|
eCommons@Cornell >
College of Engineering >
Computer Science >
Computer Science Technical Reports >
Please use this identifier to cite or link to this item:
http://hdl.handle.net/1813/5833
| Title: | Secure Program Partitioning |
| Authors: | Zdancewic, Steve
Zheng, Lantian
Nystrom, Nathaniel
Myers, Andrew |
| Keywords: | computer science
technical report |
| Issue Date: | 18-Oct-2001 |
| Publisher: | Cornell University |
| Citation: | http://techreports.library.cornell.edu:8081/Dienst/UI/1.0/Display/cul.cs/TR2001-1846 |
| Abstract: | This paper presents secure program partitioning, a language-based technique for protecting confidential data during computation in distributed systems containing mutually untrusted hosts. Confidentiality and integrity policies can be expressed by annotating programs with security types that constrain information flow; these programs can then be partitioned automatically to run securely on heterogeneously trusted hosts. The resulting communicating subprograms collectively implement the original program, yet the system as a whole satisfies the security requirements of participating principals without requiring a universally trusted host machine. The experience in applying this methodology and the performance of the resulting distributed code suggest that this is a promising way to obtain secure distributed computation. This Technical Report is an expanded version of the published paper ``Untrusted Hosts and Confidentiality: Secure Program Partitioning.'' The main difference between the two is Appendix A, which contains a correctness proof for the control-transfer protocols described in Section 5. |
| URI: | http://hdl.handle.net/1813/5833 |
| Appears in Collections: | Computer Science Technical Reports
|
Items in eCommons are protected by copyright, with all rights reserved, unless otherwise indicated.
|
