Accession Number:

ADA332311

Title:

Security for Network Attached Storage Devices

Descriptive Note:

Corporate Author:

CARNEGIE-MELLON UNIV PITTSBURGH PA DEPT OF COMPUTER SCIENCE

Personal Author(s):

• Gobioff, Howard
• Gibson, Garth
• Tygar, Doug

Report Date:

1997-10-23

Pagination or Media Count:

22.0

Abstract:

This paper presents a novel cryptographic capability system addressing the security and performance needs of network attached storage systems in which file management functions occur at a different location than the file storage device. In our NASD system file managers issue capabilities to client machines, which can then directly access files stored on the network attached storage device without intervention by a file server. These capabilities may be reused by the client, so that interaction with the file manager is kept to a minimum. Our system emphasizes performance and scalability while separating the roles of decision maker issuing capabilities and verifier validating a capability. We have demonstrated our system with adaptations of both the NFS and AFS distributed file systems using a prototype NASD implementation.

Descriptors:

• *DATA PROCESSING SECURITY
• *RECORDS MANAGEMENT
• *COMPUTER FILES
• DATA MANAGEMENT
• CRYPTOGRAPHY
• DISTRIBUTED DATA PROCESSING
• CLIENT SERVER SYSTEMS

Subject Categories:

• Computer Systems
• Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE