Summary: A Proof-Carrying File System
Deepak Garg
CyLab
Carnegie Mellon University
Pittsburgh PA, USA
dg@cs.cmu.edu
Frank Pfenning
Computer Science Department
Carnegie Mellon University
Pittsburgh PA, USA
fp@cs.cmu.edu
Abstract--We present the design and implementation of
PCFS, a file system that adapts proof-carrying authorization to
provide direct, rigorous, and efficient enforcement of dynamic
access policies. The keystones of PCFS are a new authorization
logic BL that supports policies whose consequences may change
with both time and system state, and a rigorous enforcement
mechanism that combines proof verification with conditional
capabilities. We prove that our enforcement using capabilities
is correct, and evaluate our design through performance

Source: Andrews, Peter B. - Department of Mathematical Sciences, Carnegie Mellon University

Collections: Mathematics