Origination of files not considered

More Related