A Flexible File Sharing Mechanism for iRODS

Authors

A. Couch
David G. Tarboton, Utah State UniversityFollow
R. Idaszak
Jeffery S. Horsburgh, Utah State UniversityFollow
H. Yi
M. Stealey

Document Type

Conference Paper

Publisher

Chapel Hill, iRODSConsortium

Publication Date

6-10-2015

First Page

61

Last Page

68

Abstract

The traditional iRODS mechanisms for file sharing, including user groups, often require some form of iRODS administrative privilege. In the HydroShare project for enabling hydrology research, we perceived a need for more flexible file sharing, including unprivileged creation and management of user groups according to policies quite distinct from the Linux/Unix policies that initially motivated iRODS protections. This is enabled by a policy database in PostgreSQL and management API written in Python that are deployed in parallel to iCAT. Innovations in iRODS 4.1 allow access control based upon this PostgreSQL database rather than the default iCAT server, by interposing access control code before the access event using iRODS Policy Enforcement Points. The result is an access control mechanism that closely matches scientific needs for file sharing, and brings “dropbox-like” file sharing semantics to the network filesystem level.

Comments

http://irods.org/wp-content/uploads/2015/09/UMG2015_P.pdf

Recommended Citation

Couch, A.; Tarboton, David G.; Idaszak, R.; Horsburgh, Jeffery S.; Yi, H.; and Stealey, M., "A Flexible File Sharing Mechanism for iRODS" (2015). Civil and Environmental Engineering Faculty Publications. Paper 2526.
https://digitalcommons.usu.edu/cee_facpub/2526