Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

CapsuleFS A Multi-credential DataCapsule Filesystem

Qingyang Hu, Yucheng Huang, Manshi Yang

TL;DR

CapsuleFS introduces a multi-credential, POSIX-compliant filesystem built on GDP's DataCapsule paradigm, implemented with a DataCapsule server, a Trusted Execution Environment–secured middleware, and a FUSE-based client. It couples per-block ACLs, Merkle-style integrity checks, and journaling to provide secure, auditable writes while maintaining filesystem usability. Evaluation shows functional correctness with slower write performance dominated by cryptographic operations, and highlights clear optimization opportunities in caching, prefetching, and network-stack design. The work outlines concrete future improvements, including server-side batching, Sigchain-like key management, and dynamic caching, to enhance practicality for real-world software development.

Abstract

CapsuleFS (CFS) is the first filesystem to integrate multi-credential functionality within a POSIX-compliant framework, utilizing DataCapsule as the storage provider. This innovative system is established based on the Global Data Plane in the area of edge computing. Our comprehensive design and implementation of CFS successfully fulfill the objective of providing a multi-credential Common Access API. The architecture of CFS is methodically segmented into three integral components: Firstly, the DataCapsule server, tasked with the storage, dissemination, and replication of DataCapsules on the edge. Secondly, the middleware, a crucial element running in a Trusted Execution Environment responsible for the enforcement and management of write permissions and requests. Finally, the client component, which manifests as a POSIX-compliant filesystem, is adaptable and operational across many architectures. Experimental evaluations of CFS reveal that, while its read and write performances are comparatively modest, it upholds a high degree of functional correctness. This attribute distinctly positions CFS as a viable candidate for application in real-world software development scenarios. The paper also delineates potential future enhancements, aimed at augmenting the practicality of CFS in the landscape of software development.

CapsuleFS A Multi-credential DataCapsule Filesystem

TL;DR

CapsuleFS introduces a multi-credential, POSIX-compliant filesystem built on GDP's DataCapsule paradigm, implemented with a DataCapsule server, a Trusted Execution Environment–secured middleware, and a FUSE-based client. It couples per-block ACLs, Merkle-style integrity checks, and journaling to provide secure, auditable writes while maintaining filesystem usability. Evaluation shows functional correctness with slower write performance dominated by cryptographic operations, and highlights clear optimization opportunities in caching, prefetching, and network-stack design. The work outlines concrete future improvements, including server-side batching, Sigchain-like key management, and dynamic caching, to enhance practicality for real-world software development.

Abstract

CapsuleFS (CFS) is the first filesystem to integrate multi-credential functionality within a POSIX-compliant framework, utilizing DataCapsule as the storage provider. This innovative system is established based on the Global Data Plane in the area of edge computing. Our comprehensive design and implementation of CFS successfully fulfill the objective of providing a multi-credential Common Access API. The architecture of CFS is methodically segmented into three integral components: Firstly, the DataCapsule server, tasked with the storage, dissemination, and replication of DataCapsules on the edge. Secondly, the middleware, a crucial element running in a Trusted Execution Environment responsible for the enforcement and management of write permissions and requests. Finally, the client component, which manifests as a POSIX-compliant filesystem, is adaptable and operational across many architectures. Experimental evaluations of CFS reveal that, while its read and write performances are comparatively modest, it upholds a high degree of functional correctness. This attribute distinctly positions CFS as a viable candidate for application in real-world software development scenarios. The paper also delineates potential future enhancements, aimed at augmenting the practicality of CFS in the landscape of software development.

Paper Structure

This paper contains 49 sections, 8 figures, 3 tables.

Table of Contents

  1. Introduction
  2. Threat Model
  3. Man-in-the-middle attack(MITM)
  4. Dishonest server
  5. Leaked private key
  6. Leaked private key
  7. Related Work
  8. Global Data Plane (GDP)
  9. CapsuleDB
  10. IPFS
  11. Design
  12. Architecture
  13. DataCapsule Server
  14. Middleware
  15. CFS Client
  16. ...and 34 more sections

Figures (8)

  • Figure 1: Threat Model: Man-in-the-middle Attack
  • Figure 2: Threat Model: Dishonest Server
  • Figure 3: Threat Model: Leaked Key
  • Figure 4: DataCapsule structure8885071
  • Figure 5: CFS Architecture
  • ...and 3 more figures