Securing the Web with DFS

By Mark Sherman, Director of Product Management, Transarc Corporation
and John Milburn, DSS Brand Manager, IBM Corporation


The growth and application of the World Wide Web has been nothing short of astounding. With today's browsers providing easy access to Web sites that offer more public content than ever before, information is both available and plentiful. Ironically, securing the Web is almost at odds with the reason that the Web developed into what it is today - a huge collection of sites whose owners want, and encourage, the public at large to encounter and explore.

The technologies that make the Web so incredibly easy to use as a public medium are a perfect fit for solving a wide range of problems - within and between corporations - where anonymous users with uncontrolled access simply isn't desirable. Such applications range from publishing research only intended for subscribers, to forums for inter-company collaboration, to internal human resources applications. These new applications of Web technologies have become known as intranets. In fact, intranets can be defined as Web applications that need to verify the identities of users, and check those identities against security databases to control access to Web objects. Providing this level of security using products originally designed to search out and access information is a challenge.

There is a solution available that enables companies to take a giant step forward in realizing the security needed by intranets - without changing the way people expect to use the Web. This solution is the Distributed File System (DFS(TM)) from the Open Software Foundation (OSF). DFS, a component of the OSF's Distributed Computing Environment (DCE), builds on the DCE's powerful and reliable security infrastructure to enable secure data access and sharing in any highly-networked environment. Combining DFS with the Web provides the functionality and security needed to satisfy even the most sensitive intranet business applications.

Controlling access to Web pages

The need to share vast amounts of information is what encourages organizations to establish intranets. However, one of the most commonly requested features in a Web-based intranet application is the ability to control who is given access to individual Web pages. Even within a single company, these controls are required. For example, sharing of product development plans, sales forecasts and human resources information is valuable, but only when the appropriate information is available to a specified collection of people. Unaltered, the Web is an all-or-nothing affair: if you can get access to anything, you can get access to everything.

DFS solves this problem by providing strict access control facilities. Users must identify themselves to DFS with a user ID and password, and all requests for file access are validated against access control lists (ACLs). ACLs are lists of people (or groups of people) who may access a file. When the file holds a Web page, ACLs limit viewing of the page to those individuals authorized by the DFS infrastructure. Companies can implement DFS in one of two ways: DFS supporting the Web server, and DFS acting as the Web server.

DFS supporting the Web server

The majority of what Web servers do is deliver HTML files - and other file-based Web objects such as images and audio clips - that they retrieve from the server's file system. Most sites today use a conventional UNIX- or NT-based networked file system for file access. The individual identities of people accessing Web sites are not known, so access to the HTML files is checked simply against the privileges given to the Web server itself. Unfortunately, this approach gives every user the same access to every file.

DFS - with DCE as its foundation - enhances Web security by checking file access privileges on a user-by-user basis. Enabling browsers and servers to use DFS is as simple as using built-in facilities (or simple 'plug-ins') on the browser side to ask for a user ID and password, and applying a patch to the Web server that passes security credentials to DFS when objects are accessed. Once configured, DFS treats all requests from the Web server as if they were coming directly from a DFS user and acts accordingly from an access control perspective. Administrators use standard DCE security facilities to define users, groups, and manage ACL tables.

DFS as a Web server

The method described above secures access to pages at the Web server. The same access control is also available at the browser when the browser machine is configured as a DFS client. Fundamentally, a browser is a program that accepts a specially formatted file (HTML) and displays it on the screen with fonts, pictures, sound and so on. Browsers contain a variety of methods by which they can retrieve HTML pages, such as HTTP and FTP. Browsers also contain the ability to view an HTML files and other Web objects stored on the local machine using 'file-style' URLs instead of the more common 'HTTP' style. Many browsers also assume that URLs that specify no type also refer to files local to the browser machine.

DFS clients on the browser machine make information located on DFS file servers appear to be local. DFS servers can be located anywhere in intranets or the Internet itself. Because the DFS users must log in with user IDs and passwords, browser users will already be authenticated with DFS. DFS then controls all request for Web-based content using the standard DFS ACL mechanism. No changes are needed in the browsers to gain this security.

Guaranteeing the
integrity of Web pages

Another security concern for intranet applications is that information not be changed from when it leaves the Web server until delivery to the browser. It has been proven that powerful PCs acting as gateways and routers can intercept network traffic and change packets as they pass by. The integrity of Web pages is constrained to the underlying network protocols.


DFS, by leveraging the DCE infrastructure, ensures that packets are unaltered from when they leave the DFS server to when they reach the DFS client. When DFS is acting as a Web server, this capability ensures that no alteration of pages takes place as the information travels through the network to the browser.

DFS can go even further: it can prevent unauthorized viewing of the Web pages as they travel across the network. Using a feature called "packet privacy," DFS encrypts page data between the DFS server and the DFS client. This capability ensures that no intermediate carrier or broadcast sniffer can inspect the data as it travels across the network. Hence, DFS offers the ability to deliver sensitive pages across public networks.

The lightweight DFS desktop

Some security benefits, such as page integrity, require a DFS client to be running along with the browser. However, a DFS client may not be available for your desktop machine. In these cases, a DFS component called DFS-Light can be used to enable desktop machines to directly access DFS servers. DFS-Light augments the DFS DCE-oriented architecture by providing secure, remote access to DFS servers from a desktop, LAN-oriented environment.

DFS and large-scale Web sites

DFS meets the security requirements of those organizations implementing Internet and intranet applications. In addition to security, DFS offers other important benefits to organizations building global, large-scale World Wide Web sites.

High-volume Web sites must be able to deliver enormous amounts of information to hundreds of thousand of users. DFS performance techniques, including client caching and replication, reduce the load on both server machines and the network. The result is faster and more reliable delivery of information, with less resources.


The need for Web-wide authentication, authorization control, and data integrity is growing faster than the Web itself. DFS, which is based on DCE, was designed from the ground up to delivery security to the World Wide Web. At the same time, DFS delivers other important features required by high-performance Web sites. As a proven technology, DFS can be combined immediately with the World Wide Web to deliver important business benefits to those companies gaining a competitive advantage through technology.