|
Authors: | Andi Halter |
Group: | Communication Systems |
Type: | Misc |
Title: | PGP File System mit flexiblem Gruppenmanagement |
Year: | 1999 |
Month: | February |
Pub-Key: | Hal99 |
Abstract: | In the Internet of nowadays secure storage and transmission of data becomes more and more important. With growing numbers of users, the number of bad guys grows too. Those could attack network links and remote file system services to get access to private data. There exists several systems, which protect data from unprivileged access. An example is the Cryptographic File System. However, none of them supports a flexible management of group access rights. In this diploma thesis, a new file system is designed and implemented for this purpose. This system has to accomplish the following requirements: (i) transparent encryption and decryption of files, (ii) flexible group management for access rights, (iii) if possible a platform independent implementation. Since the cryptographic system PGP (Pretty Good Privacy) is often used, the format of PGP messages must be supported. Different variants for designing such a file system will be discussed in this thesis and one of them has been implemented. The goal of this work is the design and implementation of a cryptographic file system, which is transparent to applications and provides a flexible group management. Transparency enables an application to accesses encrypted files as the were unencrypted. The implemented PGP File System decides on whether a decryption or encryption must be done or not. If it is an encrypted file, the decryption and encryption is done by the PGP File System. The dynamic group management has been taken from Dynamisches Management sicherer Mailverteiler and has been integrated in the file system. Access rights are given by e-mail addresses and groups and are therefore globally unique. The dynamic group management supports user defined aliases as well as system defined aliases. To expand system defined aliases, the database systems NIS and NDBM are supported. These two are often used on UNIX-systems. The provided installation and usage guide makes the start with PGP File System easier. The PGP File System ensures a transparent decryption and encryption, is portable to other UNIX-systems and is able to read files written by PGP. Last but not least, access rights can be set in a flexible manner. |
Remarks: | Diplomarbeit |
Resources: | [BibTeX] |