Home

Laissez-faire file sharing: Access control designed for individuals at the endpoints

Maritza Lupe Johnson; Steven Michael Bellovin; Robert W. Reeder; Stuart E. Schechter

Title:
Laissez-faire file sharing: Access control designed for individuals at the endpoints
Author(s):
Johnson, Maritza Lupe
Bellovin, Steven Michael
Reeder, Robert W.
Schechter, Stuart E.
Date:
Type:
Articles
Department:
Computer Science
Permanent URL:
Notes:
New Security Paradigms Workshop: Proceedings, September 8-11, 2009, The Queen's College University of Oxford, UK (New York: Association for Computing Machinery, 2009), pp. 1-10.
Abstract:
When organizations deploy file systems with access control mechanisms that prevent users from reliably sharing files with others, these users will inevitably find alternative means to share. Alas, these alternatives rarely provide the same level of confidentiality, integrity, or auditability provided by the prescribed file systems. Thus, the imposition of restrictive mechanisms and policies by system designers and administrators may actually reduce the system's security. We observe that the failure modes of file systems that enforce centrally-imposed access control policies are similar to the failure modes of centrally-planned economies: individuals either learn to circumvent these restrictions as matters of necessity or desert the system entirely, subverting the goals behind the central policy. We formalize requirements for laissez-faire sharing, which parallel the requirements of free market economies, to better address the file sharing needs of information workers. Because individuals are less likely to feel compelled to circumvent systems that meet these laissez-faire requirements, such systems have the potential to increase both productivity and security.
Subject(s):
Computer science
Publisher DOI:
10.1145/1719030.1719032
Item views:
187
Metadata:
text | xml

In Partnership with the Center for Digital Research and Scholarship at Columbia University Libraries/Information Services | Terms of Use