Publication: Using Replication and Partitioning to Build Secure Distributed Systems
No Thumbnail Available
Date
Published Version
Journal Title
Journal ISSN
Volume Title
Publisher
IEEE Comput. Soc
The Harvard community has made this article openly available. Please share how this access benefits you.
Citation
Stephen Chong. Using Replication and Partitioning to Build Secure Distributed Systems. Proceedings of the 2003 IEEE Symposium on Security and Privacy, Berkeley, CA, USA, 11-14 May 2003, 236-250.
Research Data
Abstract
A challenging unsolved security problem is how to spec- ify and enforce system-wide security policies; this problem is even more acute in distributed systems with mutual dis- trust. This paper describes a way to enforce policies for data confidentiality and integrity in such an environment. Programs annotated with security specifications are stati- cally checked and then transformed by the compiler to run securely on a distributed system with untrusted hosts. The code and data of the computation are partitioned across the available hosts in accordance with the security speci- fication. The key contribution is automatic replication of code and data to increase assurance of integrity—without harming confidentiality, and without placing undue trust in any host. The compiler automatically generates secure run-time protocols for communication among the replicated code partitions. Results are given from a prototype imple- mentation applied to various distributed programs.
Description
Other Available Sources
Keywords
Terms of Use
This article is made available under the terms and conditions applicable to Open Access Policy Articles (OAP), as set forth at Terms of Service