ICFS/README.md

31 lines
1.1 KiB
Markdown
Raw Normal View History

2024-11-17 20:23:00 +01:00
# ICFS -- Interactively Controlled File System
2024-11-13 15:26:45 +01:00
2024-11-17 20:23:00 +01:00
## Motivation
2024-11-13 15:29:10 +01:00
2024-11-17 20:23:00 +01:00
Traditional access control mechanisms in operating systems allow the same level
of access to all processes running on behalf of the same user. This typically
enables malicious processes to read and/or modify all data accessible to the
user running a vulnerable application. It can be dealt using various mandatory
access control mechanisms, but these are often complicated to configure and are
rarely used in common user oriented scenarios. This thesis focuses on design
and implementation of a file system layer which delegates the decision to allow
or deny access to a file system object by a specific process to the user.
2024-11-13 15:29:10 +01:00
## Goals
2024-11-17 20:23:00 +01:00
- Analyze the problem and design a solution
- Implement the solution using the FUSE framework
- Test the solution and demonstrate its benefits
2024-11-13 20:16:31 +01:00
## Docs
2024-11-17 20:23:00 +01:00
- [Initial idea and motivation](./docs/bc-thesis-idea.md)
- [Some identified issues](./docs/bc-thesis-problems.md)
- [Formal specification](./docs/bc-thesis-specs.md)
2024-11-14 10:14:42 +01:00
## Credit
2024-11-14 10:16:54 +01:00
2024-11-17 20:23:00 +01:00
_Student:_ Fedir Kovalov
2024-11-14 10:16:54 +01:00
2024-11-17 20:23:00 +01:00
_Supervisor:_ RNDr. Jaroslav Janáček, PhD.