Laboratory for Intelligent Information Systems
Department of Computer and Information Science
Linköping University, S-581 83 Linköping, Sweden
Telephone: (+46) 132 826 08, 132 820 66, Fax: (+46) 132 826 66
Email: {matgu,
e96bende,
nahsh}@ida.liu.se
Abstract. In this paper we present a design for a modified NFS server that through simple additions makes it possible to place an exported file system under Role-Based Access Control.
Role-Based Access Control (RBAC) is an efficient way for managing access control information. However, most access control systems today do not support RBAC. As a solution to this problem, the modified NFS server we present here makes it possible to introduce RBAC into existing environments in a transparent manner.
We have implemented our design as an extension to the Linux User Space NFS Server running on a Linux 2.0 system. Our implementation demonstrates the feasibility of our main idea. However, tests show that performance of our server needs to be improved, something we believe can be achieved through code optimizations.
Keywords: Role Based Access Control, NFS, Distributed systems, Legacy systems
This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.
Provided you adhere to the abovesaid, the paper is available for download in PostScript format.