slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Access Control in GAIA Operating System PowerPoint Presentation
Download Presentation
Access Control in GAIA Operating System

Loading in 2 Seconds...

play fullscreen
1 / 14
violet-mcintosh

Access Control in GAIA Operating System - PowerPoint PPT Presentation

117 Views
Download Presentation
Access Control in GAIA Operating System
An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Access Control in GAIA Operating System

  2. GAIA • OS for ubiquitous system. • Built at middle-ware level built over native participating OS • It has a context aware file system • Each file is encapsulated in a container • Each file has some context variables defined for it.

  3. Context File System of GAIA <CFS:Storage> <CFS:Owner>Munawar</CFS:Owner> <CFS:Host>srg181</CFS:Host> <CFS:Path>c:\Temp\15687</CFS:Path> <CFS:Context> <CFS:Type>situation</CFS:Type> <CFS:Value>class-presentation</CFS:Value> </CFS:Context> <CFS:Context> <CFS:Type>location</CFS:Type> <CFS:Value>106B1-Engg Hall</CFS:Value> </CFS:Context> </CFS:Storage>

  4. Problem Statement Implement cryptographic access control for GAIA's Context File System. Identifying the User making the request General problem of cryptographic access control

  5. The whole problem is a jigsaw puzzle and it’s a matter of putting the pieces in the right position And make correct decisions to get the whole solution.

  6. Client Side Support At this point all users make request as root while accessing files. So, the client side CORBA interceptor should have a mechanism of including the user ID with every file access request. Decision 1 – Add user ID with every File access request.

  7. Communication between client-server should be secure We would use OpenSSH for crypto solution and some key-generation protocol for session key management. An existing protocol like Otway-Rees would be used.

  8. Maintaining the Access Control List Add an additional field to the XML definition for each file <CFS:Privilege>rwxr—r-x</CFS:Privilege> Looks a Lot like UNIX !!!!!!! We have to implement some user and group management scheme like UNIX.

  9. File Access Policies Clients have different native OS – therefore the files should undergo filtering before being sent to clients. A filtering mechanism is already existent – Some augmentation may be necessary.

  10. Credentials GAIA AS provides credentials Jalal is working on this. We would be using his component

  11. Everything in middleware

  12. Current Activities • Creating a draft of design • Going through the code • And a lot of reading materials, • ,phew…

  13. Almost left an Important point Where are we putting the privilege information and how do we secure it?

  14. Suggestions and Questions ??