cepheus a new encrypted file system with group sharing
play

Cepheus: A New Encrypted File System with Group Sharing and - PowerPoint PPT Presentation

Aug 19, 2022 •468 likes •596 views

Cepheus: A New Encrypted File System with Group Sharing and Integrity Protection Kevin Fu Course VI-3A April 26, 1999 On-Campus Thesis Advisor: Ron Rivest Bellcore Company Supervisor: S. Rajagopalan 4/26/99 Cepheus: The Cryptographic

  1. Cepheus: A New Encrypted File System with Group Sharing and Integrity Protection Kevin Fu Course VI-3A April 26, 1999 On-Campus Thesis Advisor: Ron Rivest Bellcore Company Supervisor: S. Rajagopalan 4/26/99 Cepheus: The Cryptographic Storage File System 1

  2. What is Cepheus? • Confidentiality and integrity protection of data stored on a network file system • Securely maintain UNIX semantics (file sharing, random access) • NFS drop-in replacement 4/26/99 Cepheus: The Cryptographic Storage File System 2

  3. Key Problems for Secure Storage • Problems: – Manual encryption cumbersome – Protection against malicious system administrators • Solution: Encrypt stored data • Side effects: – Loss of random access to data – No guarantee of integrity 4/26/99 Cepheus: The Cryptographic Storage File System 3

  4. Client-Side User Agent •Encryption/decryption •Integrity check Client Daemon •Cache per user agent •Delayed-write-encryption policy for caching •Delayed re-encryption for distributed re-encryption 4/26/99 Cepheus: The Cryptographic Storage File System 4

  5. Server-Side File Server •Encrypted storage •Hash tree structure beneath the inode for integrity Authentication Server •Key distribution •Key recovery 4/26/99 Cepheus: The Cryptographic Storage File System 5

  6. File Structures 4/26/99 Cepheus: The Cryptographic Storage File System 6

  7. O(1) Sequential Read of a Block • If block not cached, CD obtains ciphertext block from SD • If block not decrypted, request UA to decrypt • If hash path unauthenticated, compute hashes and AICF 4/26/99 Cepheus: The Cryptographic Storage File System 7

  8. Writes O(log n) • CD writes plaintext block to cache, not SD • When cache flushed: – Compute hash paths of dirty blocks. – Compute AICF – Write changed hash paths and AICF to SD – Encrypt, send to SD. 4/26/99 Cepheus: The Cryptographic Storage File System 8

  9. Integrity Failures • When an integrity check fails, the client daemon refuses to serve the file (returns NFS_ERR_IO) • User agent notified of integrity check failure • Can attempt recovery of file via user agent 4/26/99 Cepheus: The Cryptographic Storage File System 9

  10. Performance Results Read NFS Integrity Confidentiality Write 0 50 100 Time (ms) 4/26/99 Cepheus: The Cryptographic Storage File System 10

  11. Conclusions • Provides efficient random access to confidential, integrity-protected data • Enables secure group sharing • Uses a well-understood file system interface • Surveys a wide range of cryptographic storage file systems 4/26/99 Cepheus: The Cryptographic Storage File System 11

  12. Anticipated Q/A 4/26/99 Cepheus: The Cryptographic Storage File System 12

Recommend

Metal A Metadata-Hiding File-Sharing System Weikeng Chen Raluca Ada Popa UC Berkeley

Metal A Metadata-Hiding File-Sharing System Weikeng Chen Raluca Ada Popa UC Berkeley

Metal A Metadata-Hiding File-Sharing System Weikeng Chen Raluca Ada Popa UC Berkeley End-to-end encrypted file sharing Academia: DepSky, M-Aegis, Mylar, Plutus, ShadowCrypt, Sieve, SiRiUS Industry: Encryption is not enough: Metadata still

1.17k views • 45 slides
The Distributed File System (DFS) The sharing of stored information is perhaps the most important

The Distributed File System (DFS) The sharing of stored information is perhaps the most important

The Distributed File System (DFS) The sharing of stored information is perhaps the most important aspect of distributed resource sharing Introducing DFSs The design of large-scale wide-area read-write file storage systems poses problems of

1k views • 21 slides
File Systems Chapter 11, 13 OSPP What is a File? What is a Directory? Goals of File System

File Systems Chapter 11, 13 OSPP What is a File? What is a Directory? Goals of File System

File Systems Chapter 11, 13 OSPP What is a File? What is a Directory? Goals of File System Performance Controlled Sharing Convenience: naming Reliability File System Workload File sizes Are most files small or large?

996 views • 62 slides
DEFY: A Deniable, Encrypted File System for Log-Structured Storage. Timothy M. Peters, Mark A.

DEFY: A Deniable, Encrypted File System for Log-Structured Storage. Timothy M. Peters, Mark A.

DEFY: A Deniable, Encrypted File System for Log-Structured Storage. Timothy M. Peters, Mark A. Gondree, and Zachary N. J. Peterson. In NDSS'15 Presented by Fengwei Zhang Wayne State University CSC 6991 Advanced Computer Security 1

576 views • 21 slides
DEFY: A Deniable, Encrypted File System for Log-Structured Storage. Timothy M. Peters, Mark A.

DEFY: A Deniable, Encrypted File System for Log-Structured Storage. Timothy M. Peters, Mark A.

DEFY: A Deniable, Encrypted File System for Log-Structured Storage. Timothy M. Peters, Mark A. Gondree, and Zachary N. J. Peterson. In NDSS'15 Presented by Fengwei Zhang Wayne State University CSC 6991 Topics in Computer Security 1

695 views • 20 slides
DEFY: A Deniable, Encrypted File System for Log Structured Storage WRITTEN BY: PRESENTED BY:

DEFY: A Deniable, Encrypted File System for Log Structured Storage WRITTEN BY: PRESENTED BY:

DEFY: A Deniable, Encrypted File System for Log Structured Storage WRITTEN BY: PRESENTED BY: TIMOTHY PETERS NICHOLAS BURTON MARK GONDREE ZACHARY PETERSON What is encryption? Why hide encryption? Previous Work on the Matter u Anderson and

550 views • 39 slides
Distributed File Systems Distributed File Systems A distributed file system (DFS) is a

Distributed File Systems Distributed File Systems A distributed file system (DFS) is a

Distributed File Systems Distributed File Systems A distributed file system (DFS) is a distributed Definitions implementation of a classical time-sharing model of a file Distributed system - A number of loosely coupled system. machines

997 views • 8 slides
Encrypted File Systems Don Porter CSE 506 Goals Protect confidentiality of data at rest

Encrypted File Systems Don Porter CSE 506 Goals Protect confidentiality of data at rest

Encrypted File Systems Don Porter CSE 506 Goals Protect confidentiality of data at rest (i.e., on disk) Even if the media is lost or stolen Protecting confidentiality of in-memory data much harder Continue using file system features

227 views • 19 slides
Chapter 11: File-System Interface File Concept Access Methods Directory Structure

Chapter 11: File-System Interface File Concept Access Methods Directory Structure

Chapter 11: File-System Interface File Concept Access Methods Directory Structure File System Mounting File Sharing Protection Operating System Concepts Silberschatz, Galvin and Gagne 2002 11.1 File Concept

387 views • 15 slides
Designing an NFS-based Mobile Distributed File System for Ephemeral Sharing in Proximity Networks

Designing an NFS-based Mobile Distributed File System for Ephemeral Sharing in Proximity Networks

Designing an NFS-based Mobile Distributed File System for Ephemeral Sharing in Proximity Networks Nikolaos Michalakis Dimitris Kalofonos Computer Science Department Pervasive Computing Group (PCG) New York University, New York, NY Nokia

609 views • 19 slides
Supporting Less-Than Queries on Encrypted Data using Multi-Server Secret Sharing and Practical

Supporting Less-Than Queries on Encrypted Data using Multi-Server Secret Sharing and Practical

Supporting Less-Than Queries on Encrypted Data using Multi-Server Secret Sharing and Practical Order-Revealing Encryption Nate Chenette ICERM conference on Encrypted Search June 12, 2019 Project Background Baffle Inc. https://baffle.io/

407 views • 23 slides
= i P max n yh ( y ) dy u ( Q ) c ( Q )

= i P max n yh ( y ) dy u ( Q ) c ( Q )

Contents A public good model for p2p An Asymptotically Optimal Scheme Simple contribution policies with exclusions for P2P File Sharing An application to file sharing heterogeneous file popularity stability Panayotis

460 views • 5 slides
Chapter 12: File System Implementation File System Structure File System Implementation

Chapter 12: File System Implementation File System Structure File System Implementation

Chapter 12: File System Implementation File System Structure File System Implementation Directory Implementation Allocation Methods Free-Space Management Efficiency and Performance Recovery Log-Structured File Systems

492 views • 47 slides
~FILE SYSTEM~ SUNU WIBIRAMA OUTLINE FILE SYSTEM ACCESS METHODS DIRECTORY STRUCTURE FILE

~FILE SYSTEM~ SUNU WIBIRAMA OUTLINE FILE SYSTEM ACCESS METHODS DIRECTORY STRUCTURE FILE

~FILE SYSTEM~ SUNU WIBIRAMA OUTLINE FILE SYSTEM ACCESS METHODS DIRECTORY STRUCTURE FILE SYSTEM MOUNTING PROTECTION EXTERNAL VIEW OF THE FILE MANAGER FILE MANAGEMENT FILE, IS A NAMED AND ORDERED COLLECTION OF INFORMATION COMPUTER SHOULD

341 views • 33 slides
LinShare project version 0.8 File sharing and vault application RMLL 2010 Slideshow LinShare

LinShare project version 0.8 File sharing and vault application RMLL 2010 Slideshow LinShare

LinShare project version 0.8 File sharing and vault application RMLL 2010 Slideshow LinShare project LinShare uses : File sharing - Big files support - Enterprise directory support - Group management - Electronic signature (embedded and

363 views • 17 slides
Central philosophy of the work Making Gnutella-like P2P File-sharing is a dominant P2P

Central philosophy of the work Making Gnutella-like P2P File-sharing is a dominant P2P

Central philosophy of the work Making Gnutella-like P2P File-sharing is a dominant P2P application Systems Scalable DHTs might not be suitable for file-sharing Gnutellas design Presented by: Karthik Lakshminarayanan

393 views • 5 slides
Samba Lets Dance! Computer Center, CS, NCTU Network-based File Sharing (1) NFS

Samba Lets Dance! Computer Center, CS, NCTU Network-based File Sharing (1) NFS

Samba Lets Dance! Computer Center, CS, NCTU Network-based File Sharing (1) NFS (UNIX-based) mountd is responsible for mount request nfsd and nfsiod Based on RPC CIFS (Microsoft) Common Internet File System

440 views • 26 slides
CSE 120 File System Interface What the user/programmer sees File System Implementation

CSE 120 File System Interface What the user/programmer sees File System Implementation

Overview CSE 120 File System Interface What the user/programmer sees File System Implementation How it works Summer, 2006 Day 9 File Systems Instructor: Neil Rhodes 2 What is a File? Typical Filesystem Named collection of related

175 views • 5 slides
File System Implementation Summer 2016 Cornell University Today File allocation Unix

File System Implementation Summer 2016 Cornell University Today File allocation Unix

CS 4410 Operating Systems File System Implementation Summer 2016 Cornell University Today File allocation Unix file system Log-structured file system 2 File system: two design problems User interface: File, directory,

362 views • 21 slides
Wharf: Sharing Docker Image in a Distributed File System Chao Zheng, Lukas Rupprecht, Vasily

Wharf: Sharing Docker Image in a Distributed File System Chao Zheng, Lukas Rupprecht, Vasily

Wharf: Sharing Docker Image in a Distributed File System Chao Zheng, Lukas Rupprecht, Vasily Tarasov, Douglas Thain, Mohamed Mohamed, Dimitrios Skourtis, Amit S. Warke and Dean Hildebrand 1 Problem High Network and Storage Overheads 2

759 views • 18 slides
The Road Ahead p2p file sharing techniques Downloading: Whole-file vs. chunks

The Road Ahead p2p file sharing techniques Downloading: Whole-file vs. chunks

CS 640: Introduction to Computer Networks Aditya Akella Lecture 24 - Peer-to-Peer The Road Ahead p2p file sharing techniques Downloading: Whole-file vs. chunks Searching Centralized index (Napster, etc.) Flooding

288 views • 10 slides
Understanding Peer-to-Peer Networking and File- Sharing Introduction Although the recent

Understanding Peer-to-Peer Networking and File- Sharing Introduction Although the recent

Content copied from: http://www.limewire.com/about/p2p.php Understanding Peer-to-Peer Networking and File- Sharing Introduction Although the recent growth of user-friendly file-sharing networks has only now brought Peer-to-Peer (P2P)

144 views • 3 slides
Windows File System Efficiency and Stability of a file system are contradicting requirements. How

Windows File System Efficiency and Stability of a file system are contradicting requirements. How

Unit OS8: File System 8.6. Quiz Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Windows File System Efficiency and Stability of a file system are contradicting requirements. How can the

279 views • 11 slides
Distributed Systems - III Open a file, check status on a file, close a file; Read data

Distributed Systems - III Open a file, check status on a file, close a file; Read data

CSE 421/521 - Operating Systems What does Distributed File System Provide? Fall 2011 Provide access to and manipulation of data stored at remote servers using file system interfaces Lecture - XXV What are the file system interfaces?

236 views • 5 slides

More recommend