Abstract

No secure network file system has ever grown to span the Internet. Existing systems all lack adequate key management for security at a global scale. Given the diversity of the Internet, any particular mechanism a file system employs to manage keys will fail to support many types of use. We propose separating key management from file system security, letting the world share a single global file system no matter how individuals manage keys. We present SFS, a secure file system that avoids internal key management. While other file systems need key management to map file names to encryption keys, SFS file names effectively contain public keys, making them self-certifying pathnames. Key management in SFS occurs outside of the file system, in whatever procedure users choose to generate file names. Self-certifying pathnames free SFS clients from any notion of administrative realm, making inter-realm file sharing trivial. They let users authenticate servers through a number of different tech...

Citations

1134	Security architecture for the internet protocol - Kent, Atkinson - 1998
1130	Random oracles are practical: A paradigm for designing efficient protocols - Bellare, Rogaway - 1993
808	The design and implementation of a log-structured file system - Rosenblum, Ousterhout - 1991
760	Scale and performance in a distributed file system - Howard, Kazar, et al. - 1988
581	Kerberos: An authentication service for open network systems - Steiner, Neuman, et al. - 1988
476	Fabry.Afast file system for UNIX - McKusick, Joy, et al. - 1984
408	Design and implementation of the sun network filesystem - Sandberg, Golgberg, et al.
403	Authentication in distributed systems: Theory and practice - Lampson, Abadi, et al. - 1992
288	Why aren't operating systems getting faster as fast as hardware - Ousterhout - 1990
163	Authentication in the Taos operating system - Wobber, Abadi, et al. - 1994
157	File system development with stackable layers - Heidemann, Popek - 1994
155	The secure remote password protocol - Wu - 1998
133	Description of a New Variable-Length Key, 64-Bit Block Cipher (Blowfish - Schneier - 1993
131	SSH – secure login connections over the Internet - Ylönen - 1996
106	C.: WebOS: Operating System Services For Wide Area Applications - Vahdat, Anderson, et al. - 1998
89	Integrating security in a large distributed system - Satyanarayanan - 1989
86	RPC: Remote procedure call protocol specification version 2 - Srinivasan - 1995
83	The Echo distributed file system - Birrell, Hisgen, et al. - 1993
79	XDR: External data representation standard - Srinivasan - 1995
65	A modification of the RSA public-key encryption procedure - Williams - 1980
61	DEcorum File System Architectural Overview - Kazar, Leverett, et al. - 1990
52	A Coherent Distributed File Cache with Directory Write-Behind - Mann, Birrell, et al. - 1994
49	The SSL protocol version 3.0. Internet draft (draft-freier-ssl-version3-02.txt), Network Working Group - Freier, Karlton, et al. - 1996
46	NFS version 3 protocol specification - Callaghan, Pawlowski, et al. - 1995
39	The exact security of digital signatures—how to sign with RSA and Rabin - Bellare, Rogaway
38	A global authentication service without global trust - Birrell, Lampson, et al. - 1986
37	The automounter - CALLAGHAN, LYON - 1989
31	SDSI—a simple distributed security infrastructure. Working document fromhttp://theory.lcs.mit.edu/˜cis/sdsi.html - Rivest, Lampson - 2002
28	Optimal asymmetric encryption-how to encrypt with RSA. Eurocrypt 1994, LNCS 950 - Bellare, Rogaway - 1994
18	A future-adaptable password scheme - Provos, Mazieres - 1999
11	Amd | an automounter - Pendry - 1990
8	secure and highly available file access in a distributed workstation environment - Scalable - 1990
7	and R.Thayer. A stream cipher encryption algorithm “Arcfour”. http://www.mozilla.org/projects/security/pki/nss/draftkaukonen-cipher-arcfour-03.txt - Kaukonen
5	SPKI certificate documentation. Work in progress, from http://www.pobox. com/˜cme/html/spki.html - Ellison, Frantz, et al. - 2002
5	Truffles — a secure service for widespread file sharing - Page, Popek, et al. - 1993