Security for Network Attached Storage Devices

Abstract

This paper presents a novel cryptographic capability system addressing the security and performance needs of network attached storage systems in which file management functions occur at a different location than the file storage device. In our NASD system file managers issue capabilities to client machines, which can then directly access files stored on the network attached storage device without intervention by a file server. These capabilities may be reused by the client, so that interaction with the file manager is kept to a minimum. Our system emphasizes performance and scalability while separating the roles of decision maker (issuing capabilities) and verifier (validating a capability). We have demonstrated our system with adaptations of both the NFS and AFS distributed file systems using a prototype NASD implementation.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Oct 23, 1997
Accession Number
ADA332311

Entities

People

  • Doug Tygar
  • Garth Gibson
  • Howard Gobioff

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Authentication
  • Bandwidth
  • Computer Access Control
  • Computer Science
  • Computers
  • Construction
  • Cryptography
  • Data Transmission
  • Denial Of Service Attack
  • Eavesdropping
  • Environment
  • Hierarchies
  • Operating Systems
  • Physical Security
  • Security
  • Security Protocols
  • Servers (Computer Hardware)

Fields of Study

  • Computer science

Readers

  • Computer Networking
  • Database Systems and Applications
  • Government and Public Administration Law.