Cryptographically Enforced Permissions for Fully Decentralized File Systems

• Published in: 2010 IEEE Tenth International Conference on Peer-to-Peer Computing (P2P) pp. 1 - 10
• Main Authors: Amann, Johanna, Fuhrmann, Thomas
• Format: Conference Proceeding
• Language: English
• Published: IEEE 01.08.2010
• Subjects: Encryption; File systems; IEEE Communications Society; Peer to peer computing; Permission
• ISBN: 1424471400; 9781424471409
• ISSN: 2161-3559
• DOI: 10.1109/P2P.2010.5569990

Distributed file systems nowadays work well in many ways. They provide efficient solutions, for example, to distribute data among a global team. But most systems do not address the complex subject of secure user and group management. The systems that do, usually offer only a very limited subset of access permissions that is incompatible to the permissions usually used in Unix-like systems. In this paper, we propose a new system for user and group management, which cryptographically enforces access permissions in fully decentralized file systems. Our proposal is twofold: an integrity verification algorithm checks the validity of the current file system state; a cryptographic data protection scheme, added on top of the integrity verification, preserves the privacy of the file system content. Except for signatures, our system uses symmetric cryptography only. It thus incurs only a reasonable cryptographic cost in the system.