Sciweavers

SOSP
2003
ACM

Decentralized user authentication in a global file system

14 years 9 months ago
Decentralized user authentication in a global file system
The challenge for user authentication in a global file system is allowing people to grant access to specific users and groups in remote administrative domains, without assuming any kind of pre-existing administrative relationship. The traditional approach to user authentication across administrative domains is for users to prove their identities through a chain of certificates. Certificates allow for general forms of delegation, but they often require more infrastructure than is necessary to support a network file system. This paper introduces an approach without certificates. Local authentication servers pre-fetch and cache remote user and group definitions from remote authentication servers. During a file access, an authentication server can establish identities for users based just on local information. This approach is particularly well-suited to file systems, and it provides a simple and intuitive interface that is similar to those found in local access control mechanisms...
Michael Kaminsky, George Savvides, David Mazi&egra
Added 17 Mar 2010
Updated 17 Mar 2010
Type Conference
Year 2003
Where SOSP
Authors Michael Kaminsky, George Savvides, David Mazières, M. Frans Kaashoek
Comments (0)