Abstract
Distributed file systems are at the core of many services for sharing data among users. To keep the file contents secure from unauthorized access, such systems make use of custom access control policies similar to the traditional POSIX policies.
In our work, we want to investigate the interdependence of secure access and high-availability. To this end, we formalize the three properties related to data security, namely confidentiality, integrity and accessibility (CIA). We proof the CIA impossibility showing that these properties cannot be achieved together in a highly-available partition-tolerant setting. We further discuss a CRDT-based model that implements an access control policy similar to the POSIX one and that guarantees confidentiality and integrity while precluding accessibility only in rare situations.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
In information systems, this concept is typically named “availability”. To prevent confusion, we here use a different term to distinguish it from availability as defined above.
- 2.
Here, the meaning of safety is as in safety and liveness properties.
- 3.
The full formal model and the evaluation results are available on Github [12].
References
Ahmed-Nacer, M., Martin, S., Urso, P.: File system on CRDT. CoRR abs/1207.5990 (2012). http://arxiv.org/abs/1207.5990
Bach, M.J.: The Design of the Unix Operating System. Prentice-Hall, Englewood Cliffs (1986)
Brewer, E.A.: Towards robust distributed systems (abstract). In: Proceedings of the Nineteenth Annual ACM Symposium on Principles of Distributed Computing, PODC 2000, p. 7. Association for Computing Machinery, New York (2000). https://doi.org/10.1145/343477.343502
Gilbert, S., Lynch, N.: Brewer’s conjecture and the feasibility of consistent, available, partition-tolerant web services. SIGACT News 33(2), 51–59 (2002)
Kleppmann, M., Mulligan, D.P., Gomes, V.B., Beresford, A.R.: A highly-available move operation for replicated trees and distributed filesystems (2020)
Lamport, L.: Time, clocks, and the ordering of events in a distributed system. Commun. ACM 21(7), 558–565 (1978)
Najafzadeh, M., Shapiro, M., Eugster, P.: Co-design and verification of an available file system. In: Dillig, I., Palsberg, J. (eds.) VMCAI 2018. LNCS, vol. 10747, pp. 358–381. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-73721-8_17
Preguiça, N.M., Baquero, C., Shapiro, M.: Conflict-free replicated data types CRDTs. In: Sakr, S., Zomaya, A.Y. (eds.) Encyclopedia of Big Data Technologies. Springer, Heidelberg (2019). https://doi.org/10.1007/978-3-319-63962-8_185-1
Shapiro, M., Preguiça, N., Baquero, C., Zawirski, M.: Conflict-free replicated data types. In: Défago, X., Petit, F., Villain, V. (eds.) SSS 2011. LNCS, vol. 6976, pp. 386–400. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-24550-3_29
Tao, V., Shapiro, M., Rancurel, V.: Merging semantics for conflict updates in geo-distributed file systems. In: Naor, D., Heiser, G., Keidar, I. (eds.) Proceedings of the 8th ACM International Systems and Storage Conference, SYSTOR 2015, Haifa, Israel, 26–28 May 2015, pp. 10:1–10:12. ACM (2015). https://doi.org/10.1145/2757667.2757683
Weber, M., Bieniusa, A., Poetzsch-Heffter, A.: Access control for weakly consistent replicated information systems. In: Barthe, G., Markatos, E., Samarati, P. (eds.) STM 2016. LNCS, vol. 9871, pp. 82–97. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-46598-2_6
Youssef, M., Bieniusa, A., Rezae, A.H., Yanakieva, E.: CRDT-filesystem (2021). https://github.com/AntidoteDB/crdt-filesystem
Zeller, P., Bieniusa, A., Poetzsch-Heffter, A.: Combining state- and event-based semantics to verify highly available programs. In: Arbab, F., Jongmans, S.-S. (eds.) FACS 2019. LNCS, vol. 12018, pp. 213–232. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-40914-2_11
Zeller, P., Youssef, M., Bieniusa, A., Rezae, A.H., Yanakieva, E.: Repliss-filesystem (2021). https://github.com/AntidoteDB/repliss-filesystem
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Yanakieva, E., Youssef, M., Rezae, A.H., Bieniusa, A. (2021). On the Impossibility of Confidentiality, Integrity and Accessibility in Highly-Available File Systems. In: Echihabi, K., Meyer, R. (eds) Networked Systems. NETYS 2021. Lecture Notes in Computer Science(), vol 12754. Springer, Cham. https://doi.org/10.1007/978-3-030-91014-3_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-91014-3_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-91013-6
Online ISBN: 978-3-030-91014-3
eBook Packages: Computer ScienceComputer Science (R0)