双连接文件安全传输的设计与实现

针对文件传输存在的安全性缺陷,提出了一种基于转发模式的双连接文件安全传输方法。采用转发隔离思想设计了双连接结构,对文件存储服务器和客户端进行隔离,通过文件安全传输协议栈实现数据的全程加密和可靠传输,并讨论和解决了双连接结构的数据传输引起的流量控制问题。实验结果表明,基于转发模式的双连接文件安全传输在确保服务器安全性和数据密文传输的同时,保障了文件传输的速度和效率。     

基于PKI的安全文件传输系统的设计与实现

阐述了基于PKI（公开密钥基础设施）的安全文件传输系统的设计过程与实现细节。分析了安全文件传输系统所要达到的目标,引入了PKI技术,利用数字证书对文件进行数字签名、加密等安全处理,并在接收端进行相应的解密、验证签名等安全处理,以保障传输的文件的机密性、完整性并验证文件的来源,从而实现文件的安全传输。     

Two secure file servers

In this paper, we describe the design and implementation of a two secure file servers which allow a trusted computer network to be built from untrusted computing bases. We begin with a brief review of recent results in the use of partial orderings for protection and administration of information networks, and introduce limited functionality, trusted computing base file servers as a means for allowing restricted information flow. We show the means by which such a server may be made provably secure. We consider the practicality of implementation and describe two prototype implementations for personal computers. We then summarizes results and point out possible extensions of this work.     

A secure file sharing service for distributed computing environments

Distributed cryptographic file systems enable file sharing among their users and need the adoption of a key management scheme for the distribution of the cryptographic keys to authorized users according to their specific degree of trust. In this paper we describe the architecture of a basic secure file sharing facility relying on a multi-party threshold-based key-sharing scheme that can be overlaid on top of the existing stackable networked file systems, and discuss its application to the implementation of distributed cryptographic file systems. It provides flexible access control policies supporting multiple combination of roles and trust profiles. A proof of concept prototype implementation within the Linux operating system framework demonstrated its effectiveness in terms of performance and security robustness.     

有源RFID标签安全文件系统的设计

针对有源RFID标签应用中对微型文件系统的需求,围绕标签内存小和大量标签盘点过程中要求文件读写速度快的特点,展开对有源RFID标签安全文件系统的研究。最终通过选用高速存储器件和对FAT文件系统进行改进（实现灵活的数据缓冲层、精简文件目录项、增加文件访问控制）,实现了简洁高效安全的文件系统设计,并在实验中展现了文件系统良好的性能。     

Advanced transaction processing in multilevel secure file stores

The concurrency control requirements for transaction processing in a multilevel secure file system are different from those in conventional transaction processing systems. In particular, there is the need to coordinate transactions at different security levels avoiding both potential timing covert channels and the starvation of transactions at higher security levels. Suppose a transaction at a lower security level attempts to write a data item that is being read by a transaction at a higher security level. On the one hand, a timing covert channel arises if the transaction at the lower security level is either delayed or aborted by the scheduler. On the other hand, the transaction at the high security level may be subjected to an indefinite delay if it is forced to abort repeatedly. This paper extends the classical two-phase locking mechanism to multilevel secure file systems. The scheme presented here prevents potential timing covert channels and avoids the abort of higher level transactions nonetheless guaranteeing serializability. The programmer is provided with a powerful set of linguistic constructs that supports exception handling, partial rollback, and forward recovery. The proper use of these constructs can prevent the indefinite delay in completion of a higher level transaction, and allows the programmer to trade off starvation with transaction isolation     

Shield: A stackable secure storage system for file sharing in public storage

With the increasing amount of personal data stored in public storage, users are losing control of their physical data, putting their data information at risk of theft or being compromised. Traditional secure storage systems either require users to completely trust the storage provider or impose the considerable burden of managing files on file owners; such systems are inapplicable in the practical cloud environment. This paper addresses these challenging problems by proposing a new secure system architecture and implementing a stackable secure storage system named Shield, in which a proxy server is introduced to be in charge of authentication and access control. We propose a new variant of the Merkle Hash Tree to support efficient integrity checking and file content update; further, we have designed a hierarchical key organization to achieve convenient keys management and efficient permission revocation. Shield supports concurrent write access by employing a virtual linked list; it also provides secure file sharing without any modification to the underlying file systems. A series of evaluations over various real benchmarks show that Shield causes about 7%∼13%$7\%\sim 13\%$ performance degradation when compared with eCryptfs but provides enhanced security for user’s data.     

文件流转系统解决方案设计

对传统文件流转方式进行了分析,研究了现有计算机环境下文件管理的现状及问题,并设计出一套行之有效、方便灵活并能适应企事业单位职能转变、机构重组、政务透明的文件流转解决方案。该设计充分体现了文件的多样性、安全性、有效性并重;系统实现了状态跟踪、到达提醒、任务督办、多部门签批等功能。     

Scalable, secure, and highly available distributed file access

A summary of and historical perspective on work done to implement easy-to-share distributed file systems based on the Unix model are presented. Andrew and Coda are distributed Unix file systems that embody many of the recent advances in solving the problem of data sharing in large, physically dispersed workstation environments. The Andrew architecture is presented, the scalability and security of the system are discussed. The Coda system is examined, with emphasis on its high availability     

基于CORBA的安全文件共享服务的设计与实现

文件共享服务是企业网络应用环境中一项不可缺少的基本服务。提出了一种基于CORBA的安全文件共享服务模型,介绍了管理服务与共享服务的对象结构、代理机制及它们之间的互操作性,对模型进行了实现,并针对实际使用效果分析了本模型在功能、灵活性及安全性方面的特点。实际结果表明,该模型实现了共享资源的统一管理以及安全灵活的文件访问方法,弥补了传统方法的不足,可以实际应用于大规模的企业网。     

Long-haul secure data transfer using hardware-assisted GridFTP

Extreme-scale scientific collaborations require high-performance wide-area end-to-end data transports to enable fast and secure transfer of high data volumes among collaborating institutions. GridFTP is the de facto protocol for large-scale data transfer in science environments. Existing predominant network transport protocols such as TCP have serious limitations that consume significant CPU power and prevent GridFTP from achieving high throughput on long-haul networks with high latency and potential packet loss, reordering and jitter. On the other hand, protocols such as UDT that address some of the TCP shortcomings demand high computing resources on data transfer nodes. These limitations have caused underutilization of existing high-bandwidth links in scientific and collaborative grids. To address this situation, we have enhanced Globus GridFTP, the most widely used GridFTP implementation, by developing transport offload engines such as UDT and iWARP on SmartNIC, a programmable 10GbE network interface card (NIC). Our results show significant reduction in server utilization and full line-rate sustained bandwidth in high-latency networks, as measured for up to 100 ms of network latency. In our work, we also offload OpenSSL on SmartNIC to reduce host utilization for secure file transfers. The offload engine can provide line-rate data channel encryption/decryption on top of UDT offload without consuming additional host CPU resources. Lower CPU utilization leads to increased server capacity, which allows data transfer nodes to support higher network and data-processing rates. Alternatively, smaller or fewer DTNs can be used for a particular data rate requirement.     

Integrated data ciphering unit design for secure message transfer in networks

The importance of transmitting voice messages in a secure manner over telephone networks has recently started attracting the attention of telephone companies. In order to provide an encryption-based secure communication of voice messages over telephone networks, the telephone companies will be faced with the problem of where to locate the encryption/decryption devices and also how to interface them with the existing telephone switching and multiplexing equipment. This problem is of prime importance in the sense that proper placement of such encryption/decryption devices would bring down the overall cost of providing secure communication services to their customers that would in turn bring more revenue to the telephone companies. In this respect, the design of an integrated data ciphering unit (DCU) and proper deployment of the same inside a low bit rate voice (LBRV) transcoder equipment are presented in this paper. The accuracy of adaptive differential pulse code modulation (ADPCM) prediction algorithm and the impact of errors due to decoding are analyzed for such deployment in order to provide a better level of security. Also, a cost analysis is carried out to show that the cost of providing a secure communication service to the customers is quite negligible.     

DotDFS: A Grid-based high-throughput file transfer system

DotGrid platform is a Grid infrastructure integrated with a set of open and standard protocols recently implemented on the top of Microsoft .NET in Windows and MONO .NET in UNIX/Linux. DotGrid infrastructure along with its proposed protocols provides a right and solid approach to targeting other platforms, e.g., the native C/C++ runtime. In this paper, we propose a new concurrent file transfer protocol called DotDFS as a high-throughput distributed file transfer component for DotGrid. DotDFS introduces some open binary protocols for efficient file transfers on current Grid infrastructures. DotDFS protocol also provides mechanisms for multiple file streams to gain high-throughput file transfer similar to GridFTP protocol, but by proposing and implementing a new parallel TCP connection-oriented paradigm. Almost no research work has been conducted to suggest a concurrent file transfer protocol that simultaneously employs threaded and event-driven models in the protocol level. Due to our knowledge, DotDFS is the first concurrent file transfer protocol that, from this viewpoint, presents a new computing paradigm in the field of data transmission protocols. In our LAN tests, we have achieved better results than Globus GridFTP implementation particularly in multiple TCP streams and directory tree transfers. Our LAN experiences in memory-to-memory tests show that DotDFS accesses to the 94% bottleneck bandwidth while GridFTP is accessing 91%. In LAN disk-to-disk tests, comparing DotDFS protocol with GridFTP protocol unveils a set of interesting and technical problems in GridFTP for both the nature of the protocol and its implementation by Globus. In the WAN experimental studies, we propose a new idea for analytical modeling of file transfer protocols like DotDFS inspired by sampling, experimentation and mathematical interpolation approaches. The cross-platform and open standard-based features of DotDFS provide a substantial framework for unifying data access and resource sharing in real heterogeneous Grid environments.     

Visa and American Express Battle Credit Card Fraud

Both Visa International and American Express have announced plans to work with online merchants to tighten security in their latest online credit card fraud battle.     

Investigating a file transfer protocol using CSP and B

In this paper a file transmission protocol specification is developed using the combination of two formal methods: CSP and B. The aim is to demonstrate that it is possible to integrate two well established formal methods whilst maintaining their individual advantages. We discuss how to compositionally verify the specification and ensure that it preserves some abstract properties. We also discuss how the structure of the specification follows a particular style which may be generally applicable when modelling other protocols using this combination .     

Networking secure electronic funds transfer at point of sale

There is growing interest in the concept of electronic funds transfer at point of sale, i.e. the replacement of cash in everyday shopping transactions with an all-electronic alternative. Such an alternative must be highly secure. Prevention of fraud depends on secure overall network design incorporating cryptographic techniques. Various secure network topologies are possible, but the best operational characteristics result from a network-optimized approach. This takes advantage of intelligent traffic concentrators to maximize network flexibility and growth, while minimizing routing and key-management overheads. The concept is illustrated with an example transaction message protocol.     

基于数据流的启发式文件传输识别系统设计

为了防止文件通过网络泄露,研究了网络传输文件的格式、传送形式以及通信行为特征,提出一种基于网络数据流的文件传输识别方法。通过引入文件数据流的概念,构建了具有特异性的文件特征指纹库,采用自适应深度协议分析技术,对文件传输在通信协议中表现出的内容和行为特征信息进行多层次启发式的检测。测试结果表明,该系统运行高效,检测结果准确。     

Fault tolerant file models for parallel file systems: introducing distribution patterns for every file

Parallelism in file systems is obtained by using several independent server nodes supporting one or more secondary storage devices. This approach increases the performance and scalability of the system, but a fault in one single node can stop the whole system. To avoid this problem, data must be stored using some kind of redundant technique, so any data stored in a faulty element can be recovered. Fault tolerance can be provided in I/O systems by using replication or RAID based schemes. However, most of the current systems apply the same technique for all files in the system. This paper describes the fault tolerance support provided by Expand, a parallel file system based on standard servers. This support can be applied to other parallel file systems with many benefices: fault tolerance at file level, flexible definition of fault tolerance scheme to be used, possibility to change the fault tolerant support used for a file, etc.