Use this URL to cite or link to this record in EThOS: http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.694591
Title: Secure file sharing
Author: Alsowail, Rakan
ISNI:       0000 0004 5992 2202
Awarding Body: University of Sussex
Current Institution: University of Sussex
Date of Award: 2016
Availability of Full Text:
Access from EThOS:
Full text unavailable from EThOS. Please try the link below.
Access from Institution:
Abstract:
File sharing has become an indispensable part of our daily lives. The shared files might be sensitive, thus, their confidentially, integrity and availability should be protected. Such protection might be against external threats that are initiated by unauthorised users or insider threats that are initiated by authorised users. Our main interest in this thesis is with insider threats. Protecting shared files against insiders is a challenging problem. Insiders enjoy various characteristics such as being trusted and authorised, in addition to being inside the network perimeter and having knowledge of information systems. This makes it difficult to prevent or detect policy violation for these users. The goal of this thesis is to protect shared files from the perspective of insider security with language-based techniques. In the first part of the thesis, we define what we mean by an insider and the insider problem precisely, and propose an approach to classify the insider problem into different categories. We then define and focus on one category that is related to file sharing. Namely, protecting the confidentiality and integrity of the shared files against accidental misuse by insiders. Furthermore, we classify the activity of file sharing into different categories that describe all possible ways of performing the activity of file sharing. These categories represent policies that describe how files should be propagated and accessed by insiders. We show that enforcing these policies can protect the files against accidental misuse by insiders while allowing the activity of sharing to be performed as desired. Thus our interest can be summarised as keeping honest users safe. In the second part of the thesis, we develop a security type system that statically enforces information flow and access control policies in a file system. Files are associated with security types that represent security policies, and programs are sets of operations to be performed on files such as read, copy, move, etc. A type checker, therefore, will statically check each operation to be performed on a file and determine whether the operation satisfies the policy of the file. We prove that our type system is sound and develop a type reconstruction algorithm and prove its soundness and completeness. The type system we developed in this thesis protects the files against accidental misuse by insiders.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.694591  DOI: Not available
Keywords: QA0075 Electronic computers. Computer science
Share: