html5-img
1 / 21

The Design of a Cryptography Based Secure File System

The Design of a Cryptography Based Secure File System. EHUD GUDES. By Kirthi Reddy Mamidi. Contents. Abstract Introduction General System Structure

warren
Download Presentation

The Design of a Cryptography Based Secure File System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Design of a Cryptography Based Secure File System EHUD GUDES By Kirthi Reddy Mamidi

  2. Contents • Abstract • Introduction • General System Structure • Compartmentalized,Data Independent Protection Specifications • Hierarchical Protection Specifications • Data Dependent Protection Specifications • Security Problems • Conclusion • References.

  3. Abstract • Based on user controlled cryptographic(UCC) transformations secure file system is designed. • These UCC transformations not only complement other protection mechanisms but also enforce protection specifications. • Files with different access permissions are enciphered by different cryptographic keys supplied by authorized users at access time.

  4. Introduction • The use of cryptography for data protection has • received considerable attention in recent years. • Two major classes of cryptographic transformations • were introduced: system control cryptographic(SCC) • and user control cryptographic(UCC) transformations. • The main goal of using UCC is to enforce a given set of • protection specifications. These are enforced by • withholding keys from unauthorized users. • But due to the data sharing between users several • problems are derived and further investigation is • required.

  5. General System Structure A. Protection Specification for a simple file system. Assume a set of files:{F1,F2,F3…FN} and a set of users:{U1,U2,U3…Un} The different protection specifications are as follows: 1. Compartmentalized: Each user has to access to a group of files.All users and files are on the same level. 2. Hierarchical: There is a partial ordering of files,users or both. For eg: F1>F2 means that if user Ui has access to F1,then he also have access to F2. 3. Data Independent:This protection specifications means that access to a file is independent of its changing content or value of some of its fields. 4.Data Dependent: This protection specifications means that access to records in the file depends on their content.Changing the content might change access to it.

  6. B. Basic Design Principles General Structure of the file system General description of the access mechanism

  7. Cont… • The following are the main design guidelines and “worst case” assumptions to secure file system design: • Protection is not solely dependent on the process of authentication. • All cipher algorithms are assumed known to all users. • The cryptographic schemes described below are designed to protect • against READ access. • These guidelines assure the security of the system under ”worst case” conditions that may cause failure of many other protection mechanisms. • Security is further enhanced if these conditions do not occur.

  8. Compartmentalized,Data Independent Protection Specifications Assume a set of files:{F1,F2,F3…FN} and a set of users:{U1,U2,U3…Un},these specifications can be represented as a Boolean access matrix A. Access Matrix Assumptions without essential loss in generality • No two rows are equal. • No two columns are equal. • No zero rows or zero columns are allowed. • We have to encipher the whole file as a complete unit.

  9. With these assumptions several schemes are suggested.All schemes must have the following objectives. Objective 1: Scheme must be “Complete.” A(I,j)=1,then user Ui should be able to access file Fj. Objective 2: Scheme must be “secure.” A(I,j)=0,then user Ui should not be allowed to access file Fj. The different schemes to implement these CDI protection specifications as mentioned below:: A. Scheme 1= The “Simple” Scheme B. Scheme 2= The “User Profile” Scheme C. Scheme 3= The “Keys Record” Scheme

  10. Scheme 1= The “Simple” Scheme • Each user is given keys to all the files he is allowed to access.ie., User Ui when he wants to access file Fj will have to supply the key Kj. • Advantage:: This does not require an authentication process since it is independent of the concept of user-id and dependent of cryptographic keys. • Disadvantages:: • The first problem is that a single user Ui has to store AUi keys • We claim that the “user convenience” decreases when AUi increases. • The second problem is that there is a nonzero probability for a user to “lose” a key. • The “loss probability” increaseswithAUi. • number of keys • System Risk= ∑ PL(kj)*DKj/n • j=1 • Where PL(Kj) is the probability of losing key Kj.

  11. B. Scheme 2= The “User Profile” Scheme • In this scheme each user has a user profile which contains a list of • the AUi keys and enciphered using a special user key KUi. • We use a cipher C which is parameterized by a user key. • For example K’j=C(KUi,Kj) means K’j is the ciphered form of Kj • using the parameter KUi. • The deciphering transformation is denoted as C-1(Kui,Kj’). Advantage::“user convenience” is higher and “loss probability” is lower. Disadvantage::It requires an authenticatuion process. Another problem is that changes in the protection specifications.Deletion of a file,will requre the reprocessing or reenciphering of several user profiles. Ui

  12. C. Scheme 3= The “Keys Record” Scheme • This scheme is similar to “access list” mechanism. • The validation record contains a ciphered form of key Kj using a one way cipher g,where Kj’=g(Kj). • K’ji is a new key and it is a ciphered form of key Kj: • K’ji=C(KUi,Kj) and Kj=C-1(KUi,Kji’) where KUi is a unique key for user Ui. • Advantage:: • No need for authentication. • High “user convenience” since user has to remember only one key. The “Keys Record” Scheme

  13. Hierarchical Protection Specifications • In this we refer to any partial ordering,relative to • access,either between files or users. A. READ Access=“Reverse” Hierarchy A B2 File N is Enciphered by KN. B1 C4 C3 C1 C2 D2 D1 A Tree Directory. Partial Ordering::C1>B1>A This is a reverse Hierarchy

  14. Suppose we have the following specifications USER 2 USER 1 Can have access to C3 & not to C1 Must have access to A & B2 Can have access to C1 & not to C3 Must have access to A & B1 • User 1 is given KA,KB1,KC1 And User 2 is given KA,KB2,KC3 which is not • convenient because a user has to remember too many keys. • Therefore to generate the keys we use the method called “Collapsing” • method. • Suppose we have a “one way” cipher function g, and a set of keys with • the following relations (R) : • KB1=g(KC1) KB1=g(KC2) • KB2=g(KC3) KB2=g(KC4) • KA=g(KB1) KA=g(KB2). The scheme has the advantage of high “user convenience”.

  15. B. Independent Access Hierarchy A Key records B2 B1 C4 C1 C3 C2 Key Records for independent access hierarchy Access Hierarchy. Partial Ordering::A>B1>C1 This is same as directory hierarchy KAB1’=C(KA,KB1) KB1=C-1 (KA,KAB1’) Key KN Encipher the file named by node N. • User convenience is a complex function of the protection • specification and the access hierarchy. • The disadvantage is the overhead involved,in order to access • the lower nodes the system must first access higher level nodes.

  16. Data Dependent Protection Specifications These are most commonly used in database systems than in file systems. Units of data must be enciphered by single key because of the problems of data sharing. Any user query can be decomposed to its security atoms and checked for valid access.

  17. Example: User 1 Can view only SALARY< 20,000 Can view only records of DEPARTMENT X SECURITY ATOM User 2 Contains exactly records with DEPT=X and SALARY <20,000 • This atom idea did not work well in volatile database because • of the overhead involved in the reenciphering of the changed • atoms. • Further research is needed to solve efficiently the database.

  18. Security Problems In general,solving a security problems,presents human engineering and organizational problems. There is a problem of generating and securely distributing the Cryptographic keys. Another problem is the recovery of clear data if a user’s key is lost.

  19. Conclusion In this paper we discussed methods of designing a secure file system and protection policies by using user controlled cryptographic transformations. The Criteria such as:”user convenience” and “system risk” to evaluate their effectiveness has been discussed. The designer can use these criteria in order to choose the scheme which satisfies his objectives.

  20. References E.Gudes,”The application of cryptography to data base security,” Ph.D.dissertation,Ohio State Univ. E.J.McCauley,”A model for data secure systems,”Ph.D. dissertation,Ohio State univ.,1975. D.E.Knuth,”The Art of Computer Programming,”1973. “Computer security and the data encryption standard,” NBS Pub.500-27,1978. W.Diffie and M.E.Hellman,”A critique of the proposed data encryption standard,”Mar.1976.

More Related