Title :
Security considerations when designing a distributed file system using object storage devices
Author :
Reed, Benjamin C. ; Smith, Mark A. ; Diklic, Dejan
Author_Institution :
IBM Almaden Res. Center, San Jose, CA, USA
Abstract :
We present the design goals that led us to developing a distributed object-based secure file system, Brave. Brave uses mutually authenticated object storage devices, SCARED, to store file system data. Rather than require a new authentication infrastructure. we show how we use a simple authentication protocol that is bridged into existing security infrastructures, even if there is more than one authentication protocol or domain present. We position our work in the context of some of the current work going on in distributed secure file systems and present our implementation of our file system. We also present some security weaknesses that are shared with other distributed file systems that may not be apparent when designing these systems.
Keywords :
Internet; client-server systems; cryptography; distributed databases; network operating systems; object-oriented databases; security of data; Brave; SCARED; authentication infrastructure; distributed object-based secure file system; distributed secure-file systems; file system data; mutually authenticated object storage devices; security weaknesses; simple authentication protocol; Access protocols; Authentication; Communication system security; Cryptography; Data security; File servers; File systems; Information security; Network servers; Secure storage;
Conference_Titel :
Security in Storage Workshop, 2002. Proceedings. First International IEEE
Print_ISBN :
0-7695-1888-5
DOI :
10.1109/SISW.2002.1183507
