ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Decentralized user authentication in a global file system
Full text PdfPdf (144 KB)
Source ACM Symposium on Operating Systems Principles archive
Proceedings of the nineteenth ACM symposium on Operating systems principles table of contents
Bolton Landing, NY, USA
SESSION: File and storage systems table of contents
Pages: 60 - 73  
Year of Publication: 2003
ISBN:1-58113-757-5
Also published in ...
Authors
Michael Kaminsky  MIT Computer Science and Artificial Intelligence Laboratory
George Savvides  McGill University School of Computer Science
David Mazieres  NYU Department of Computer Science
M. Frans Kaashoek  MIT Computer Science and Artificial Intelligence Laboratory
Sponsors
SIGOPS: ACM Special Interest Group on Operating Systems
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 12,   Downloads (12 Months): 94,   Citation Count: 9
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/945445.945452
What is a DOI?

ABSTRACT

The challenge for user authentication in a global file system is allowing people to grant access to specific users and groups in remote administrative domains, without assuming any kind of pre-existing administrative relationship. The traditional approach to user authentication across administrative domains is for users to prove their identities through a chain of certificates. Certificates allow for general forms of delegation, but they often require more infrastructure than is necessary to support a network file system.This paper introduces an approach without certificates. Local authentication servers pre-fetch and cache remote user and group definitions from remote authentication servers. During a file access, an authentication server can establish identities for users based just on local information. This approach is particularly well-suited to file systems, and it provides a simple and intuitive interface that is similar to those found in local access control mechanisms. An implementation of the authentication server and a file server supporting access control lists demonstrate the viability of this design in the context of the Self-certifying File System (SFS). Experiments demonstrate that the authentication server can scale to groups with tens of thousands of members.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
Atul Adya , William J. Bolosky , Miguel Castro , Gerald Cermak , Ronnie Chaiken , John R. Douceur , Jon Howell , Jacob R. Lorch , Marvin Theimer , Roger P. Wattenhofer, Farsite: federated, available, and reliable storage for an incompletely trusted environment, Proceedings of the 5th symposium on Operating systems design and implementation

Due to copyright restrictions we are not able to make the PDFs for this conference available for downloading

, December 09-11, 2002, Boston, Massachusetts  [doi>10.1145/1060289.1060291]
 
2
Eshwar Belani, Amin Vahdat, Thomas Anderson, and Michael Dahlin. The CRISIS wide area security architecture. In Proceedings of the 7th USENIX Security Symposium, pages 15--30, San Antonio, TX, January 1998.
 
3
Berkeley DB. http://www.sleepycat.com/.
 
4
Andrew D. Birrell, Andy Hisgen, Chuck Jerian, Timothy Mann, and Garret Swart. The Echo distributed file system. Technical Report 111, Digital Systems Research Center, Palo Alto, CA, September 1993.
 
5
Andrew D. Birrell, Butler W. Lampson, Roger M. Needham, and Michael D. Schroeder. A global authentication service without global trust. In Proceedings of the 1986 IEEE Symposium on Security and Privacy, pages 223--230, Oakland, CA, 1986.
6
Andrew D. Birrell , Roy Levin , Michael D. Schroeder , Roger M. Needham, Grapevine: an exercise in distributed computing, Communications of the ACM, v.25 n.4, p.260-274, April 1982  [doi>10.1145/358468.358487]
 
7
Randy Butler , Von Welch , Douglas Engert , Ian Foster , Steven Tuecke , John Volmer , Carl Kesselman, A National-Scale Authentication Infrastructure, Computer, v.33 n.12, p.60-66, December 2000  [doi>10.1109/2.889094]
 
8
B. Callaghan, B. Pawlowski, and P. Staubach. NFS version 3 protocol specification. RFC 1813, Network Working Group, June 1995.
 
9
Dwaine Clarke. SPKI/SDSI HTTP server/certificate chain discovery in SPKI/SDSI. Master's thesis, Massachusetts Institute of Technology, September 2001.
 
10
T. Dierks and C. Allen. The TLS protocol. RFC 2246, Network Working Group, January 1999.
 
11
C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, and T. Ylönen. SPKI certificate theory. RFC 2693, Network Working Group, September 1999.
 
12
Carl M. Ellison, Bill Frantz, Butler Lampson, Ron Rivest, Brian M. Thomas, and Tatu Ylönen. SPKI certificate documentation. Work in progress, from http://www.pobox.com/~cme/html/spki.html, 2002.
 
13
FIPS 180-1. Secure Hash Standard. U.S. Department of Commerce/N.I.S.T., National Technical Information Service, Springfield, VA, April 1995.
 
14
I. Foster and C. Kesselman. Globus: A metacomputing infrastructure toolkit. Intl J. Supercomputer Applications, 11 (2): 115--128, 1997.
15
Ian Foster , Carl Kesselman , Gene Tsudik , Steven Tuecke, A security architecture for computational grids, Proceedings of the 5th ACM conference on Computer and communications security, p.83-92, November 02-05, 1998, San Francisco, California, United States  [doi>10.1145/288090.288111]
 
16
Alan O. Freier, Philip Karlton, and Paul C. Kocher. The SSL protocol version 3.0. Internet draft (draft-freier-ssl-version3-02.txt), Network Working Group, November 1996. Work in progress.
 
17
Morrie Gasser, Andy Goldstein, Charlie Kaufman, and Butler Lampson. The Digital distributed system security architecture. In Proceedings of the 12th NIST-NCSC National Computer Security Conference, pages 305--319, Baltimore, MD, October 1989. URL citeseer.nj.nec.com/gasser89digital.html.
18
John H. Howard , Michael L. Kazar , Sherri G. Menees , David A. Nichols , M. Satyanarayanan , Robert N. Sidebotham , Michael J. West, Scale and performance in a distributed file system, ACM Transactions on Computer Systems (TOCS), v.6 n.1, p.51-81, Feb. 1988  [doi>10.1145/35037.35059]
 
19
Jon Howell and David Kotz. End-to-end authorization. In Proceedings of the 4th Symposium on Operating Systems Design and Implementation, pages 151--164, San Diego, CA, October 2000.
 
20
Michael Kaminsky, Eric Peterson, Kevin Fu, David Mazières, and M. Frans Kaashoek. REX: Secure, modular remote execution through file descriptor passing. Technical Report MIT-LCS-TR-884, MIT Laboratory for Computer Science, January 2003.
21
John Kubiatowicz , David Bindel , Yan Chen , Steven Czerwinski , Patrick Eaton , Dennis Geels , Ramakrishna Gummadi , Sean Rhea , Hakim Weatherspoon , Chris Wells , Ben Zhao, OceanStore: an architecture for global-scale persistent storage, Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, p.190-201, November 2000, Cambridge, Massachusetts, United States
22
Butler Lampson , Martín Abadi , Michael Burrows , Edward Wobber, Authentication in distributed systems: theory and practice, ACM Transactions on Computer Systems (TOCS), v.10 n.4, p.265-310, Nov. 1992  [doi>10.1145/138873.138874]
23
David Mazières , Michael Kaminsky , M. Frans Kaashoek , Emmett Witchel, Separating key management from file system security, Proceedings of the seventeenth ACM symposium on Operating systems principles, p.124-139, December 12-15, 1999, Charleston, South Carolina, United States
 
24
Microsoft Windows 2000 Advanced Server Documentation. http://www.microsoft.com/windows2000/en/advanced/help/.
 
25
Stefan Miltchev, Vassilis Prevelakis, Sotiris Ioannidis, John Ioannidis, Angelos D. Keromytis, and Jonathan M. Smith. Secure and flexible global file sharing. In Proceedings of the USENIX 2003 Annual Technical Conference, Freenix Track, pages 165--178, San Antonio, TX, June 2003.
 
26
Alexander Morcos. A java implementation of simple distributed security infrastructure. Master's thesis, Massachusetts Institute of Technology, May 1998.
 
27
Jude Regan and Christian Jensen. Capability file names: Separating authorisation from user management in an internet file system. In Proceedings of the 10th USENIX Security Symposium, pages 221--234, Washington, D.C., 2001.
 
28
Ronald L. Rivest and Butler Lampson. SDSI---a simple distributed security infrastructure. Working document from: http://theory.lcs.mit.edu/~cis/sdsi.html, 2002.
29
Mendel Rosenblum , John K. Ousterhout, The design and implementation of a log-structured file system, Proceedings of the thirteenth ACM symposium on Operating systems principles, p.1-15, October 13-16, 1991, Pacific Grove, California, United States
 
30
R. Srinivasan. RPC: Remote procedure call protocol specification version 2. RFC 1831, Network Working Group, August 1995.
 
31
J. G. Steiner, B. C. Neuman, and J. I. Schiller. Kerberos: An authentication service for open network systems. In Proceedings of the Winter 1988 USENIX, pages 191--202, Dallas, TX, February 1988.
 
32
Mohammad Amin Vahdat , Thomas E. Anderson , John D. Kubiatowicz, Operating system services for wide-area applications, 1998
33
Brian S. White , Michael Walker , Marty Humphrey , Andrew S. Grimshaw, LegionFS: a secure and scalable file system supporting cross-domain high-performance applications, Proceedings of the 2001 ACM/IEEE conference on Supercomputing (CDROM), p.59-59, November 10-16, 2001, Denver, Colorado  [doi>10.1145/582034.582093]
34
Edward Wobber , Martín Abadi , Michael Burrows , Butler Lampson, Authentication in the Taos operating system, ACM Transactions on Computer Systems (TOCS), v.12 n.1, p.3-32, Feb. 1994  [doi>10.1145/174613.174614]
 
35
Thomas Wu. The secure remote password protocol. In Proceedings of the 1998 Internet Society Network and Distributed System Security Symposium, pages 97--111, San Diego, CA, March 1998.
 
36
X.509. Recommendation X.509: The Directory Authentication Framework. ITU-T (formerly CCITT) Information technology Open Systems Interconnection, December 1988.
 
37
Tatu Ylönen. SSH -- secure login connections over the Internet. In Proceedings of the 6th USENIX Security Symposium, pages 37--42, San Jose, CA, July 1996.
 
38
Philip Zimmermann, PGP source code and internals, MIT Press, Cambridge, MA, 1995

CITED BY  9
Vishal Kher , Yongdae Kim, Securing distributed storage: challenges, techniques, and systems, Proceedings of the 2005 ACM workshop on Storage security and survivability, November 11-11, 2005, Fairfax, VA, USA
Urs Hengartner , Peter Steenkiste, Access control to people location information, ACM Transactions on Information and System Security (TISSEC), v.8 n.4, p.424-456, November 2005
Avishay Traeger , Erez Zadok , Nikolai Joukov , Charles P. Wright, A nine year study of file system and storage benchmarking, ACM Transactions on Storage (TOS), v.4 n.2, p.1-56, May 2008
Paul Lu , Michael Closson , Cam Macdonell , Paul Nalos , Danny Ngo , Morgan Kan , Mark Lee, The Trellis security infrastructure for overlay metacomputers and bridged distributed file systems, Journal of Parallel and Distributed Computing, v.66 n.9, p.1181-1188, September 2006
Ted Wobber , Aydan Yumerefendi , Martín Abadi , Andrew Birrell , Daniel R. Simon, Authorizing applications in singularity, ACM SIGOPS Operating Systems Review, v.41 n.3, June 2007
Ming Zhao , Renato J. Figueiredo, A user-level secure grid file system, Proceedings of the 2007 ACM/IEEE conference on Supercomputing, November 10-16, 2007, Reno, Nevada
Ted Faber , John Wroclawski, Access control for federation of Emulab-based network testbeds, Proceedings of the conference on Cyber security experimentation and test, p.1-6, July 28, 2008, San Jose, CA
Stefan Miltchev , Jonathan M. Smith , Vassilis Prevelakis , Angelos Keromytis , Sotiris Ioannidis, Decentralized access control in distributed file systems, ACM Computing Surveys (CSUR), v.40 n.3, p.1-30, August 2008
Jeffrey Hemmes , Douglas Thain, Cacheable Decentralized Groups for Grid Resource Access Control, Proceedings of the 7th IEEE/ACM International Conference on Grid Computing, p.192-199, September 28-29, 2006

INDEX TERMS

Primary Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Authentication

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.4 Distributed Systems
          Subjects: Distributed databases

  D. Software
  D.4 OPERATING SYSTEMS
      D.4.3 File Systems Management
          Subjects: Distributed file systems
      D.4.6 Security and Protection
          Subjects: Access controls

  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
      K.6.5 Security and Protection (D.4.6, K.4.2)
          Subjects: Authentication


General Terms:
Design, Security


Keywords:
ACL, SFS, authentication, authorization, credentials, file system, groups, users

Collaborative Colleagues:
Michael Kaminsky: colleagues
George Savvides: colleagues
David Mazieres: colleagues
M. Frans Kaashoek: colleagues
This Article has also been published in:

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player