Scale and performance in a distributed file system
ACM Transactions on Computer Systems (TOCS)
Federated database systems for managing distributed, heterogeneous, and autonomous databases
ACM Computing Surveys (CSUR) - Special issue on heterogeneous databases
Active mail—a framework for implementing groupware
CSCW '92 Proceedings of the 1992 ACM conference on Computer-supported cooperative work
A cryptographic file system for UNIX
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Support for the file system security requirements of computational E-mail systems
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
Role-Based Access Control Models
Computer
Separating key management from file system security
Proceedings of the seventeenth ACM symposium on Operating systems principles
Communications of the ACM
Inside Risks: Web cookies: not just a privacy risk
Communications of the ACM
The Art of Deception: Controlling the Human Element of Security
The Art of Deception: Controlling the Human Element of Security
Linux Security Modules: General Security Support for the Linux Kernel
Proceedings of the 11th USENIX Security Symposium
Janus: an Approach for Confinement of Untrusted Applications
Janus: an Approach for Confinement of Untrusted Applications
Self-certifying file system
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Hi-index | 0.00 |
In this paper, we analyse the data sharing mechanisms of *nixsystems and identify an immediate need for better privacy support.For example, using a simple insider attack we were able to accessover 84 GB of private data at one organisation of 825 users,including 300 000 e-mails and 579 passwords to financial and otherprivate services websites, without exploiting any technicalvulnerability. We present two solutions to address this problem: 1.an administrative auditing tool which can alert administrators andusers when their private data is at risk; 2. a new View BasedAccess Control (VBAC) mechanism which provides stronger and yetconvenient privacy support. We also describe a proof-of-conceptfilesystem-based implementation and performance analysis of VBAC.Our evaluations with three well-known filesystem benchmarks showlittle overhead of using VBAC.