University of Sussex
Browse
Alsowail, Rakan.pdf (2.48 MB)

Secure file sharing

Download (2.48 MB)
thesis
posted on 2023-06-09, 03:05 authored by Rakan Alsowail
File sharing has become an indispensable part of our daily lives. The shared files might be sensitive, thus, their confidentially, integrity and availability should be protected. Such protection might be against external threats that are initiated by unauthorised users or insider threats that are initiated by authorised users. Our main interest in this thesis is with insider threats. Protecting shared files against insiders is a challenging problem. Insiders enjoy various characteristics such as being trusted and authorised, in addition to being inside the network perimeter and having knowledge of information systems. This makes it difficult to prevent or detect policy violation for these users. The goal of this thesis is to protect shared files from the perspective of insider security with language-based techniques. In the first part of the thesis, we define what we mean by an insider and the insider problem precisely, and propose an approach to classify the insider problem into different categories. We then define and focus on one category that is related to file sharing. Namely, protecting the confidentiality and integrity of the shared files against accidental misuse by insiders. Furthermore, we classify the activity of file sharing into different categories that describe all possible ways of performing the activity of file sharing. These categories represent policies that describe how files should be propagated and accessed by insiders. We show that enforcing these policies can protect the files against accidental misuse by insiders while allowing the activity of sharing to be performed as desired. Thus our interest can be summarised as keeping honest users safe. In the second part of the thesis, we develop a security type system that statically enforces information flow and access control policies in a file system. Files are associated with security types that represent security policies, and programs are sets of operations to be performed on files such as read, copy, move, etc. A type checker, therefore, will statically check each operation to be performed on a file and determine whether the operation satisfies the policy of the file. We prove that our type system is sound and develop a type reconstruction algorithm and prove its soundness and completeness. The type system we developed in this thesis protects the files against accidental misuse by insiders.

History

File Version

  • Published version

Pages

211.0

Department affiliated with

  • Informatics Theses

Qualification level

  • doctoral

Qualification name

  • phd

Language

  • eng

Institution

University of Sussex

Full text available

  • Yes

Legacy Posted Date

2016-09-22

Usage metrics

    University of Sussex (Theses)

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC