Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network

  Advanced Search  

Formal Analysis of Dynamic, Distributed File-System Access Controls

Summary: Formal Analysis of
Dynamic, Distributed File-System Access Controls
Avik Chaudhuri1
and Mart´in Abadi1,2
Computer Science Department, University of California, Santa Cruz
Microsoft Research, Silicon Valley
Abstract. We model networked storage systems with distributed, cryptographi-
cally enforced file-access control in an applied pi calculus. The calculus contains
cryptographic primitives and supports file-system constructs, including access re-
vocation. We establish that the networked storage systems implement simpler,
centralized storage specifications with local access-control checks. More specif-
ically, we prove that the former systems preserve safety properties of the latter
systems. Focusing on security, we then derive strong secrecy and integrity guar-
antees for the networked storage systems.
1 Introduction
Storage systems are typically governed by access-control policies, and the security
of those systems depends on the sound enforcement of the necessary access-control
checks. Unfortunately, both the policies and their enforcement can be surprisingly prob-


Source: Abadi, Martín - Department of Computer Science, University of California at Santa Cruz


Collections: Computer Technologies and Information Sciences