Question regarding group management of documents

Adam Shostack adam at homeport.org
Thu Jan 16 10:56:21 EST 2003


Groove does this; they have a 30ish page white paper on security of
document management.  I have a few quibbles with their design (way too
many crypto algorithms, and its not clear why, or if they might
interact badly, and perhaps cert verification in a corporate
environment could be better, but overall it looks very solid.)

http://www.groove.net/products/workspace/security.html

Now if only they had a Mac client!

Adam


On Thu, Jan 16, 2003 at 09:38:04AM +0100, Birger Toedtmann wrote:
| 
| Hi,
| 
| can anyone pinpoint me to some papers on this - the Net did not show 
| up anything useful (and I hope it's not my lacking competence in using
| Google).
| 
| 
| I'd like to use a server to share documents between users.  The users
| are grouped, i.e. a user of group A should not be able to read the
| docs of group B (if not a member of it).  There are conceptually two
| possible ways to design this:
| 
|  * use an "out-band-process" (an operating system watching over
|    file permissions, a web service verifying user credentials etc.)
| 
|  * use in-band crypto on the document itself, i.e. the "permissions"
|    are inherently tied to the bits it consists of
| 
| I wanted to use the latter with a critical constraint: ease of deploy-
| ment (at least in a sense) which basically means that we don't want
| to write a new client but use freely available ones.  So my first 
| guess was to PGP-encrypt the files on the server using the public 
| keys of the group-members.  The server obviously should not have the 
| secret keys of them.  I further assume that (a) a member-no-more takes 
| his secret key with him and (b) the server may be hacked but the hacker 
| should not be able to read the documents (but may corrupt/delete them).
| 
| So far, so good.  Now a user leaves a group.  As the server is not
| able to decrypt files and we don't want someone to decrypt 1000 files
| of a group and re-encrypt them again with the members left, it would
| be possible to just encrypt the already-crypted file again with the
| "new" group of the remaining members (adding sort of a second armor).
| Despite this being quite stressing for users if a file has some-20
| armors, I did not come up with an idea for adding *new* members to a
| group....
| 
| 
| Well, maybe I'm already on the wrong track for this issue, so I 
| appreciate any suggestions or hints to sites/papers discussing these 
| problems.
| 
| 
| Regards,
| 
| Birger Tödtmann
| 
| ---------------------------------------------------------------------
| The Cryptography Mailing List
| Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com



More information about the cryptography mailing list