Skip to main content
SpringerLink
Log in

A secure file sharing service for distributed computing environments

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Distributed cryptographic file systems enable file sharing among their users and need the adoption of a key management scheme for the distribution of the cryptographic keys to authorized users according to their specific degree of trust. In this paper we describe the architecture of a basic secure file sharing facility relying on a multi-party threshold-based key-sharing scheme that can be overlaid on top of the existing stackable networked file systems, and discuss its application to the implementation of distributed cryptographic file systems. It provides flexible access control policies supporting multiple combination of roles and trust profiles. A proof of concept prototype implementation within the Linux operating system framework demonstrated its effectiveness in terms of performance and security robustness.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. Al Hasib A, Haque A (2008) A comparative study of the performance and security issues of aes and rsa cryptography. In: Third international conference on convergence and hybrid information technology, 2008, ICCIT ’08, vol 2, pp 505–510. doi:10.1109/ICCIT.2008.179

    Chapter  Google Scholar 

  2. Badulescu I, Shender A, Zadok E (1998) Cryptfs: a stackable vnode level encryption file system. Department of Computer Science, Columbia University, Columbia University Computer Science Report CUCS-02198

  3. Barolli L, Takizawa M (2010) Special issue on emerging trends in ubiquitous computing systems. J Ambient Intell Humaniz Comput 1(4):235–237. doi:10.1007/s12652-010-0026-y

    Article  Google Scholar 

  4. Biryukov A, Kushilevitz E (1998) From differential cryptanalysis to ciphertext-only attacks. In: Krawczyk H (ed) Advances in cryptology, CRYPTO ’98. Lecture notes in computer science, vol 1462. Springer, Berlin, pp 72–88. doi:10.1007/BFb0055721

    Chapter  Google Scholar 

  5. Blaze M (1993) A cryptographic file system for UNIX. In: Proceedings of the 1st ACM conference on computer and communications security, CCS ’93. ACM, New York, pp 9–16. doi:10.1145/168588.168590

    Google Scholar 

  6. Blaze M (1994) Key management in an encrypting file system. In: Proceedings of the summer 1994 USENIX conference, pp 27–35

    Google Scholar 

  7. Boneh D, Franklin M (1997) Efficient generation of shared RSA keys. In: Kaliski Jr BS (ed) Advances in cryptology, CRYPTO ’97. Lecture notes in computer science, vol 1294. Springer, Berlin, pp 425–439. doi:10.1007/BFb0052253

    Chapter  Google Scholar 

  8. Castiglione A, Cepparulo M, De Santis A, Palmieri F (2010) Towards a lawfully secure and privacy preserving video surveillance system. In: Buccafurri F, Semeraro G (eds) E-commerce and web technologies. Lecture notes in business information processing, vol 61. Springer, Berlin, pp 73–84. doi:10.1007/978-3-642-15208-5_7

    Chapter  Google Scholar 

  9. Castiglione A, De Prisco R, De Santis A (2009) Do you trust your phone? In: Noia TD, Buccafurri F (eds) EC-web. Lecture notes in computer science, vol 5692. Springer, Berlin, pp 50–61

    Google Scholar 

  10. Castiglione A, De Santis A, Soriente C (2007) Taking advantages of a disadvantage: digital forensics and steganography using document metadata. J Syst Softw 80(5):750–764

    Article  Google Scholar 

  11. Castiglione A, De Santis A, Soriente C (2010) Security and privacy issues in the portable document format. J Syst Softw 83(10):1813–1822

    Article  Google Scholar 

  12. Deswarte Y, Blain L, Fabre JC (1991) Intrusion tolerance in distributed computing systems. In: Proceedings of IEEE computer society symposium on research in security and privacy, 1991, pp 110–121. doi:10.1109/RISP.1991.130780

    Chapter  Google Scholar 

  13. French T, Bessis N, Xhafa F, Maple C (2011) Towards a corporate governance trust agent scoring model for collaborative virtual organisations. Int J Grid Util Comput 2(2):98–108. doi:10.1504/IJGUC.2011.040597

    Article  Google Scholar 

  14. Howard JH et al. (1988) An overview of the Andrew file system. Carnegie Mellon University, Information Technology Center

  15. Hsu CH (2012) Ubiquitous intelligence and computing: building smart environment in real and cyber space. J Ambient Intell Humaniz Comput 3(2):83–85. doi:10.1007/s12652-011-0074-y

    Article  Google Scholar 

  16. Institute, A.N.S.: Triple data encryption algorithm modes of operation. ANSI X9.52-1998 (2001)

  17. Lindamood J, Heatherly R, Kantarcioglu M, Thuraisingham B (2009) Inferring private information using social network data. In: Proceedings of the 18th international conference on World wide web, WWW ’09. ACM, New York, pp 1145–1146. doi:10.1145/1526709.1526899

    Chapter  Google Scholar 

  18. Mazières D, Kaminsky M, Kaashoek MF, Witchel E (1999) Separating key management from file system security. SIGOPS Oper Syst Rev 33(5):124–139. doi:10.1145/319344.319160

    Article  Google Scholar 

  19. Menezes AJ, Van Oorschot PC, Vanstone SA (2010) Handbook of applied cryptography. CRC Press, Boca Raton

    Google Scholar 

  20. Nagata A, Yamamura S, Tsuru M (2012) Data transfer exploiting multiple heterogeneous challenged networks—implementation and application. IJSSC 2(2):112–122

    Article  Google Scholar 

  21. Rejewski M, Kozaczuk W (1984) Summary of our methods for reconstructing ENIGMA and reconstructing daily keys, and of German efforts to frustrate those methods. Enigma: how the German cipher machine was broken, and how it was read by the Allies in World War II, pp 241–245

  22. Ristenpart T, Tromer E, Shacham H, Savage S (2009) Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM conference on computer and communications security, CCS ’09. ACM, New York, pp 199–212. doi:10.1145/1653662.1653687

    Chapter  Google Scholar 

  23. Russinovich M (1999) Inside encrypting file system, Part 1. http://windowsitpro.com/systems-management/inside-encrypting-file-system-part-1

  24. Russinovich M (1999) Inside encrypting file system, Part 2. http://windowsitpro.com/systems-management/inside-encrypting-file-system-part-2

  25. Sabzevar AP, Sousa JP (2011) Authentication, authorisation and auditing for ubiquitous computing: a survey and vision. IJSSC 1(1):59–67

    Article  Google Scholar 

  26. Sandber R, Goldberg D, Kleiman S, Walsh D, Lyon B (1985) Design and implementation of the sun network file system. In: Proceedings of USENIX summer conference, pp 119–130

    Google Scholar 

  27. Satyanarayanan M (1989) Integrating security in a large distributed system. ACM Trans Comput Syst 7(3):247–280. doi:10.1145/65000.65002

    Article  Google Scholar 

  28. Shamir A (1979) How to share a secret. Commun ACM 22(11):612–613. doi:10.1145/359168.359176

    Article  MATH  MathSciNet  Google Scholar 

  29. Stallings W (2003) Cryptography and network security, principles and practices. Prentice Hall, New York

    Google Scholar 

  30. National Institute of Standards and Technology: advanced encryption standard. NIST FIPS PUB 197 (2001)

  31. The OpenSSL Project: OpenSSL: The open source toolkit for SSL/TLS (2003). www.openssl.org

  32. US Department of Commerce/National Bureau of Standards, National Technical Information Service: DES modes of operation. Federal Information Processing Standards (1980)

  33. Wu T, Malkin M, Boneh D (1999) Building intrusion tolerant applications. In: Proceedings of the 8th conference on USENIX security symposium, SSYM99, vol 8. USENIX Association, Berkeley, p 7

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Informatica, Università di Salerno, Via Ponte don Melillo, 84084, Fisciano, SA, Italy

    Aniello Castiglione, Luigi Catuogno & Aniello Del Sorbo

  2. Centro di Ateneo per i Servizi Informativi, Università di Napoli Federico II, Via Cinthia 4, 80126, Napoli, Italy

    Ugo Fiore

  3. Dipartimento di Ingegneria Industriale e dell’Informazione, Seconda Università di Napoli, Via Roma 29, 81031, Aversa, CE, Italy

    Francesco Palmieri

Authors
  1. Aniello Castiglione
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Luigi Catuogno
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Aniello Del Sorbo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ugo Fiore
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Francesco Palmieri
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Aniello Castiglione.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Castiglione, A., Catuogno, L., Del Sorbo, A. et al. A secure file sharing service for distributed computing environments. J Supercomput 67, 691–710 (2014). https://doi.org/10.1007/s11227-013-0975-y

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-013-0975-y

Keywords

Search

Navigation