Capability file names: separating authorisation from user management in an internet file system

  • Authors:

  • Jude T. Regan;Christian D. Jensen

  • Affiliations:

  • Department of Computer Science, Trinity College Dublin;Department of Computer Science, Trinity College Dublin

  • Venue:
  • SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
  • Year:
  • 2001

Quantified Score

Hi-index 0.00

Visualization

Abstract

The ability to access and share information over the Internet has introduced the need for new flexible, dynamic and fine-grained access control mechanisms. None of the current mechanisms for sharing information - distributed file systems and the web - offer adequate support for sharing in a large and highly dynamic group of users. Distributed file systems lack the ability to share information with unauthenticated users, and the web lacks fine grained access controls, i.e. the ability to grant individual users access to selected files. In this paper we present Capability File Names, a new access control mechanism, in which self-certifying file names are used as sparse capabilities that allow a user ubiquitous access to his files and enables him to delegate this right to a dynamic group of remote users. Encoding the capaility in the file name has two major advantages: it is self-supporting and it ensures full compatablity with existing programs. Capability file names have been implemented in a new file system called CapaFS. CapaFS separates user identification from authorisation, thus allowing users to share selected files with remote users without the intervention of a system administrator. The implementation of CapaFS is described and evaluated in this paper