Abstract
This paper studies network file system’s security requirements, and focuses on security performance constraints. We review security implementations in both, distributed file systems and pure network-based file systems, focusing on security services included in NFSv4’s proposed standard. Finally, we evaluate the tools being used to preserve data confidentiality, integrity and availability in computer communications, in order to evaluate whether they would be suitable for their use in network file systems.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Satyanarayanan, M.: Distributed Systems, 2nd edn., pp. 353–383. Addison-Wesley – ACM Press (1995)
Needham, R.M., Schroeder, M.D.: Using Encryption for Authentication in Large Networks of Computers. Communications of the ACM, 23–35 (1978)
Sandberg, R., Goldberg, D., Kleiman, S., Walsh, D., Lyon, B.: Design and Implementation of the SUN Network File System. In: Proceedings of the Summer Usenix Conference (1986)
Satyanarayanan, M.: Integrating Security in Large Distributed Systems. ACM Transactions on Computer Systems (1989)
Coulouris, G., Dollimore, J., Kindberg, T.: Distributed Systems: Concepts and Design, 2nd edn., pp. 197–249. Addison-Wesley, Reading (1994)
Anderson, R.: Security Engineering: A Guide to Building Dependable Distributed Systems, pp. 51–71, 115–133. Wiley & Sons, Chichester (2001)
Schneier, B.: Applied Cryptography, 2nd edn. Wiley & Sons, Chichester (1996)
Shepler, S., Callaghan, B., Robinson, D., Thurlow, R., Beame, C., Eisler, M., Noveck, D.: Network File System (NFS) version 4 Protocol – Proposed Standard. RFC 3530 (2003)
Eisler, M.: NFS Version 2 and Version 3 Security Issues and the NFS Protocol’s Use of RPCSEC_GSS and Kerberos V5, RFC 2623 (1999)
Callaghan, B., Pawlowski, B., Staubach, P.: NFS Version 3 Protocol Specification, RFC 1813 (1995)
CERT® Coordination Center, CERT® Advisory CA-1994-15 NFS Vulnerabilities, http://www.cert.org/advisories/CA-1996-09.html (1997)
SANS Institute, The Twenty Most Critical Internet Security Vulnerabilities, Version 4.0, http://www.sans.org/top20/ (2003)
AusCERT: UNIX Security Checklist v2.0, http://www.auscert.org.au (2001)
Eisler, M., Chiu, A., Ling, L.: RPCSEC_GSS Protocol Specification. RFC 2203 (1997)
Patterson, D., Gibson, G., Katz, R.: A Case for Redundant Arrays of Inexpensive Disks (RAID). In: Proceedings of the International Conference on Management of Data (1988)
Bridis, T.: Powerful attack cripples majority of key Internet computers (2002), http://www.securityfocus.com/news/1400
Knowles, D., Perriot F., Szor, P.: W32.Blaster.Worm Security Response, http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html (2003)
Ferraiolo, D., Kuhn, R.: An Introduction to Role-Based Access Control, http://csrc.nist.gov/rbac/NIST-ITL-RBAC-bulletin.html NIST/ITL Bulletin (1995)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Izquierdo, A., Sierra, J.M., Hernández, J.C., Ribagorda, A. (2004). Security Issues in Network File Systems. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds) Computational Science and Its Applications – ICCSA 2004. ICCSA 2004. Lecture Notes in Computer Science, vol 3043. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24707-4_94
Download citation
DOI: https://doi.org/10.1007/978-3-540-24707-4_94
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22054-1
Online ISBN: 978-3-540-24707-4
eBook Packages: Springer Book Archive