@inproceedings{55ca887e51514e9a90f64a9f02ef6084,
title = "An implementation of a secure version of NFS including RBAC",
abstract = "The NFS protocol provides transparent remote access to shared file systems across networks. It is very popular particularly in Unix networks where it is probably the most common distributed file system technology. NFS however is rarely used outside closed protected networks, because its security is notoriously weak. In 1998 Sun Microsystems released what is considered the first attempt at providing comprehensive security to NFS: a security flavour called RPCSEC_GSS based on Kerberos V5 and the GSS-API. The main benefit of this version over previous versions is that for the first time each NFS file access call could be protected. This paper outlines our efforts to secure NFS producing a security solution with even greater functionality. The major new functionality is that users may optionally use an access control system based on role based access control (RBAC). RBAC allows users to log in, be provided with a role, and use this to transparently access their remote files through secure NFS. There are also other advantages provided, for example security for the mount protocol and the option of public-key technology for authentication and key distribution. NFS has been secured with SESAME V4 and the practicality and performance of this mechanism has been demonstrated by modifying the Linux kernel and NFS utilities.",
author = "Paul Ashley and Bradley Broom and Mark Vandenwauver",
note = "Publisher Copyright: {\textcopyright} Springer-Verlag Berlin Heidelberg 1999.; 4th Australasian Conference on Information Security and Privacy, ACISP 1999 ; Conference date: 07-04-1999 Through 09-04-1999",
year = "1999",
doi = "10.1007/3-540-48970-3_18",
language = "English (US)",
isbn = "3540657568",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "213--227",
editor = "Josef Pieprzyk and Rei Safavi-Naini and Jennifer Seberry",
booktitle = "Information Security and Privacy - 4th Australasian Conference, ACISP 1999, Proceedings",
}