Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network

  Advanced Search  

A Proof-Carrying File System Deepak Garg and Frank Pfenning

Summary: A Proof-Carrying File System
Deepak Garg and Frank Pfenning
June 6, 2009
School of Computer Science
Carnegie Mellon University
Pittsburgh, PA 15213
This paper presents the design and implementation of PCFS, a file system that uses formal
proofs and capabilities to efficiently enforce access policies expressed in a rich logic. Salient
features include backwards compatibility with existing programs and automatic enforcement
of access rules that depend on both time and system state. We rigorously prove that
enforcement using capabilities is correct, and evaluate the file system's performance.
This work was supported partially by the iCAST project sponsored by the National Science Council,
Taiwan, under grant no. NSC97-2745-P-001-001, and partially by the Air Force Research Laboratory under
grant no. FA87500720028.
Keywords: Access control, proof carrying authorization, file system
1 Introduction
There is a significant mismatch in the complexity of file access policies prevalent in large
organizations like intelligence and military establishments, and the sophistication of mech-


Source: Andrews, Peter B. - Department of Mathematical Sciences, Carnegie Mellon University


Collections: Mathematics