Coordinator: Claudia-Lavinia Ignat (COAST)
Participants: Claudia-Lavinia Ignat (COAST), Davide Frey (WIDE), Gérald Oster (COAST), Amine Ismail (hive)
Context
Besides providing high availability and data consistency, a distributed file storage system must provide an access control mechanism that ensures that an unauthorized access to data is prohibited and an authorized access to data always succeeds. The main challenge in the context of a P2P storage is that the access-control mechanism should not rely on a central authority to manage the rights of data belonging to different clients and companies. Such an access-control mechanism should be distributed and each client or company should be able to master the access rights associated with their data. The lack of a central authority raises issues of group management such as joining and leaving the group as well as rights revocation. Besides the modifications on shared documents, the access control policies such as granting and revoking a right might also be subject to Byzantine and Sybil attacks
Objective
In this project we will propose a security mechanism that has to deal with access control of users to the shared documents as well as with end-to-end encryption of data and with key management suitable for dynamic user groups. Leveraging on the results of Axis 3, our security mechanism will be able to handle Byzantine and Sybil attacks