[OpenAFS-devel] [GSoC 2010] Encrypted storage

[Simon Wilkinson]

On 25 Mar 2010, at 08:54, Rod Widdowson wrote:

>> I'll step back and ask:  what's your threat model?  What are you =
trying
>> to protect against?

The threat model is pretty clear, I think. It's for an environment where =
users want to be able to store files in a way that a server =
administrator cannot read them. That is, they trust the server to store =
the data they give it (and to back it up, etc) but they don't trust it =
not to eavesdrop on those contents, or to not disclose them to a third =
party.

In GSoC, the problem I think is tractable is the single user case, =
modelled around a user who wishes to encrypt their home directory so =
that it cannot be read without access to their key. In my environment, =
this is functionality that is regularly requested. It has the additional =
benefit that it allows some of the harder issues around key management =
to be deferred.

Cheers,

Simon.