Michelle L. Mazurek, Yuan Liang, Manya Sleeper, Lujo Bauer,
Gregory R. Ganger,
Nitin Gupta, Michael K. Reiter*
School of Computer Science
Carnegie Mellon University
*University of North Carolina at Chapel Hill
As non-expert users produce increasing amounts of personal digital data, providing them with usable access control becomes critical. Current approaches are frequently unsuccessful, either because they insufficiently protect data or confuse users about policy specification. We present a distributed file-system access-control infrastructure designed to match users' mental models while providing principled security. Our design combines semantic, tag-based policy specification with logic-based access control, enabling flexible support for intuitive policies while providing high assurance of correctness. We support private and conflicting tags, decentralized policy enforcement, and unforgeable audit records. Our logic can express a variety of policies that map well to real users' needs. To evaluate our design, we develop a set of detailed, realistic case studies drawn from prior research into users' access-control needs. The case studies can also be applied to other systems in the personal access-control space. Using simulated traces generated from the case studies, we demonstrate that our prototype implementation can enforce users' policies with acceptable overhead.
KEYWORDS: Access control, file systems, security, usability, tagging, evaluation
FULL TR: pdf