• DocumentCode
    2946380
  • Title

    A Proof-Carrying File System

  • Author

    Garg, Deepak ; Pfenning, Frank

  • Author_Institution
    CyLab, Carnegie Mellon Univ., Pittsburgh, PA, USA
  • fYear
    2010
  • fDate
    16-19 May 2010
  • Firstpage
    349
  • Lastpage
    364
  • Abstract
    We present the design and implementation of PCFS, a file system that adapts proof-carrying authorization to provide direct, rigorous, and efficient enforcement of dynamic access policies. The keystones of PCFS are a new authorization logic BL that supports policies whose consequences may change with both time and system state, and a rigorous enforcement mechanism that combines proof verification with conditional capabilities. We prove that our enforcement using capabilities is correct, and evaluate our design through performance measurements and a case study.
  • Keywords
    Access control; Authorization; Computer security; Control systems; Delay; File systems; Logic design; Monitoring; Principal component analysis; Throughput; Access control; file system; logic; proof-carrying authorization;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security and Privacy (SP), 2010 IEEE Symposium on
  • Conference_Location
    Oakland, CA, USA
  • ISSN
    1081-6011
  • Print_ISBN
    978-1-4244-6894-2
  • Electronic_ISBN
    1081-6011
  • Type

    conf

  • DOI
    10.1109/SP.2010.28
  • Filename
    5504798
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2946380