Cryptree: A Folder Tree Structure for Cryptographic File Systems

Authors:
Dominik Grolimund;Luzius Meisser;Stefan Schmid;Rogert Wattenhofer
Affiliations:
Computer Engineering and Networks Laboratory (TIK), ETH Zurich, CH-8092 Zurich;Computer Engineering and Networks Laboratory (TIK), ETH Zurich, CH-8092 Zurich;Computer Engineering and Networks Laboratory (TIK), ETH Zurich, CH-8092 Zurich;Computer Engineering and Networks Laboratory (TIK), ETH Zurich, CH-8092 Zurich
Venue:
SRDS '06 Proceedings of the 25th IEEE Symposium on Reliable Distributed Systems
Year:
2006

Citing 0
Cited 8

PACISSO: P2P access control incorporating scalability and self-organization for storage systems

PACISSO: P2P access control incorporating scalability and self-organization for storage systems
Distributed and secure access control in P2P databases

DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Dark clouds on the horizon: using cloud storage as attack vector and online slack space

SEC'11 Proceedings of the 20th USENIX conference on Security
Secure cloud storage: available infrastructures and architectures review and evaluation

TrustBus'11 Proceedings of the 8th international conference on Trust, privacy and security in digital business
Web-based attacks on host-proof encrypted storage

WOOT'12 Proceedings of the 6th USENIX conference on Offensive Technologies
A storage-efficient cryptography-based access control solution for subversion

Proceedings of the 18th ACM symposium on Access control models and technologies
Secure cloud storage for remote mobile data collection

Proceedings of the Second Nordic Symposium on Cloud Computing & Internet Technologies
Spoilt for choice: graph-based assessment of key management protocols to share encrypted data

Proceedings of the 4th ACM conference on Data and application security and privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present Cryptree, a cryptographic tree structure which facilitates access control in file systems operating on untrusted storage. Cryptree leverages the file system's folder hierarchy to achieve efficient and intuitive, yet simple, access control. The highlights are its ability to recursively grant access to a folder and all its subfolders in constant time, the dynamic inheritance of access rights which inherently prevents scattering of access rights, and the possibility to grant someone access to a file or folder without revealing the identities of other accessors. To reason about and to visualize Cryptree, we introduce the notion of cryptographic links. We describe the Cryptrees we have used to enforce read and write access in our own file system. Finally, we measure the performance of the Cryptree and compare it to other approaches.