A Tag-Based, Logical Access-Control Framework for Personal File Sharing
作者: Michelle L. Mazurek
DOI:
关键词:
摘要: People store and share ever-increasing numbers of digital documents, photos, other files, both on personal devices within online services. In this environment, proper access control is critical to help users obtain the benefits sharing varied content with different groups people while avoiding trouble at work, embarrassment, identity theft, problems related unintended disclosure. Current approaches often fail, either because they insufficiently protect data or confuse about policy specification. Historically, correctly managing has proven difficult, timeconsuming, error-prone, even for experts; make matters worse, remains a secondary task most non-experts are unwilling spend significant time on. To solve problem, file-sharing tools services should provide verifiable security, configuration andmanagement simple understandable users, reduce risk user error, minimize required effort. This thesis presents three studies that insight into people’s access-control needs preferences. Drawing results these studies, I present Penumbra, prototype distributed file system combines semantic, tag-based specification logicbased control, flexibly supporting intuitive policies providing high assurance correctness. Penumbra evaluated using set detailed, realistic case drawn from presented studies. Using microbenchmarks traces generated can enforce users’ overhead less than 5% calls. Finally, lessons learned, which inform further development usable mechanisms files in broader context data.
参考文章(134)
Devdatta Akhawe, Matthew Finifter, Adrienne Porter Felt, David Wagner, Serge Egelman, How to ask for permission usenix conference on hot topics in security. pp. 7- 7 ,(2012)
Ekaterini Ioannou, Juri L. De Coi, Arne Wolf Koesling, Daniel Olmedilla, Wolfgang Nejdl, Access control for sharing semantic data across desktops PEAS'07 Proceedings of the 2007 International Conference on Privacy Enforcement and Accountability with Semantics - Volume 320. pp. 31- 40 ,(2007)
Yunus Basagalar, Pete Keleher, Vassilios Lekakis, Don't trust your roommate or access control and replication protocols in Home environments usenix conference on hot topics in storage and file systems. pp. 12- 12 ,(2012)
Norman Sadeh, Justin Cranshaw, Jonathan Mugan, User-controllable learning of location privacy policies with gaussian mixture models national conference on artificial intelligence. pp. 1146- 1152 ,(2011)
Lujo Bauer, Tiffany Hyun-Jin Kim, Adrian Perrig, Jesse Walker, James Newsome, Challenges in access right assignment for secure home networks usenix conference on hot topics in security. pp. 1- ,(2010)
Frank Pfenning, Kevin D. Bowers, Lujo Bauer, Deepak Garg, Michael K. Reiter, Consumable Credentials in Linear-Logic-Based Access-Control Systems. network and distributed system security symposium. ,(2007)
Jared M. Spool, Rosalee J. Wolfe, Daniel D. McCracken, User-Centered Web Site Development: A Human-Computer Interaction Approach ,(2003)
Angelos D. Keromytis, Matt Blaze, Joan Feigenbaum, KeyNote: Trust Management for Public-Key Infrastructures (Position Paper) Lecture Notes in Computer Science. ,(1999)
Peter Druschel, Petr Kuznetsov, Ansley Post, PodBase: transparent storage management for personal devices international workshop on peer to peer systems. pp. 1- 1 ,(2008)
Fred Stutzman, Ralph Gross, Alessandro Acquisti, Silent Listeners: The Evolution of Privacy and Disclosure on Facebook Journal of Privacy and Confidentiality. ,vol. 4, pp. 2- ,(2013) , 10.29012/JPC.V4I2.620