Least-Authority File System presented at TERENA TF-Storage WS 15 by - - PowerPoint PPT Presentation

least authority file system
SMART_READER_LITE
LIVE PREVIEW

Least-Authority File System presented at TERENA TF-Storage WS 15 by - - PowerPoint PPT Presentation

Feb 19, 2023 29 likes •130 views

Least-Authority File System presented at TERENA TF-Storage WS 15 by Zooko Wilcox-O'Hearn the open-source project, by Brian Warner, Zooko, Daira Hopwood, and many more: https://Tahoe-LAFS.org commercial support, by Zooko, Daira, and many more:

slide-1
SLIDE 1

Least-Authority File System

presented at TERENA TF-Storage WS 15 by Zooko Wilcox-O'Hearn the open-source project, by Brian Warner, Zooko, Daira Hopwood, and many more: https://Tahoe-LAFS.org commercial support, by Zooko, Daira, and many more: https://LeastAuthority.com (Brian is working at Mozilla.)

slide-2
SLIDE 2

What's the Big Idea?

  • the Principle of Least-Authority applied to distributed storage

Mark S. Miller “Robust Composition” PhD Thesis, Johns Hopkins University, 2006.

Why are we doing this?

  • This approach is both possible and practical.
  • We started this is 1999, because we thought it would be important.
  • We were right.
slide-3
SLIDE 3

Reliance Topology, part 1

  • users protected from users
  • users protected from providers (end-to-end security)
  • providers protected from providers (federation)

Reliance Topology, part 2

  • (see whiteboard)
slide-4
SLIDE 4

Architecture

  • architecture

    Tahoe-LAFS storage servers Tahoe-LAFS client

  • LAFS gateway
  • ver TCP/SSL

FTP Tahoe-LAFS storage client

Red means that whoever controls that link or that machine can see your files and change their contents. In other words, you rely on that component for confidentiality and integrity. Black means that whoever controls that link or that machine cannot see your files or change their contents. In other words, you do not rely on that component for confidentiality and integrity

  • Web browser
  • Command-line tool
  • tahoe backup tool
  • JavaScript frontends
  • duplicity
  • GridBackup (incomplete)
  • FTP and SFTP clients
  • FUSE via sshfs

Tahoe-LAFS storage protocol Tahoe-LAFS web-API FTP server SFTP server SFTP

  • Disk backend
  • Cloud backend under development

(S3, OpenStack, Google, Azure)

security perimeter for provider-independent confidentiality and integrity

slide-5
SLIDE 5

How It Works: mutable and immutable files

imm mut

slide-6
SLIDE 6

How It Works: mutable and immutable files

imm mut

read read write

slide-7
SLIDE 7

How It Works: mutable and immutable files

imm mut

read read write

cipher key (AES) cipher key (AES) cipher key (AES)

slide-8
SLIDE 8

How It Works: mutable and immutable files

imm mut

read read write

cipher key (AES) cipher key (AES) cipher key (AES) hash value (SHA256)

slide-9
SLIDE 9

How It Works: mutable and immutable files

imm mut

read read write

cipher key (AES) verifying key (RSA), cipher key (AES)

signing key (RSA), cipher key (AES)

hash value (SHA256)

slide-10
SLIDE 10

How It Works: Chordlike server selection

(see whiteboard)