Presentation is loading. Please wait.

Presentation is loading. Please wait.

By Kirthi Reddy Mamidi EHUD GUDES. Abstract Introduction General System Structure Compartmentalized,Data Independent Protection Specifications Hierarchical.

Similar presentations

Presentation on theme: "By Kirthi Reddy Mamidi EHUD GUDES. Abstract Introduction General System Structure Compartmentalized,Data Independent Protection Specifications Hierarchical."— Presentation transcript:

1 By Kirthi Reddy Mamidi EHUD GUDES

2 Abstract Introduction General System Structure Compartmentalized,Data Independent Protection Specifications Hierarchical Protection Specifications Data Dependent Protection Specifications Security Problems Conclusion References.

3 Based on user controlled cryptographic(UCC) transformations secure file system is designed. These UCC transformations not only complement other protection mechanisms but also enforce protection specifications. Files with different access permissions are enciphered by different cryptographic keys supplied by authorized users at access time.

4 The use of cryptography for data protection has received considerable attention in recent years. Two major classes of cryptographic transformations were introduced: system control cryptographic(SCC) and user control cryptographic(UCC) transformations. The main goal of using UCC is to enforce a given set of protection specifications. These are enforced by withholding keys from unauthorized users. But due to the data sharing between users several problems are derived and further investigation is required.

5 A. Protection Specification for a simple file system. Assume a set of files:{F1,F2,F3…FN} and a set of users:{U1,U2,U3…Un} The different protection specifications are as follows: 1. Compartmentalized: Each user has to access to a group of files.All users and files are on the same level. 2. Hierarchical: There is a partial ordering of files,users or both. For eg: F1>F2 means that if user Ui has access to F1,then he also have access to F2. 3. Data Independent:This protection specifications means that access to a file is independent of its changing content or value of some of its fields. 4. Data Dependent: This protection specifications means that access to records in the file depends on their content.Changing the content might change access to it.

6 General Structure of the file systemGeneral description of the access mechanism B. Basic Design Principles

7 The following are the main design guidelines and “worst case” assumptions to secure file system design: Protection is not solely dependent on the process of authentication. All cipher algorithms are assumed known to all users. The cryptographic schemes described below are designed to protect against READ access. These guidelines assure the security of the system under ”worst case” conditions that may cause failure of many other protection mechanisms. Security is further enhanced if these conditions do not occur.

8 Assume a set of files:{F1,F2,F3…FN} and a set of users:{U1,U2,U3…Un},these specifications can be represented as a Boolean access matrix A. F1F2F3 U1101 U2001 U3011 Access Matrix Assumptions without essential loss in generality No two rows are equal. No two columns are equal. No zero rows or zero columns are allowed. We have to encipher the whole file as a complete unit.

9 With these assumptions several schemes are suggested.All schemes must have the following objectives. Objective 1 : Scheme must be “Complete.” A(I,j)=1,then user Ui should be able to access file Fj. Objective 2 : Scheme must be “secure.” A(I,j)=0,then user Ui should not be allowed to access file Fj. The different schemes to implement these CDI protection specifications as mentioned below:: A. Scheme 1= The “Simple” Scheme B. Scheme 2= The “User Profile” Scheme C. Scheme 3= The “Keys Record” Scheme

10 A.Scheme 1= The “Simple” Scheme Each user is given keys to all the files he is allowed to, User Ui when he wants to access file Fj will have to supply the key Kj. Advantage:: This does not require an authentication process since it is independent of the concept of user-id and dependent of cryptographic keys. Disadvantages:: The first problem is that a single user Ui has to store AUi keys We claim that the “user convenience” decreases when AUi increases. The second problem is that there is a nonzero probability for a user to “lose” a key. The “loss probability” increases with AUi. number of keys System Risk = ∑ PL(kj)*DKj/n j=1 Where PL(Kj) is the probability of losing key Kj.

11 B. Scheme 2= The “User Profile” Scheme In this scheme each user has a user profile which contains a list of the AUi keys and enciphered using a special user key KUi. We use a cipher C which is parameterized by a user key. For example K ’ j =C(KUi,Kj) means K ’ j is the ciphered form of Kj using the parameter KUi. The deciphering transformation is denoted as C -1 (Kui,Kj’). ID of File 1 K’ i1 …. ID of File j K ’ I,j …. ID of File Aui K i,Aui Ui Advantage:: “user convenience” is higher and “loss probability” is lower. Disadvantage:: It requires an authenticatuion process. Another problem is that changes in the protection specifications.Deletion of a file,will requre the reprocessing or reenciphering of several user profiles.

12 C. Scheme 3= The “Keys Record” Scheme This scheme is similar to “access list” mechanism. The validation record contains a ciphered form of key Kj using a one way cipher g,where Kj’=g(Kj). K ’ ji is a new key and it is a ciphered form of key Kj: K ’ ji =C(KUi,Kj) and Kj=C -1 (KUi,Kji’) where KUi is a unique key for user Ui. Kj1’Kj2’…….Kjnj’ Validation Record – Kj’ File Fj The “Keys Record” Scheme Advantage:: No need for authentication. High “user convenience” since user has to remember only one key.

13 In this we refer to any partial ordering,relative to access,either between files or users. A B2 C4 D2 D1 C3 C2C1 B1 A Tree Directory. Partial Ordering::C1>B1>A This is a reverse Hierarchy A. READ Access=“Reverse” Hierarchy File N is Enciphered by KN.

14 Suppose we have the following specifications USER 1 USER 2 Can have access to C1 & not to C3 Must have access to A & B1 Can have access to C3 & not to C1 Must have access to A & B2 User 1 is given KA,KB1,KC1 And User 2 is given KA,KB2,KC3 which is not convenient because a user has to remember too many keys. Therefore to generate the keys we use the method called “Collapsing” method. Suppose we have a “one way” cipher function g, and a set of keys with the following relations (R) :  KB1=g(KC1) KB1=g(KC2)  KB2=g(KC3) KB2=g(KC4)  KA=g(KB1) KA=g(KB2). The scheme has the advantage of high “user convenience”.

15 B. Independent Access Hierarchy B2 C4 C3 C2 B1 A C1 Access Hierarchy. Partial Ordering::A>B1>C1 This is same as directory hierarchy α KAB1’KAB2’ KA’ FILE A βKBC1’KBC2’ KB1’ FILE B1 Key Records for independent access hierarchy Key records User convenience is a complex function of the protection specification and the access hierarchy. The disadvantage is the overhead involved,in order to access the lower nodes the system must first access higher level nodes. KAB1’=C(KA,KB1) KB1=C -1 (KA,KAB1’) Key KN Encipher the file named by node N.

16 These are most commonly used in database systems than in file systems. Units of data must be enciphered by single key because of the problems of data sharing. Any user query can be decomposed to its security atoms and checked for valid access.

17 User 1 User 2 Can view only SALARY< 20,000Can view only records of DEPARTMENT X SECURITY ATOM Contains exactly records with DEPT=X and SALARY <20,000 This atom idea did not work well in volatile database because of the overhead involved in the reenciphering of the changed atoms. Further research is needed to solve efficiently the database.

18 In general,solving a security problems,presents human engineering and organizational problems. There is a problem of generating and securely distributing the Cryptographic keys. Another problem is the recovery of clear data if a user’s key is lost.

19 In this paper we discussed methods of designing a secure file system and protection policies by using user controlled cryptographic transformations. The Criteria such as:”user convenience” and “system risk” to evaluate their effectiveness has been discussed. The designer can use these criteria in order to choose the scheme which satisfies his objectives.

20 E.Gudes,”The application of cryptography to data base security,” Ph.D.dissertation,Ohio State Univ. E.J.McCauley,”A model for data secure systems,”Ph.D. dissertation,Ohio State univ.,1975. D.E.Knuth,”The Art of Computer Programming,”1973. “Computer security and the data encryption standard,” NBS Pub.500-27,1978. W.Diffie and M.E.Hellman,”A critique of the proposed data encryption standard,”Mar.1976.


Download ppt "By Kirthi Reddy Mamidi EHUD GUDES. Abstract Introduction General System Structure Compartmentalized,Data Independent Protection Specifications Hierarchical."

Similar presentations

Ads by Google