nach oben

The Journal of Supercomputing

Erschienen in:

01.03.2014

A secure file sharing service for distributed computing environments

verfasst von: Aniello Castiglione, Luigi Catuogno, Aniello Del Sorbo, Ugo Fiore, Francesco Palmieri

Erschienen in: The Journal of Supercomputing | Ausgabe 3/2014

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Distributed cryptographic file systems enable file sharing among their users and need the adoption of a key management scheme for the distribution of the cryptographic keys to authorized users according to their specific degree of trust. In this paper we describe the architecture of a basic secure file sharing facility relying on a multi-party threshold-based key-sharing scheme that can be overlaid on top of the existing stackable networked file systems, and discuss its application to the implementation of distributed cryptographic file systems. It provides flexible access control policies supporting multiple combination of roles and trust profiles. A proof of concept prototype implementation within the Linux operating system framework demonstrated its effectiveness in terms of performance and security robustness.

Vorheriger Artikel Deniability and forward secrecy of one-round authenticated key exchange

Nächster Artikel Ontology-based access control model for security policy reasoning in cloud computing

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Al Hasib A, Haque A (2008) A comparative study of the performance and security issues of aes and rsa cryptography. In: Third international conference on convergence and hybrid information technology, 2008, ICCIT ’08, vol 2, pp 505–510. doi:10.1109/ICCIT.2008.179 CrossRef

Badulescu I, Shender A, Zadok E (1998) Cryptfs: a stackable vnode level encryption file system. Department of Computer Science, Columbia University, Columbia University Computer Science Report CUCS-02198

Barolli L, Takizawa M (2010) Special issue on emerging trends in ubiquitous computing systems. J Ambient Intell Humaniz Comput 1(4):235–237. doi:10.1007/s12652-010-0026-y CrossRef

Biryukov A, Kushilevitz E (1998) From differential cryptanalysis to ciphertext-only attacks. In: Krawczyk H (ed) Advances in cryptology, CRYPTO ’98. Lecture notes in computer science, vol 1462. Springer, Berlin, pp 72–88. doi:10.1007/BFb0055721 CrossRef

Blaze M (1993) A cryptographic file system for UNIX. In: Proceedings of the 1st ACM conference on computer and communications security, CCS ’93. ACM, New York, pp 9–16. doi:10.1145/168588.168590

Blaze M (1994) Key management in an encrypting file system. In: Proceedings of the summer 1994 USENIX conference, pp 27–35

Boneh D, Franklin M (1997) Efficient generation of shared RSA keys. In: Kaliski Jr BS (ed) Advances in cryptology, CRYPTO ’97. Lecture notes in computer science, vol 1294. Springer, Berlin, pp 425–439. doi:10.1007/BFb0052253 CrossRef

Castiglione A, Cepparulo M, De Santis A, Palmieri F (2010) Towards a lawfully secure and privacy preserving video surveillance system. In: Buccafurri F, Semeraro G (eds) E-commerce and web technologies. Lecture notes in business information processing, vol 61. Springer, Berlin, pp 73–84. doi:10.1007/978-3-642-15208-5_7 CrossRef

Castiglione A, De Prisco R, De Santis A (2009) Do you trust your phone? In: Noia TD, Buccafurri F (eds) EC-web. Lecture notes in computer science, vol 5692. Springer, Berlin, pp 50–61

10.

Castiglione A, De Santis A, Soriente C (2007) Taking advantages of a disadvantage: digital forensics and steganography using document metadata. J Syst Softw 80(5):750–764 CrossRef

11.

Castiglione A, De Santis A, Soriente C (2010) Security and privacy issues in the portable document format. J Syst Softw 83(10):1813–1822 CrossRef

12.

Deswarte Y, Blain L, Fabre JC (1991) Intrusion tolerance in distributed computing systems. In: Proceedings of IEEE computer society symposium on research in security and privacy, 1991, pp 110–121. doi:10.1109/RISP.1991.130780 CrossRef

13.

French T, Bessis N, Xhafa F, Maple C (2011) Towards a corporate governance trust agent scoring model for collaborative virtual organisations. Int J Grid Util Comput 2(2):98–108. doi:10.1504/IJGUC.2011.040597 CrossRef

14.

Howard JH et al. (1988) An overview of the Andrew file system. Carnegie Mellon University, Information Technology Center

15.

Hsu CH (2012) Ubiquitous intelligence and computing: building smart environment in real and cyber space. J Ambient Intell Humaniz Comput 3(2):83–85. doi:10.1007/s12652-011-0074-y CrossRef

16.

Institute, A.N.S.: Triple data encryption algorithm modes of operation. ANSI X9.52-1998 (2001)

17.

Lindamood J, Heatherly R, Kantarcioglu M, Thuraisingham B (2009) Inferring private information using social network data. In: Proceedings of the 18th international conference on World wide web, WWW ’09. ACM, New York, pp 1145–1146. doi:10.1145/1526709.1526899 CrossRef

18.

Mazières D, Kaminsky M, Kaashoek MF, Witchel E (1999) Separating key management from file system security. SIGOPS Oper Syst Rev 33(5):124–139. doi:10.1145/319344.319160 CrossRef

19.

Menezes AJ, Van Oorschot PC, Vanstone SA (2010) Handbook of applied cryptography. CRC Press, Boca Raton

20.

Nagata A, Yamamura S, Tsuru M (2012) Data transfer exploiting multiple heterogeneous challenged networks—implementation and application. IJSSC 2(2):112–122 CrossRef

21.

Rejewski M, Kozaczuk W (1984) Summary of our methods for reconstructing ENIGMA and reconstructing daily keys, and of German efforts to frustrate those methods. Enigma: how the German cipher machine was broken, and how it was read by the Allies in World War II, pp 241–245

22.

Ristenpart T, Tromer E, Shacham H, Savage S (2009) Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM conference on computer and communications security, CCS ’09. ACM, New York, pp 199–212. doi:10.1145/1653662.1653687 CrossRef

23.

Russinovich M (1999) Inside encrypting file system, Part 1. http://windowsitpro.com/systems-management/inside-encrypting-file-system-part-1

24.

Russinovich M (1999) Inside encrypting file system, Part 2. http://windowsitpro.com/systems-management/inside-encrypting-file-system-part-2

25.

Sabzevar AP, Sousa JP (2011) Authentication, authorisation and auditing for ubiquitous computing: a survey and vision. IJSSC 1(1):59–67 CrossRef

26.

Sandber R, Goldberg D, Kleiman S, Walsh D, Lyon B (1985) Design and implementation of the sun network file system. In: Proceedings of USENIX summer conference, pp 119–130

27.

Satyanarayanan M (1989) Integrating security in a large distributed system. ACM Trans Comput Syst 7(3):247–280. doi:10.1145/65000.65002 CrossRef

28.

Shamir A (1979) How to share a secret. Commun ACM 22(11):612–613. doi:10.1145/359168.359176 CrossRefMATHMathSciNet

29.

Stallings W (2003) Cryptography and network security, principles and practices. Prentice Hall, New York

30.

National Institute of Standards and Technology: advanced encryption standard. NIST FIPS PUB 197 (2001)

31.

The OpenSSL Project: OpenSSL: The open source toolkit for SSL/TLS (2003). www.openssl.org

32.

US Department of Commerce/National Bureau of Standards, National Technical Information Service: DES modes of operation. Federal Information Processing Standards (1980)

33.

Wu T, Malkin M, Boneh D (1999) Building intrusion tolerant applications. In: Proceedings of the 8th conference on USENIX security symposium, SSYM99, vol 8. USENIX Association, Berkeley, p 7

Titel: A secure file sharing service for distributed computing environments
verfasst von: Aniello Castiglione
Luigi Catuogno
Aniello Del Sorbo
Ugo Fiore
Francesco Palmieri
Publikationsdatum: 01.03.2014
Verlag: Springer US
Erschienen in: The Journal of Supercomputing / Ausgabe 3/2014
Print ISSN: 0920-8542
Elektronische ISSN: 1573-0484
DOI: https://doi.org/10.1007/s11227-013-0975-y

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Weitere Artikel der Ausgabe 3/2014

Integrating the enriched feature with machine learning algorithms for human movement and fall detection

Deniability and forward secrecy of one-round authenticated key exchange

Scalable, low complexity, and fast greedy scheduling heuristics for highly heterogeneous distributed computing systems

A secure wireless communication system integrating RSA, Diffie–Hellman PKDS, intelligent protection-key chains and a Data Connection Core in a 4G environment

Ontology-based access control model for security policy reasoning in cloud computing

A fault-resistant implementation of AES using differential bytes between input and output

Premium Partner