Concord is a file system security framework that creates a secure computing environment by placing partial trust on the entities that are involved. The trust in Concord depends upon the 'collective interaction' of the parially trusted entities. As mobile computing is being openly adopted, Data on mobile clients, such as Laptops, need to be secured in case of a compromise.

Concord allows disconnected and distributed modes allowing secure access when the clients are mobile. Following are the main points for motivation of Concord.

Motivation:

• Distributed and Disconnected environment: data is available at Server and Client.
• Data Servers can be insecure.
• Mobile Clients (Laptops) can be stolen.
• Disgruntled ex-employees can turn malicious.

There is a need to secure data access in a partially trusted environment.

---

Components of Concord:

Concord is a framework comprising of:
1. Trusted Key Server,
and partially trusted entities:
2. Data Server
3. Connected Enforcement Point
4. Disconnected Enforcement Point
5. Laptop

---

Figure: Concord Components - Data Server, Connected Enforcement Point (CEP), Disconnected Enforcement Point (DEP) and Client System are limited trusted systems and the key server is completely trusted. The collective interaction between CEP and Client System or between DEP and the Client System can provide keys to decrypt data.

---

OpenSource Efforts

For information about our open source efforts, please send an email to Gautam Singaraju at gsingara [at] uncc [dot] edu.