Practical protection for personal storage in the cloud

Abstract

We present a storage management framework for Web 2.0 services that places users back in control of their data. Current Web services complicate data management due to data lock-in and lack usable protection mechanisms, which makes cross-service sharing risky. Our framework allows multiple Web services shared access to a single copy of data that resides on a personal storage repository, which the user acquires from a cloud storage provider. Access control is based on hierarchically, filtered views, which simplify cross-cutting policies, and enable least privilege management. We also integrate a powerbox [16], which allows applications to request additional authority at run time thereby enabling applications running under a least privilege regime to provide useful open and save as dialogs.