Capability File Names over HTTP
Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
File access over the Internet adds a whole new dimension to the continuously evolving World Wide Web. Considering its significance in the big picture, there exists a need to provide a completely secure and exible way to share and access content existing on a file host web server somewhere over the Internet. A number of access control mechanisms attempt to do this with moderate success with most of them lacking the ability to allow sharing of information to unauthenticated users and adequate file-based access control capabilities.
Capability File Names provide a new and completely unique access control mechanism that uses file names as a means to store access control information against files on a remote location and allows a user unhindered access to his files along with the capability to delegate rights as deemed necessary.
The aim of this thesis project has been to develop a prototype implementation that makes use of Capability File Names as a way to control access to files and folders placed on an HTTP Web Server over the Internet. It involves a Linux implementation on the client-side using "FUSE" (Filesystem in Userspace) with a server-side implementation using Java Server Pages (JSP). The access control features have entirely been implemented on server side with the client user only needing the Capability File Names pointing to the original files on the server to gain access to them. In addition to the server and client applications, there is a separate utility provided to the user hosting the server allowing generation of Capability File Names against files located on the server.
Place, publisher, year, edition, pages
2010. , 93 p.
IdentifiersURN: urn:nbn:se:kth:diva-26393OAI: oai:DiVA.org:kth-26393DiVA: diva2:372412
Hidell, Markus, Univ. lektor