Self-certifying File System

Salve,

mi piacerebbe avere qualche parere relativo al progetto di "Self-certifying
File System" (http://www.fs.net).

* Cos'è ?
"SFS is a network file system that provides strong security over untrusted
networks"

* Perchè ?
"NFS, for example, transmits secret file handles in every file system
request. An attacker who learns the file handle of even a single directory
can access the entire file system as any user. AFS, another widely-used
network file system, does not keep the contents of private files secret from
network eavesdroppers. Moreover, AFS uses an insecure message authentication
code (MAC) to protect the integrity of communication between clients and
servers. An active attacker can, with very little computation, tamper with
and change the contents of AFS messages in transit. Coda has approximately
the same security properties as AFS."

* Cioè ?
"The key difference between SFS and any previous file system is that SFS
always provides security over untrusted networks, but does not perform any
key management. SFS accomplishes this by naming file systems by their public
keys. Every SFS file server is accessible under a self-certifying
pathname--a file name of the form:
/sfs/Location:HostID
Location is the server's DNS hostname or IP address. HostID is a
cryptographic hash of the server's public key. SFS uses a
collision-resistant hash function to compute HostID. Thus, HostID
effectively specifies a unique public key. (The client can ask a server for
its public key, hash the key, and ensure that the key returned by the server
matches the HostID in a pathname). Self-certifying pathnames are
automatically created, or "automounted", the first time they are
referenced."


L'idea di sostituire NFS con qualcosa di più astuto (vogliamo dirlo così ?)
sarebbe ottima, ma quanto è valido lo schema di autocertificazione ?


	Ed3f




________________________________________________________
http://www.sikurezza.org - Italian Security Mailing List