Filesystems are typically databases for the storage, hierarchical organization, manipulation, navigation, access, and retrieval of data. Distributed Filesystems (DFSs), a version of filesystems, have become increasingly widespread over the last few decades. A DFS, as the name suggests, is a network filesystem where a single filesystem can be distributed across several physical computing devices, and the computing devices can have direct access to a part of the entire filesystem. The DFS generally includes facilities for transparent replication and fault tolerance. That is, when a limited number of nodes in a filesystem go offline, the system continues to work without any data loss. Therefore, the DFS has become a very popular choice for local area networks (LAN) in organizations, corporations, and so on.
In typical computer operating systems, files are stored with associated access permissions and users with sufficient access permissions are allowed to access the files. Conventionally, file access permissions are granted on three levels (i.e., owner, group, and other users). Each level can have its own permissions, and users can be granted access based on their level's access permissions. In addition, in most filesystems, each file has an associated owner identification (ID) (i.e., the ID of the user who created the filesystem object), and group ID (i.e., the owner can be part of one or more groups). The present file access permissions reduce chances of security breach (to a large extent) for local filesystems, where multiple users can access files from the same machine, but in distributed filesystems, the file access permissions can introduce vulnerabilities.
In DFSs, multiple users present on different computing devices can access a single filesystem object. Therefore, the file access permissions create certain problems in DFSs. These problems occur because in DFSs it is not necessary for user IDs to be unique on all the computing devices in the system. For example, two users (such as user A and user B) can have the same user ID (such as ID 1000), on different client devices. So, when user A attempts to access a file created by user B, user A will be allowed access to the file (based on the owner access permissions of the file), even though user A did not create the file. The system permits this action as the file access permissions simply recognize user IDs, and since both the users have the same user ID, both user A and user B are recognized as owners of the file. Therefore, an authentic user can easily be faked, which can cause serious security threats.
Various methods have been proposed to overcome some of the security issues in DFSs. Some methods centralize the user IDs and group IDs in a central repository, which ensures that no two users have the same user ID. Each time a user requests access to a file object, the user's credentials are verifyed against the repository. However, it is still possible to bypass the central repository and install a client device in the LAN. Further, a user can still fake a user ID on the new installed client device. In addition, since all riser IDs are stored in a central server, the entire system can crash if the central repository crashes.
Other methods involve the use of public and private encryption keys. These methods also use a central repository, along with the encryption keys. Once a user is authenticated by the central repository, an additional level of security is added that requires an encryption key. Access is denied if the user does not possess the key. These systems can be very complex and require extensive training of administrators. Further, like the other methods known in the art, this method too has a single point of failure.