• DocumentCode
    2166747
  • Title

    Pesto flavored security

  • Author

    Dillema, Feike W. ; Stabell-Kulø, Tage

  • Author_Institution
    Dept. of Comput. Sci., Univ. of Tromso, Norway
  • fYear
    2003
  • fDate
    6-18 Oct. 2003
  • Firstpage
    241
  • Lastpage
    249
  • Abstract
    We demonstrate that symmetric-key cryptography can be used for both read and write access control. One-time write access can be granted by handing over an encryption key, and our encryption framework allows the revocation of previously granted rights. The number of keys to be managed explicitly grows linearly with the number of access control policies a user defines, making security manageable. The framework is used in the Pesto distributed storage system. In Pesto, policies can be stored the same as other data and the same mechanism can be used to control access to them. Delegation of authority over policies concerning different tasks can then be performed. Separating the different tasks of the system, allows for different tasks to be assigned to different sets of nodes. Nodes need then only be trusted with respect to the specific task(s) they have been assigned with.
  • Keywords
    authorisation; distributed processing; message authentication; public key cryptography; storage management; Pesto distributed storage system; Pesto flavored security; encryption framework; encryption key; read access control; symmetric-key cryptography; write access control; Access control; Authentication; Authorization; Availability; Computer science; Contracts; Cryptography; Data security; Safety; Secure storage;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Reliable Distributed Systems, 2003. Proceedings. 22nd International Symposium on
  • ISSN
    1060-9857
  • Print_ISBN
    0-7695-1955-5
  • Type

    conf

  • DOI
    10.1109/RELDIS.2003.1238074
  • Filename
    1238074
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2166747