A cryptographic file system for UNIX
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Serverless network file systems
ACM Transactions on Computer Systems (TOCS) - Special issue on operating system principles
Practical Byzantine fault tolerance
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Separating key management from file system security
Proceedings of the seventeenth ACM symposium on Operating systems principles
Feasibility of a serverless distributed file system deployed on an existing set of desktop PCs
Proceedings of the 2000 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Chord: A scalable peer-to-peer lookup service for internet applications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Wide-area cooperative storage with CFS
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems
Middleware '01 Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms Heidelberg
A Digital Signature Based on a Conventional Encryption Function
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Unifying File System Protection
Proceedings of the General Track: 2002 USENIX Annual Technical Conference
How to build a trusted database system on untrusted storage
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Fast and secure distributed read-only file system
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
A toolkit approach to partially connected operation
ATEC '97 Proceedings of the annual conference on USENIX Annual Technical Conference
Ivy: a read/write peer-to-peer file system
ACM SIGOPS Operating Systems Review - OSDI '02: Proceedings of the 5th symposium on Operating systems design and implementation
ACM Computing Surveys (CSUR)
Ivy: a read/write peer-to-peer file system
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Plutus: Scalable Secure File Sharing on Untrusted Storage
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
Formal security analysis of basic network-attached storage
Proceedings of the 2005 ACM workshop on Formal methods in security engineering
Trust but verify: accountability for network services
Proceedings of the 11th workshop on ACM SIGOPS European workshop
Secure data replication over untrusted hosts
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Secure untrusted data repository (SUNDR)
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Efficient fork-linearizable access to untrusted shared memory
Proceedings of the twenty-sixth annual ACM symposium on Principles of distributed computing
Strong accountability for network storage
ACM Transactions on Storage (TOS)
Offline untrusted storage with immediate detection of forking and replay attacks
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Towards a theory of data entanglement
Theoretical Computer Science
Principles of untrusted storage: a new look at consistency conditions
Proceedings of the twenty-seventh ACM symposium on Principles of distributed computing
Athos: Efficient Authentication of Outsourced File Systems
ISC '08 Proceedings of the 11th international conference on Information Security
A look in the mirror: attacks on package managers
Proceedings of the 15th ACM conference on Computer and communications security
Proceedings of the 4th ACM international workshop on Storage security and survivability
Fork sequential consistency is blocking
Information Processing Letters
ACM SIGACT News
Integrity Protection for Revision Control
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
On protecting integrity and confidentiality of cryptographic file system for outsourced storage
Proceedings of the 2009 ACM workshop on Cloud computing security
Abortable Fork-Linearizable Storage
OPODIS '09 Proceedings of the 13th International Conference on Principles of Distributed Systems
Lithium: virtual machine storage for the cloud
Proceedings of the 1st ACM symposium on Cloud computing
Venus: verification for untrusted cloud storage
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
SPORC: group collaboration using untrusted cloud resources
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Integrity and consistency for untrusted services
SOFSEM'11 Proceedings of the 37th international conference on Current trends in theory and practice of computer science
Beyond one-third faulty replicas in byzantine fault tolerant systems
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Fork-consistent constructions from registers
Proceedings of the 30th annual ACM SIGACT-SIGOPS symposium on Principles of distributed computing
Transactional storage for geo-replicated systems
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
SIAM Journal on Computing
Formal analysis of dynamic, distributed file-system access controls
FORTE'06 Proceedings of the 26th IFIP WG 6.1 international conference on Formal Techniques for Networked and Distributed Systems
On consistency of encrypted files
DISC'06 Proceedings of the 20th international conference on Distributed Computing
Fork-Consistent constructions from registers
OPODIS'11 Proceedings of the 15th international conference on Principles of Distributed Systems
Social networking with frientegrity: privacy and integrity with an untrusted provider
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Making geo-replicated systems fast as possible, consistent when necessary
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Multi-user dynamic proofs of data possession using trusted hardware
Proceedings of the third ACM conference on Data and application security and privacy
Verifying cloud services: present and future
ACM SIGOPS Operating Systems Review
PoWerStore: proofs of writing for efficient and robust storage
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Authenticated storage using small trusted hardware
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
Hi-index | 0.00 |
This paper shows how to implement a trusted network file system on an untrusted server. While cryptographic storage techniques exist that allow users to keep data secret from untrusted servers, this work concentrates on the detection of tampering attacks and stale data. Ideally, users of an untrusted storage server would immediately and unconditionally notice any misbehavior on the part of the server. This ideal is unfortunately not achievable. However, we define a notion of data integrity called fork consistency in which, if the server delays just one user from seeing even a single change by another, the two users will never again see one another's changes---a failure easily detectable with on-line communication. We give a practical protocol for a multi-user network file system called SUNDR, and prove that SUNDR offers fork consistency whether or not the server obeys the protocol.