Strong confidentiality, integrity, user control, reliability and performance are critical requirements in privacy-sensitive applications. Such applications would benefit from a data storage and sharing infrastructure that provides these properties even in decentralized topologies with untrusted storage backends, but users today are forced to choose between systemic security properties and system reliability or performance. As an alternative to this status quo we present UPSS: the user-centric private sharing system, a cryptographic storage system that can be used as a conventional filesystem or as the foundation for security-sensitive applications such as redaction with integrity and private revision control. We demonstrate that both the security and performance properties of UPSS exceed that of existing cryptographic filesystems and that its performance is comparable to mature conventional filesystems - in some cases, even superior. Whether used directly via its Rust API or as a conventional filesystem, UPSS provides strong security and practical performance on untrusted storage.

中文翻译：

---

UPSS：以用户为中心的私有存储系统及其应用程序

强大的保密性、完整性、用户控制、可靠性和性能是隐私敏感应用程序的关键要求。此类应用程序将受益于数据存储和共享基础设施，即使在具有不可信存储后端的去中心化拓扑中也能提供这些属性，但当今用户被迫在系统安全属性和系统可靠性或性能之间进行选择。作为这种现状的替代方案，我们推出了 UPSS：以用户为中心的私有共享系统，这是一种加密存储系统，可以用作传统文件系统或作为安全敏感应用程序的基础，例如具有完整性和私有修订控制的编辑。我们证明了 UPSS 的安全性和性能特性都超过了现有的加密文件系统，并且其性能可与成熟的传统文件系统相媲美 - 在某些情况下甚至更出色。无论是直接通过 Rust API 使用还是作为传统文件系统使用，UPSS 都能在不受信任的存储上提供强大的安全性和实用性能。