Distributed System Security via Logical Frameworks

نویسندگان

  • Lujo Bauer
  • Frank Pfenning
  • Michael K. Reiter
چکیده

We describe a project to advance security in distributed systems via the application of logical frameworks. At the heart of the effort lies an authorization logic which plays a triple role: (1) to specify an access-control policy as a logical theory, (2) to enforce the policy by mechanically verifying proofs in the logic, and (3) to reason about the policy by characterizing the space of all possible proofs. We are deploying a security infrastructure based on these ideas using mobile phones as a universal access-control device at Carnegie Mellon University. ACM subject classifiers: C.2.0 General—Security and protection; D.4.6 Security and Protection—Access controls; F.4.1 Mathematical Logic—Computational Logic; K.6.5 Security and Protection—Authentication

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Design and Implementation of a Distributed Database Inference Controller

We describe an approach for controlling certain unauthorized inferences in a multilevel secure distributed database management system. In such a system, two or more multilevel secure database management systems are connected via a trusted network. Furthermore, the environment that we have considered is a limited heterogeneous one where not all of the nodes handle the same accreditation ranges. ...

متن کامل

MOVIS: A system for visualizing distributed mobile object environments

This paper presents MOVIS – a system for visualizing mobile object frameworks. In such frameworks, the objects can migrate to remote hosts, along with their state and behavior, while the application is running. An innovative graph–based visualization is used to depict the physical and the logical connections in the distributed object network. Scalability is achieved by using a focus+context tec...

متن کامل

Bracing Heterogeneous Distributed Systems via Built-in Frameworks

This paper introduces a novel architecture of distributed systems—called framed distributed system, or FDS—that braces a given system via a built-in virtual framework that controls the flow of messages between system components, and between them and their environment—while being oblivious of the code of the communicating components. This control is carried out in a decentralized, and thus scala...

متن کامل

Bracing Heterogeneous Distribted Systems via Built-in Frameworks

This paper introduces a novel architecture of distributed systems—called framed distributed system, or FDS—that braces a given system via a built-in virtual framework that controls the flow of messages between system components, and between them and their environment—while being oblivious of the code of the communicating components. This control is carried out in a decentralized, and thus scala...

متن کامل

Towards Self-Organizing Distributed Computing Frameworks: The H2O Approach

A novel component-based, service-oriented framework for distributed metacomputing is described. Adopting a provider-centric view of resource sharing, this framework emphasizes lightweight software infrastructures that maintain minimal state, and interface to current and emerging distributed computing standards. In this model, resource owners host a software backplane onto which owners, clients,...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2004