Remote Data Security

Version 0.1

This proposal is in the public domain. It may be copied and modified -- provided that Jack Krupansky and Base Technology are credited and a link back to this original proposal is provided AND these same use and distribution terms are carried along.

TBD

Here are two superficially distinct but similar data security problems. The question is whether they are truly not isomorphic, or whether one approach can solve both problems.

A user within an organization gives his system administrator a set of data files with two caveats:
1. Assure that the files can be accessed by authorized remote users.
2. Assure that the files cannot be accessed by unauthorized users.
3. Mistakes on the part of the system administrator may not cause a catastrophic loss of data.
A user has a set of files that he wishes to place on a remote server, with two caveats:
1. This user and any other users that he authorizes must have full access to his own files on that remote server
2. No other users may have access to those remote files.
3. Mistakes on the part of the user (or authorized users) may not cause a catastrophic loss of data.

Some issues:

Somebody bribes the remote server system administrator.
Somebody physically removes the remote disk drive and directly accesses the data, bypassing any software, operating system, BIOS, or even on-drive protection circuitry.
User makes a mistake, horribly mangling his files (e.g., "rm *"). System support for recovering from "dumb user" mistakes is essential.
Mirroring, caching, and geographic and connective diversity to minimize impact of external threats.

This is only a preliminary, rough sketch of the concept. The goal is to enable users to securely store data remotely, while retaining full access, but precluding unauthorized access.

There's a lot more to it than that, but that's the basic idea. What do you think?

Updated: January 30, 2006 09:05:26 PM -0500