Version control systems are widely used in software development and document management. Unfortunately, versioningconfidential files is not normally supported: Existing solutions encrypt the transport channel, but store data in plaintext within a repository. We come up with an accesscontrol solution that allows secure versioning of confidential files even in the presence of a malicious server administrator.Using convergent encryption as a building block, we enable space-efficient storage of version histories despite secure encryption. We describe an implementation of our conceptfor the Subversion (SVN) system, and evaluate storage efficiency and runtime of this implementation. Our implementation is compatible with existing SVN versions withoutrequiring changes to the storage backend.
Proceedings of the 18th ACM Symposium on Access Control Models and Technologies, SACMAT '13