Access Control in Distributed File-Systems : Design and realization on Pepys fs

Distributed file-systems allow multiple users to have access to a shared space where they can store and manage their own data. Users have to be able to rely on a high level of security, that is to say that they have to be assured their data is safe, protected and available anytime. This job is performed by a specific process named access control which decides according to a set of rules attached to the data, the user who can use specific resources and how. In this work a novel access control model for distributed file-systems is presented. Such model has been designed to be particularly suitable for environments where a high number of resources and users have to be managed. Its peculiar features allow the users to finely manage the rules governing the access to their data, as well as, to stipulate relationships with other users in order to share files and resources. These features include also mechanisms of rights delegations, user authentications and a novel concept of rules named mandatory rules. The model explained in this book has been implemented on a Linux port of a novel distributed file-system named Pepys; details of how this has been made are also present.