Confidentiality and Authenticity for Distributed Version Control Systems - A Mercurial Extension

Version Control Systems (VCS) are a valuable tool for software development and document management. Both client/server and distributed (Peer-to-Peer) models exist, with the latter (e.g., Git and Mercurial) becoming increasingly popular. Their distributed nature introduces complications, especially c...

Full description

Saved in:
Bibliographic Details
Published in:2016 IEEE 41st Conference on Local Computer Networks (LCN) pp. 1 - 9
Main Authors: Lass, Michael, Leibenger, Dominik, Sorge, Christoph
Format: Conference Proceeding
Language:English
Published: IEEE 01.11.2016
Subjects:
Access control
Encryption
History
Permission
Synchronization
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Version Control Systems (VCS) are a valuable tool for software development and document management. Both client/server and distributed (Peer-to-Peer) models exist, with the latter (e.g., Git and Mercurial) becoming increasingly popular. Their distributed nature introduces complications, especially concerning security: it is hard to control the dissemination of contents stored in distributed VCS as they rely on replication of complete repositories to any involved user. We overcome this issue by designing and implementing a concept for cryptography-enforced access control which is transparent to the user. Use of field-tested schemes (end-to-end encryption, digital signatures) allows for strong security, while adoption of convergent encryption and content-defined chunking retains storage efficiency. The concept is seamlessly integrated into Mercurial-respecting its distributed storage concept-to ensure practical usability and compatibility to existing deployments.
DOI:10.1109/LCN.2016.11