In general, a computer operating system controls the processing of tasks, the allocation of system memory among the tasks, the input/output to peripheral devices, and other system-level functions. A file system controls the formatting of data, maintaining the location of the data on persistent storage devices, the logical hierarchy of files, who is permitted to access what file, and other file-related tasks. File systems are frequently integral with the operating system such that although a logical distinction between the functionality of the two systems can be made, the two systems are in fact intertwined with one another from a source code standpoint. Such an integral system makes modifying either the operating system or the file system difficult because modifications to either of the systems may unintentionally impact the other system. Consequently, extending the functionality of a file system which is integral with the operating system can be difficult to accomplish.
In an attempt to overcome this problem, some operating systems have been developed which have been modularized to the extent that they can, with relatively little modification, interact with different file systems. This has enabled third party developers to provide different file systems for use with such operating systems.
One responsibility of a file system is to ensure that a resource owned by one user, such as a file, can not be wrongfully accessed by another user. Conventional file systems have a particular authorization scheme for files created by the file system. The authorization scheme includes the actual format of the authorization information as well the methods for adding, deleting and otherwise manipulating the information in the authorization structure. In conventional file systems, the routines for carrying out file authorization functionality are integral with the file system itself, much the same way that certain file systems are integral with the operating system. Thus, a particular file system provides a single authorization scheme for any file created and maintained by the respective file system. A single authorization scheme can be very limiting, as some files may contain highly sensitive data which may warrant a complex authorization scheme to ensure access is appropriately controlled, while other files may contain only slightly sensitive data which could be controlled via a much simpler authorization scheme. Changing, modifying or enhancing the authorization scheme of a conventional file system requires a new release from the vendor of the file system, who may have no desire to implement user-desired changes, or who may not be able to implement a desired change in a timely manner.
Associated with an authorization system is a mechanism for administering the authorization information associated with a particular file, such as granting or denying particular users access to the file. Such administration is typically carried out through an administration utility associated with the particular file system. Authorization schemes can differ greatly among vendors of file systems, such as an inherited rights authorization scheme compared to an explicit rights authorization scheme, and can require a significant amount of training time to be proficient at maintaining the authorization rights associated with a particular file system.
In today's environment, it is not unusual for a computer installation to have a variety of computers, which run completely different operating systems, such as Unix, NetWare.RTM., and Windows NT, for example. Security administrators frequently find it necessary to become proficient in the file authorization utilities associated with each operating system, resulting in significant training time and expense.
One approach taken to reduce this problem has been to develop a `front-end` to an existing file system which translates requests from one authorization scheme into the requests expected by another authorization scheme. This added layer of processing results in a less efficient authorization system, and requires extra processing time to process an authorization system request. Further, front-ends have limited success at translating an authorization request from one system into an authorization request expected by another system because of the extensive differences between the underlying structure of the authorization information of the two different systems.
It is apparent that a file system which is capable of interacting with any of a plurality of different authorization systems, which does not require vendor-implemented changes to change an authorization system, which allows different authorization schemes to be applied to different files in the same file system, and which can invoke the appropriate authorization system associated with a file access request would eliminate many of the problems encountered with conventional file systems.