POSIXLY SECURE OPEN AND ACCESS FILES BY INODE NUMBER

US 20170140165A1
Filed: 11/17/2015
Published: 05/18/2017
Est. Priority Date: 11/17/2015
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by a process executed by a processor, a request for a ticket for traversing a file system;

generating, by the process, a secure key for a unique handle object based on the request for the ticket;

generating an authentication code for the ticket using a numeric file identifier and the secure key;

in response to reading a directory with POSIX x and r permissions according to directory permission bits or an access control list (ACL), returning the ticket including ticket information comprising the numeric file identifier, generation information and the authentication code;

in response to a request to open a directory, validating the ticket information based on the secure key; and

opening a directory for reading using the validated ticket information and the unique handle.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for secure portable operating system interface (POSIX) directory traversing for opening and accessing files by inode number. The method includes receiving, by a process executed by a processor, a request for a ticket for traversing a file system. The process generates a secure key for a unique handle object based on the request for the ticket. An authentication code is generated for the ticket using a numeric file identifier and the secure key. In response to reading a directory with POSIX x and r permissions according to directory permission bits or an access control list (ACL), the ticket is returned including ticket information including the numeric file identifier, generation information and the authentication code. In response to a request to open a directory, the ticket information is validated based on the secure key. A directory is opened for reading using the validated ticket information and the unique handle.

14 Citations

View as Search Results

20 Claims

1. A method comprising:
- receiving, by a process executed by a processor, a request for a ticket for traversing a file system;
  
  generating, by the process, a secure key for a unique handle object based on the request for the ticket;
  
  generating an authentication code for the ticket using a numeric file identifier and the secure key;
  
  in response to reading a directory with POSIX x and r permissions according to directory permission bits or an access control list (ACL), returning the ticket including ticket information comprising the numeric file identifier, generation information and the authentication code;
  
  in response to a request to open a directory, validating the ticket information based on the secure key; and
  
  opening a directory for reading using the validated ticket information and the unique handle.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein validating the ticket information comprises:
    - regenerating the authentication code using the numeric file identifier, the generation information and the secure key; and
      
      comparing the authentication code with the regenerated authentication code.
  - 3. The method of claim 2, further comprising:
    - in response to a failure of validating the ticket information, revoking the unique handle.
  - 4. The method of claim 3, further comprising:
    - generating a plurality of tickets for the particular handle for access to a block of inodes;
      
      receiving a list for the block of inodes including the plurality of tickets each including particular ticket information that comprises a particular numeric file identifier, particular generation information and a particular authentication code;
      
      validating the plurality of particular ticket information for each of the plurality of tickets;
      
      filtering inodes of the block of inodes included in the plurality of tickets; and
      
      copying only requested inodes included in the plurality of tickets for which validated particular ticket information exists.
  - 5. The method of claim 4, wherein validating the plurality of particular ticket information comprises passing the list into a read next inodes with tickets process.
  - 6. The method of claim 5, further comprising:
    - creating the list of tickets in a buffer device in a structure having the particular numeric file identifier, the particular generation information and padding for the particular authentication code for placing each inode at a proper memory address boundary, wherein the padding in the structure is selected such that a length of the particular numeric file identifier added to a length of the padding is a length of a basic encryption block;
      
      encrypting the buffer under the secure key using codebook mode to regenerate the particular authentication codes; and
      
      validating the plurality of ticket information for each of the plurality of tickets comprises comparing the particular authentication codes with the regenerated particular authentication codes.
  - 7. The method of claim 2, further comprising:
    - generating a plurality of tickets for the particular handle for access to a block of dirents;
      
      receiving a list for the block of dirents including the plurality of tickets each including particular ticket information that comprises a particular numeric file identifier, particular generation information and a particular authentication code;
      
      validating the plurality of particular ticket information for each of the plurality of tickets;
      
      filtering dirents of the block of dirents included in the plurality of tickets; and
      
      copying only requested dirents included in the plurality of tickets for which validated particular ticket information exists.
  - 8. The method of claim 7, further comprising:
    - operating the process in parallel over multiple computing nodes based on transferring the unique handle to one or more other processes on the multiple computing nodes by;
      
      packaging handle values into a message, wherein the handle values comprise user identification, group identification, the secure key, expiration time, and file system identification; and
      
      encrypting and signing the message using secure sockets layer (SSL) public and private key encryption using security keys used in a particular cluster,wherein a helper process passes the message to its local file system via the process and receives a local handle that has a same function and authorizations as the particular handle.

9. A computer program product for secure portable operating system interface (POSIX) directory traversing for opening and accessing files by inode number, the computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a processor to cause the processor to:
- receive, by the processor, a request for a ticket for traversing a file system;
  
  generate, by the processor, a secure key for a unique handle object based on the request for the ticket;
  
  generate, by the processor, an authentication code for the ticket using a numeric file identifier and the secure key;
  
  in response to reading a directory with POSIX x and r permissions according to directory permission bits or an access control list (ACL), return, by the processor, the ticket including ticket information comprising the numeric file identifier, generation information and the authentication code;
  
  in response to a request to open a directory, validate, by the processor, the ticket information based on the secure key; and
  
  open, by the processor, a directory for reading using the validated ticket information and the unique handle.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The computer program product of claim 9, wherein validate the ticket information comprises program instructions executable by the processor to cause the processor to:
    - regenerate the authentication code using the numeric file identifier, the generation information and the secure key; and
      
      compare the authentication code with the regenerated authentication code.
  - 11. The computer program product of claim 10, further comprising program instructions executable by the processor to cause the processor to:
    - in response to a failure of validating the ticket information, revoke the unique handle.
  - 12. The computer program product of claim 11, further comprising program instructions executable by the processor to cause the processor to:
    - generate, by the processor, a plurality of tickets for the particular handle for access to a block of inodes;
      
      receive, by the processor, a list for the block of inodes including the plurality of tickets each including particular ticket information that comprises a particular numeric file identifier, particular generation information and a particular authentication code;
      
      validate, by the processor, the plurality of particular ticket information for each of the plurality of tickets;
      
      filter, by the processor, inodes of the block of inodes included in the plurality of tickets; and
      
      copy, by the processor, only requested inodes included in the plurality of tickets for which validated particular ticket information exists.
  - 13. The computer program product of claim 12, further comprising program instructions executable by the processor to cause the processor to:
    - create, by the processor, the list of tickets in a buffer device in a structure having the particular numeric file identifier, the particular generation information and padding for the particular authentication code for placing each inode at a proper memory address boundary, wherein the padding in the structure is selected such that a length of the particular numeric file identifier added to a length of the padding is a length of a basic encryption block;
      
      encrypt, by the processor, the buffer under the secure key using codebook mode to regenerate the particular authentication codes; and
      
      validate, by the processor, the plurality of ticket information for each of the plurality of tickets comprises comparing the particular authentication codes with the regenerated particular authentication codes.
  - 14. The computer program product of claim 10, further comprising program instructions executable by the processor to cause the processor to:
    - generate, by the processor, a plurality of tickets for the particular handle for access to a block of dirents;
      
      receive, by the processor, a list for the block of dirents including the plurality of tickets each including particular ticket information that comprises a particular numeric file identifier, particular generation information and a particular authentication code;
      
      validate, by the processor, the plurality of particular ticket information for each of the plurality of tickets;
      
      filter, by the processor, dirents of the block of dirents included in the plurality of tickets; and
      
      copy, by the processor, only requested dirents included in the plurality of tickets for which validated particular ticket information exists.
  - 15. The computer program product of claim 10, further comprising program instructions executable by the processor to cause the processor to:
    - operate the process in parallel over multiple computing nodes based on transferring the unique handle to one or more other processes on the multiple computing nodes by;
      
      packaging handle values into a message, wherein the handle values comprise user identification, group identification, the secure key, expiration time, and file system identification; and
      
      encrypting and signing the message using secure sockets layer (SSL) public and private key encryption using security keys used in a particular cluster,wherein a helper process passes the message to its local file system via the process and receives a local handle that has a same function and authorizations as the particular handle.

16. An apparatus comprising:
- a ticket processor configured to receive a request for a ticket for traversing a file system;
  
  a cryptographic processor configured to generate a secure key for a unique handle object based on the request for the ticket, and to generate an authentication code for the ticket using a numeric file identifier and the secure key;
  
  the ticket processor further configured to return the ticket including ticket information in response to a request to read a directory with POSIX x and r permissions according to directory permission bits or an access control list (ACL), wherein the ticket information comprises the numeric file identifier, generation information and the authentication code; and
  
  a validation processor configured to validate the ticket information based on the secure key in response to a request to open a directory;
  
  wherein a directory of the file system is opened for reading using the validated ticket information and the unique handle.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The apparatus of claim 16, wherein:
    - the cryptographic processor is configured to regenerate the authentication code using the numeric file identifier, the generation information and the secure key;
      
      the validation processor is configured to compare the authentication code with the regenerated authentication code; and
      
      in response to a failure of validating the ticket information, the ticket processor is configured to revoke the unique handle.
  - 18. The apparatus of claim 17, wherein:
    - the ticket processor is configured to generate a plurality of tickets for the particular handle for access to a block of inodes, receive a list for the block of inodes including the plurality of tickets each including particular ticket information that comprises a particular numeric file identifier, particular generation information and a particular authentication code;
      
      the validation processor is configured to validate the plurality of particular ticket information for each of the plurality of tickets, filter inodes of the block of inodes included in the plurality of tickets, and copy only requested inodes included in the plurality of tickets for which validated particular ticket information exists.
  - 19. The apparatus of claim 18, wherein:
    - the ticket processor is configured to create the list of tickets in a buffer device in a structure having the particular numeric file identifier, the particular generation information and padding for the particular authentication code for placing each inode at a proper memory address boundary, wherein the padding in the structure is selected such that a length of the particular numeric file identifier added to a length of the padding is a length of a basic encryption block;
      
      the cryptographic processor is configured to encrypt the buffer under the secure key using codebook mode to regenerate the particular authentication codes; and
      
      the validation processor is configured to validate the plurality of ticket information for each of the plurality of tickets comprises comparing the particular authentication codes with the regenerated particular authentication codes.
  - 20. The apparatus of claim 19, wherein:
    - the ticket processor is configured to generate a plurality of tickets for the particular handle for access to a block of dirents, and receive a list for the block of dirents including the plurality of tickets each including particular ticket information that comprises a particular numeric file identifier, particular generation information and a particular authentication code; and
      
      the validation processor is configured to validate the plurality of particular ticket information for each of the plurality of tickets, filter dirents of the block of dirents included in the plurality of tickets, and copy only requested dirents included in the plurality of tickets for which validated particular ticket information exists.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Sawdon, Wayne A., Kaplan, Marc A.

Granted Patent

US 9,824,233 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/335   for accessing specific reso...

G06F 21/6218   to a system of files or obj...

H04L 2209/20   Manipulating the length of ...

H04L 9/3213   using tickets or tokens, e....

H04L 9/3242   involving keyed hash functi...

POSIXLY SECURE OPEN AND ACCESS FILES BY INODE NUMBER

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

14 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

POSIXLY SECURE OPEN AND ACCESS FILES BY INODE NUMBER

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links