原文地址  https://security.googleblog.com/2017/02/another-option-for-file-sharing.html

Another option for file sharing

February 21, 2017
Posted by Andrew Gerrand, Eric Grosse, Rob Pike, Eduardo Pinheiro and Dave Presotto, Google Software Engineers

Existing mechanisms for file sharing are so fragmented that people waste time on multi-step copying and repackaging. With the new project Upspin, we aim to improve the situation by providing a global name space to name all your files. Given an Upspin name, a file can be shared securely, copied efficiently without "download" and "upload", and accessed by anyone with permission from anywhere with a network connection.

Our target audience is personal users, families, or groups of friends. Although Upspin might have application in enterprise environments, we think that focusing on the consumer case enables easy-to-understand and easy-to-use sharing.

File names begin with the user's email address followed by a slash-separated Unix-like path name:
ann@example.com/dir/file.

Any user with appropriate permission can access the contents of this file by using Upspin services to evaluate the full path name, typically via a FUSE filesystem so that unmodified applications just work. Upspin names usually identify regular static files and directories, but may point to dynamic content generated by devices such as sensors or services.

If the user wishes to share a directory (the unit at which sharing privileges are granted), she adds a file called Access to that directory. In that file she describes the rights she wishes to grant and the users she wishes to grant them to. For instance,

read: joe@here.com, mae@there.com

allows Joe and Mae to read any of the files in the directory holding the Access file, and also in its subdirectories. As well as limiting who can fetch bytes from the server, this access is enforced end-to-end cryptographically, so cleartext only resides on Upspin clients, and use of cloud storage does not extend the trust boundary.

Upspin looks a bit like a global file system, but its real contribution is a set of interfaces, protocols, and components from which an information management system can be built, with properties such as security and access control suited to a modern, networked world. Upspin is not an "app" or a web service, but rather a suite of software components, intended to run in the network and on devices connected to it, that together provide a secure, modern information storage and sharing network. Upspin is a layer of infrastructure that other software and services can build on to facilitate secure access and sharing. This is an open source contribution, not a Google product. We have not yet integrated with the Key Transparency server, though we expect to eventually, and for now use a similar technique of securely publishing all key updates. File storage is inherently an archival medium without forward secrecy; loss of the user's encryption keys implies loss of content, though we do provide for key rotation.

It’s early days, but we’re encouraged by the progress and look forward to feedback and contributions. To learn more, see the GitHub repository at upspin.

Another option for file sharing(转)的更多相关文章

  1. Adding AirDrop File Sharing Feature to Your iOS Apps

    http://www.appcoda.com/ios7-airdrop-programming-tutorial/ Adding AirDrop File Sharing Feature to You ...

  2. RH253读书笔记(5)-Lab 5 Network File Sharing Services

    Lab 5 Network File Sharing Services Goal: Share file or printer resources with FTP, NFS and Samba Se ...

  3. Delphi 10.3.1 Secure File Sharing解决应用间文件共享

    Delphi 10.3.1 为Android项目提供了Secure File Sharing选择项,默认是False.这一项是设置什么呢? 原来,Android 7及以后的版本,为了加强OS的安全性, ...

  4. HDU 3269 P2P File Sharing System(模拟)(2009 Asia Ningbo Regional Contest)

    Problem Description Peer-to-peer(P2P) computing technology has been widely used on the Internet to e ...

  5. How to configure windows machine to allow file sharing with dns alias (CNAME)

    Source: http://serverfault.com/questions/23823/how-to-configure-windows-machine-to-allow-file-sharin ...

  6. Peer to Peer File Sharing Through WCF

    http://www.codeproject.com/Articles/614028/Peer-to-Peer-File-Sharing-Through-WCF https://github.com/ ...

  7. Solve Docker for Windows error: docker detected, A firewall is blocking file Sharing between Windows and the containers

    被这个“分享硬盘”问题烦了我好几个小时,终于在一个叫Marco Mansi外国人博客上找到解决方法了,真的很无奈 https://blog.olandese.nl/2017/05/03/solve-d ...

  8. Easy File Sharing Web Server 6.9远程溢出漏洞

    from struct import pack import socket,sys import os host="192.168.109.129" port=80 junk0 = ...

  9. File I/O

    File I/O Introduction     We'll start our discussion of the UNIX System by describing the functions ...

随机推荐

  1. 条件注释判断IE版本

    在学习Bootstra的时候看到这么一句话, <!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media ...

  2. Mariadb Galera Cluster 群集 安装部署

    #Mariadb Galera Cluster 群集 安装部署 openstack pike 部署  目录汇总 http://www.cnblogs.com/elvi/p/7613861.html # ...

  3. ES6模块化

    关于ES6模块化 历史上,JavaScript 一直没有模块(module)体系,无法将一个大程序拆分成互相依赖的小文件,再用简单的方法拼装起来.其他语言都有这项功能,比如 Ruby 的require ...

  4. ACM HDU 1081 To The Max

     To The Max Time Limit: 2000/1000 MS (Java/Others)    Memory Limit: 65536/32768 K (Java/Others) To ...

  5. HDU 1754 线段树 单点跟新 HDU 1166 敌兵布阵 线段树 区间求和

    I Hate It Time Limit: 9000/3000 MS (Java/Others)    Memory Limit: 32768/32768 K (Java/Others) Total ...

  6. 负载均衡之nginx

    什么是负载均衡负载均衡(Load Balance)是分布式系统架构设计中必须考虑的因素之一,它通常是指,将请求/数据[均匀]分摊到多个操作单元上执行,负载均衡的关键在于[均匀].在使用nginx负载均 ...

  7. UWP 判断系统版本

    public class VersionsHelper { , ); , ); , ); , ); , ); }

  8. Codeforces 821E Okabe and El Psy Kongroo

    题意:我们现在位于(0,0)处,目标是走到(K,0)处.每一次我们都可以从(x,y)走到(x+1,y-1)或者(x+1,y)或者(x+1,y+1)三个位子之一.现在一共有N段线段,每条线段都是平行于X ...

  9. Django使用遇到的各种问题及解决方法

    从Django的 搭建开始,遇到的问题就不断,网站还没有发布,就出错了,我查了好多资料,啃得了不少东西,也没有找到合适的方法,终于没办法了,自己硬着头皮往下读,终于解决了这些问题,下面分享给大家. 代 ...

  10. 怎样在Ubuntu Scope中定义设置变量并读取

    在本遍文章中,我们来解说怎么对我们的Ubuntu Scope进行设置.对Scope而言,有些时候我们希望可以使用设置来改变我们的显示.或对我们的搜索进行又一次定义.关于很多其它Scope的开发,请參阅 ...