PCFS: A Proof-Carrying File System Deepak Garg and Frank Pfenning Carnegie Mellon University July 09, 2009.

Slides:



Advertisements
Similar presentations
Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.
Advertisements

© 2014 Systems and Proposal Engineering Company. All Rights Reserved Using Natural Language Parsing (NLP) for Automated Requirements Quality Analysis Chris.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 3.1 Overview of Authentication.
Certified Typechecking in Foundational Certified Code Systems Susmit Sarkar Carnegie Mellon University.
Logical Attestation: An Authorization Architecture for Trustworthy Computing Emin Gün Sirer Willem de Bruijn †, Patrick Reynolds *, Alan Shieh ‡, Kevin.
Binder: A logic-based security language John DeTreville, Microsoft What has this to do with building secure software? I think we need many collaborating.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
A Logic of Secure Systems and its Application to Trusted Computing Anupam Datta, Jason Franklin, Deepak Garg, and Dilsun Kaynar Carnegie Mellon University.
A responsibility based model EDG CA Managers Meeting June 13, 2003.
Code-Carrying Proofs Aytekin Vargun Rensselaer Polytechnic Institute.
Malicious Logic What is malicious logic Types of malicious logic Defenses Computer Security: Art and Science © Matt Bishop.
Programming Trustworthy Provenance Andy Cirillo Radha Jagadeesan Corin Pitcher James Riely School of CTI, DePaul University, Chicago Workshop on Principles.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.
CSE331: Introduction to Networks and Security Lecture 28 Fall 2002.
Distributed System Security via Logical Frameworks Frank Pfenning Carnegie Mellon University Joint work with Lujo Bauer, Deepak Garg, and Mike Reiter.
1 Enforcing Confidentiality in Low-level Programs Andrew Myers Cornell University.
Programmability with Proof-Carrying Code George C. Necula University of California Berkeley Peter Lee Carnegie Mellon University.
1 Digital Signatures CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 12, 2004.
A Type System for Expressive Security Policies David Walker Cornell University.
Validity Management in SPKI 24 April 2002 (author) (presentation)
Mechanized Metatheory for User- Defined Type Extensions Dan Marino, Brian Chin, Todd Millstein UCLA Gang Tan Boston College Robert J. Simmons, David Walker.
Type-Based Distributed Access Control Tom Chothia, Dominic Duggan, and Jan Vitek Presented by Morgan Kleene.
1 The Problem o Fluid software cannot be trusted to behave as advertised unknown origin (must be assumed to be malicious) known origin (can be erroneous.
Extensible Code Verification Kun Gao (Senior EECS) with Professor George Necula, Evan Chang, Robert Schneck, Adam Chlipala An individual receives code.
1 Type-Directed Concurrency Deepak Garg, Frank Pfenning {dg+, Carnegie Mellon University.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Csci5233 Computer Security1 Bishop: Chapter 10 Key Management: Digital Signature.
Digital Object Architecture
Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.
U.S. Department of Agriculture eGovernment Program August 14, 2003 eAuthentication Agency Application Pre-Design Meeting eGovernment Program.
Containment and Integrity for Mobile Code Security policies as types Andrew Myers Fred Schneider Department of Computer Science Cornell University.
 In Karnataka, Digital Signatures are being extensively used in various projects right from delivery of citizen centric services through various projects.
Proof Carrying Code Zhiwei Lin. Outline Proof-Carrying Code The Design and Implementation of a Certifying Compiler A Proof – Carrying Code Architecture.
Trusted Platform Modules for Encrypted File System Access Control Steven Houston & Thomas Kho CS 252 May 9, 2007 Steven Houston & Thomas Kho CS 252 May.
Proposal for device identification PAR. Scope Unique per-device identifiers (DevID) Method or methods for authenticating that device is bound to that.
Secure Credential Manager Claes Nilsson - Sony Ericsson
Proof-Carrying Code & Proof-Carrying Authentication Stuart Pickard CSCI 297 June 2, 2005.
CMSC 414 Computer and Network Security Lecture 10 Jonathan Katz.
Security Issues in Distributed Heterogeneous Systems Somesh Jha Computer Sciences Department University of Wisconsin Madison, WI
Towards Automatic Verification of Safety Architectures Carsten Schürmann Carnegie Mellon University April 2000.
© Andrew IrelandDependable Systems Group On the Scalability of Proof Carrying Code for Software Certification Andrew Ireland School of Mathematical & Computer.
Lightweight Consistency Enforcement Schemes for Distributed Proofs with Hidden Subtrees Adam J. Lee, Kazuhiro Minami, and Marianne Winslett University.
Matej Bel University Cascaded signatures Ladislav Huraj Department of Computer Science Faculty of Natural Sciences Matthias Bel University Banska Bystrica.
Merkle trees Introduced by Ralph Merkle, 1979 An authentication scheme
Online Certificate Status Protocol ‘OCSP’ Dave Hirose July Outline: What is OCSP? Digital Signatures Certificate Revocation List Technical aspects.
Path Construction “It’s Easy!” Mark Davis. Current WP Scope u Applications that make use of public key certificates have to validate certificate paths.
Secure Compiler Seminar 4/11 Visions toward a Secure Compiler Toshihiro YOSHINO (D1, Yonezawa Lab.)
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
Non-interference in Constructive Authorization Logic Deepak Garg and Frank Pfenning Carnegie Mellon University.
Data Integrity Proofs in Cloud Storage Author: Sravan Kumar R and Ashutosh Saxena. Source: The Third International Conference on Communication Systems.
Policy Evaluation Testbed Vincent Hu Tom Karygiannis Steve Quirolgico NIST ITL PET Report May 4, 2010.
Introduction Program File Authorization Security Theorem Active Code Authorization Authorization Logic Implementation considerations Conclusion.
Key Management. Authentication Using Public-Key Cryptography  K A +, K B + : public keys Alice Bob K B + (A, R A ) 1 2 K A + (R A, R B,K A,B ) 3 K A,B.
1 AHM, 2–4 Sept 2003 e-Science Centre GRID Authorization Framework for CCLRC Data Portal Ananta Manandhar.
SAFE KERNEL EXTENSIONS WITHOUT RUN-TIME CHECKING George C. Necula Peter Lee Carnegie Mellon U.
11.1 CSE Department MAITSandeep Tayal 11: Protection Goals of Protection Domain of Protection Access Matrix Implementation of Access Matrix Revocation.
PAGE 1 A Firewall Control Protocol (FCON) draft-soliman-firewall-control-00 Hesham Soliman Greg Daley Suresh Krishnan
Newcastle uopn Tyne, September 2002 V. Ghini, G. Lodi, N. Mezzetti, F. Panzieri Department of Computer Science University of Bologna.
1 GDOI Changes to Update Draft draft-ietf-msec-gdoi-update-01 Sheela Rowles Brian Weis.
Role-based authentication framework for enterprise Vishal Kher Yongdae Kim Friday, November 19, 2004.
Protecting Information with Logic-based Access Control Deepak Garg Student Seminar Series May 01, 2009.
Decentralized Access Control: Overview Deepak Garg Foundations of Security and Privacy Fall 2009.
A Proof-Carrying File System Deepak Garg and Frank Pfenning (Carnegie Mellon University) IEEE Symposium on Security and Privacy May 18, 2010.
Decentralized Access Control: Policy Languages and Logics
Formal Methods: Model Checkers and Theorem Provers
Install DoD CA Certificate Instructions for Chrome
Install DoD CA Certificate Instructions for IE
CompTIA Security+ Study Guide (SY0-501)
Towards End-to-End Security Analysis of Networked Systems
Presentation transcript:

PCFS: A Proof-Carrying File System Deepak Garg and Frank Pfenning Carnegie Mellon University July 09, 2009

Goal and Method  Goal of PCFS: Rich access control for a file system  Expressiveness  Capture high-level intent directly  Motivation: Classified information – intelligence agencies  Dynamic (changing) policies  Access control lists do not suffice  Rigorous enforcement  Technical methods:  Proof-carrying authorization  Conditional cryptographic capabilities

PCFS: Workflow FILE-APIFILE-API File System Data Proof, certificate verifier (trusted) Procap (Capability) Proof search (untrusted) admin says may (...) admin says may (...) admin says may (...) admin says may (...) admin says may (...) admin says may (...) admin says may (...) admin says may (...) Alice yes Data no Error Procap Checker (trusted) OK? /Error admin says may (...) admin says may (...) admin says may (...) admin says may (...) Proof-carrying authorization [AF’99] Approx times faster than proof checking

Dynamic Policies  What if policies or credentials change after capability is issued?  Time-of-check-to-time-of-use attack  Capabilities conditional on parts of policies that can change  Some ways of policy change:  Expiration: “Allow access from 2008 to 2009”  State: “Allow access while protocol is in phase 2”  Revocation: A credential on which access depends is revoked  Consumption: “Allow access once”  Logic expresses time, state, consumption  Describe conditions for capabilities, and how they can be extracted from a logical proof  Prove that enforcement is correct with respect to proof-carrying authorization

Results  New logic (BL), proof-theory, meta-theory, capabilities  Implementation of file system (includes prover for BL)  Case study with classified information

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.