-
Stefan Miltchev
Vassilis Prevelakis
Sotiris Ioannidis
miltchev@dsl.cis.upenn.edu
vp@drexel.edu
sotiris@dsl.cis.upenn.edu
University of Pennsylvania
Drexel University
University of Pennsylvania
John Ioannidis
Angelos D. Keromytis
Jonathan M. Smith
ji@research.att.com
angelos@cs.columbia.edu
jms@dsl.cis.upenn.edu
AT&T Labs - Research
Columbia University
University of Pennsylvania
Trust management credentials directly authorize actions, rather than divide the authorization task into authentication and access control. Unlike traditional credentials, which bind keys to principals, trust management credentials bind keys to the authorization to perform certain tasks.
The Distributed Credential FileSystem (DisCFS) uses trust management credentials to identify: (1) files being stored; (2) users; and (3) conditions under which their file access is allowed. Users share files by delegating access rights, issuing credentials in the style of traditional capabilities. Credentials permit, for example, access by remote users not known in advance to the file server, which simply enforces sharing policies rather than entangling itself in their management. Throughput and latency benchmarks of our prototype DisCFS implementation indicate performance roughly comparable to NFS version 2, while preserving the advantages of credentials for distributed control.
Keywords: Filesystems, access control, trust management, credentials.