Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network

  Advanced Search  

A Proof-Carrying File System Deepak Garg and Frank Pfenning

Summary: A Proof-Carrying File System
Deepak Garg and Frank Pfenning
June 6, 2009
School of Computer Science
Carnegie Mellon University
Pittsburgh, PA 15213
This paper presents the design and implementation of PCFS, a file system that uses
formal proofs and capabilities to efficiently enforce access policies expressed in a rich
logic. Salient features include backwards compatibility with existing programs and au-
tomatic enforcement of access rules that depend on both time and system state. We
rigorously prove that enforcement using capabilities is correct, and evaluate the file
system's performance.
This work was supported partially by the iCAST project sponsored by the National Science Council,
Taiwan, under grant no. NSC97-2745-P-001-001, and partially by the Air Force Research Laboratory
under grant no. FA87500720028.
Keywords: Access control, proof carrying authorization, file system
1 Introduction
There is a significant mismatch in the complexity of file access policies prevalent in


Source: Andrews, Peter B. - Department of Mathematical Sciences, Carnegie Mellon University
Carnegie Mellon University, School of Computer Science
Pfenning, Frank - School of Computer Science, Carnegie Mellon University


Collections: Computer Technologies and Information Sciences; Mathematics